Administrative policies such as Acceptable Use Policies, Privacy Policies, and User Awareness Training can assist an organization in promoting a security-conscious environment.
Understand how any network threats you come across can affect the confidentiality, integrity, and/or availability of your network data and resources in order to better defend against them.
Internal network attacks can often be more damaging than external hack attacks, since internal users already have valid logon credentials and physical access to network resources.
Use Risk Analysis to prioritize the relative importance of data on your network so that you will be able to secure data with different security requirements effectively and efficiently .
Most (if not all) attacks will take one of the following forms when attempting to breach your network: spoofing, tampering, repudiation , information disclosure, denial-of-service, and elevation of privilege.
Use auditing to create a baseline of network performance so that you will recognize anomalies that indicate an attack is taking place.
When designing security, keep in mind security constraints imposed by the use of down-level operating systems like Windows NT4. This can affect your choice of LAN and VPN protocols, since Windows NT4 does not support Kerberos, or the use of IPSec for LAN-based encryption.
Windows Server 2003 can serve as a KDC for non-Microsoft Kerberos clients, and Microsoft clients can also authenticate against an MIT Kerberos KDC using utilities contained in the Windows Server 2003 Support Tools.
Zone transfers and resource record updates with UNIX or other third-party DNS servers need to be secured against malicious activities. Consult the BIND or other DNS servers documentation for information on how to secure the transfer of non-Microsoft DNS information.