Introduction | MCSE 70-293 Exam Prep: Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (2nd Edition)

As you may realize, networks today keep growing and intermingling with other networks. This growth presents a challenge for Microsoft Certified Systems Engineers in that it increases network exposure to users and other individuals who seek to penetrate its defenses and gain entry. What makes it possible for all these networks to be vulnerable to attack? They share a common protocol.

The common protocol used in the exchange of data is Transmission Control Protocol/Internet Protocol (TCP/IP), as discussed in previous chapters of this book. Data sent via TCP/IP is broken up and sent over various routes to the final destination. Because of the design of TCP/IP, data can be intercepted easily without the sender or the receiver knowing that the data may have been intercepted. Certainly, as data passes through networks around the globe, it is susceptible to interception or forgery, and users are often the recipients of data whose content may jeopardize their own data.

We need a way to protect our outgoing data and ensure that our incoming data has not been compromised. We also need a way to verify that people and machines we may communicate with are who they say they are. Enter the digital certificate . This chapter introduces the fundamentals of certificates and then discusses installing and configuring CA Services.

Maintaining a secure network is not a one-step or one-day event; it is a daily, ongoing event that requires you to not only implement an initial solution but also to monitor it and massage it over time to ensure that new threats and required changes are being taken into account. Too many times in the past, administrators have tried to treat server and network security as a "set it and forget it" type of thing, but that's just not possible today. To help Windows Server 2003 administrators keep their computers and networks secure, Microsoft has provided a relatively pain-free method of identifying and installing required updates and security fixes through use of the Microsoft Baseline Security Analyzer ( MBSA ) and Software Update Services ( SUS ) .

Of course, as you might have guessed, at the heart of all your security plans must lie a solid plan to not only implement and control security, but also to monitor and manage it. Planning is key in network administration, and Windows Server 2003 networks are no different.