Securing Windows Server 2008

Microsoft hails the latest version of its flagship server operating system, Windows Server 2008, as "the most secure Windows Server ever". However, to fully achieve this lofty status, system administrators and security professionals must install, configure, monitor, log, and troubleshoot a dizzying array of new features and tools designed to keep the bad guys out and maintain the integrity of their network servers. This is no small task considering the market saturation of Windows Server and the rate at which it is attacked by malicious hackers. According to IDC, Windows Server runs 38% of all network servers. This market prominence also places Windows Server at the top of the SANS top 20 Security Attach Targets. The first five attack targets listed in the SANS top 20 for operating systems are related to Windows Server. This doesn't mean that Windows is inherently less secure than other operating systems; it's simply a numbers game. More machines running Windows Server. More targets for attackers to hack. As a result of being at the top of the "most used" and "most hacked" lists, Microsoft has released a truly powerful suite of security tools for system administrators to deploy with Windows Server 2008. This book is the comprehensive guide needed by system administrators and security professionals to master seemingly overwhelming arsenal of new security tools including: 1. Network Access Protection, which gives administrators the power to isolate computers that don't comply with established security policies. The ability to enforce security requirements is a powerful means of protecting the network. 2. Enhanced solutions for intelligent rules and policies creation to increase control and protection over networking functions, allowing administrators to have a policy-driven network. 3. Protection of data to ensure it can only be accessed by users with the correct security context, and to make it available when hardware failures occur. 4. Protection against malicious software with User Account Control with a new authentication architecture. 5. Increased control over your user settings with Expanded Group Policy. ...to name just a handful of the new security features. In short, Windows Server 2008 contains by far the most powerful and complex suite of security tools ever released in a Microsoft Server product. Securing Windows Server 2008 provides system administrators and security professionals with the knowledge they need to harness this power. * Describes new technologies and features in Windows Server 2008, such as improvements to networking and remote access features, centralized server role management, and an improved file system. * Outlines steps for installing only the necessary components and subsystems of Windows Server 2008 in your environment. No GUI needed. * Describes Windows Server 2008?s security innovations, such as Network Access Protection, Federated Rights Management, and Read-Only Domain Controller * Includes coverage of monitoring, securing, and troubleshooting Windows Server 2008 * Covers Microsoft's Hyper-V virtualization technology, which is offered as an add-on to four of the eight versions of Windows Server 2008 and as a stand-alone product

Microsoft hails the latest version of its flagship server operating system, Windows Server 2008, as "the most secure Windows Server ever". However, to fully achieve this lofty status, system administrators and security professionals must install, configure, monitor, log, and troubleshoot a dizzying array of new features and tools designed to keep the bad guys out and maintain the integrity of their network servers. This is no small task considering the market saturation of Windows Server and the rate at which it is attacked by malicious hackers. According to IDC, Windows Server runs 38% of all network servers. This market prominence also places Windows Server at the top of the SANS top 20 Security Attach Targets. The first five attack targets listed in the SANS top 20 for operating systems are related to Windows Server. This doesn't mean that Windows is inherently less secure than other operating systems; it's simply a numbers game. More machines running Windows Server. More targets for attackers to hack. As a result of being at the top of the "most used" and "most hacked" lists, Microsoft has released a truly powerful suite of security tools for system administrators to deploy with Windows Server 2008. This book is the comprehensive guide needed by system administrators and security professionals to master seemingly overwhelming arsenal of new security tools including: 1. Network Access Protection, which gives administrators the power to isolate computers that don't comply with established security policies. The ability to enforce security requirements is a powerful means of protecting the network. 2. Enhanced solutions for intelligent rules and policies creation to increase control and protection over networking functions, allowing administrators to have a policy-driven network. 3. Protection of data to ensure it can only be accessed by users with the correct security context, and to make it available when hardware failures occur. 4. Protection against malicious software with User Account Control with a new authentication architecture. 5. Increased control over your user settings with Expanded Group Policy. ... to name just a handful of the new security features. In short, Windows Server 2008 contains by far the most powerful and complex suite of security tools ever released in a Microsoft Server product. Securing Windows Server 2008 provides system administrators and security professionals with the knowledge they need to harness this power. ...

Get in-depth guidance for designing and implementing certificate-based security solutions—straight from PKI expert Brian Komar. No need to buy or outsource costly PKI services when you can use the robust PKI and certificate-based security services already built into Windows Server 2008! This in-depth reference teaches you how to design and implement even the most demanding certificate-based security solutions for wireless networking, smart card authentication, VPNs, secure email, Web SSL, EFS, and code-signing applications using Windows Server PKI and certificate services. A principal PKI consultant to Microsoft, Brian shows you how to incorporate best practices, avoid common design and implementation mistakes, help minimize risk, and optimize security administration.

Microsoft Windows Server 2008 R2: The Administrators Essential Reference introduces the Windows Server 2008 R2, which is Microsofts flagship server operating systems latest release. The book explores its features; describes differences between the available editions; and discusses its deployment. After introducing Windows Server 2008 R2, the book explains its installation and configuration processes followed by its networking. It also examines different features, such as the active directory, internet information services 7.5, Hyper-V, and PowerShell V2. It discusses securing Windows Server 2008 R2 files and its print services, remote desktop services, high-availability and recovery features, and monitoring and troubleshooting; in addition, their delta changes are discussed in the final chapter. The book also explores the features that influence both Windows Server 2008 R2 and Windows 7. These features allow the server operating system to work with Windows 7. One feature is the BranchCache, which offers users who open files across a Wide Area Network a better end-user experience by caching copy in the branch office when a document or intranet Web site is opened for the first time. Another feature is DirectAccess, which is the new remote connectivity solution for Windows networks. Features information on how to plan, deploy, and administrate Windows Server 2008 R2 using best practice guidance Provides in-depth coverage of Hyper-V, DirectAccess, Remote Desktop Services, Active Directory, and BranchCache Includes Delta Changes to allow experienced administrators to quickly gain insight to changes between Windows Server 2008 and Windows Server 2008 R2

This practical guide has exactly what you need to work with Windows Server 2008. Inside, you'll find step-by-step procedures for using all of the major components, along with discussions on complex concepts such as Active Directory replication, DFS namespaces and replication, network access protection, the Server Core edition, Windows PowerShell, server clustering, and more. All of this with a more compact presentation and a tighter focus on tasks than you'll find in bulkier references. Windows Server 2008: The Definitive Guide takes a refreshing approach. You won't find the history of Windows NT, or discussions on the way things used to work. Instead, you get only the information you need to use this server. If you're a beginning or intermediate system administrator, you learn how the system works, and how to administer machines running it. The expert administrators among you discover new concepts and components outside of your realm of expertise. Simply put, this is the most thorough reference available for Windows Server 2008, with complete guides to: Installing the server in a variety of different environments File services and the Windows permission structure How the domain name system (DNS) works Active Directory, including its logical and physical structure, hierarchical components, scalability, and replication Group Policy's structure and operation Managing security policy with predefined templates and customized policy plans Architectural improvements, new features, and daily administration of IIS 7 Terminal Services from both the administrator's user's point of view Networking architecture including DNS, DHCP, VPN, RADIUS server, IAS, and IPSec Windows clustering services --- applications, grouping machines, capacity and network planning, user account management Windows PowerShell scripting and command-line technology With Windows Server 2008: The Definitive Guide, you to come away with a firm understanding of what's happening under the hood, but without the sense that you're taking a graduate course in OS theory. If you intend to work with this server, this is the only book you need.

Best Damn Windows Server 2008 Book Period, Second Edition is completely revised and updated to Windows Server 2008. This book will show you how to increase the reliability and flexibility of your server infrastructure with built-in Web and virtualization technologies; have more control over your servers and web sites using new tools like IIS7, Windows Server Manager, and Windows PowerShell; and secure your network with Network Access Protection and the Read-Only Domain Controller. Web server management with Internet Information Services 7.0 Virtualize multiple operating systems on a single server Hardening Security, including Network Access Protection, Federated Rights Management, and Read-Only Domain Controller

This version of the Server Bible will be the largest yet, catering to what is certainly the most advanced operating system introduced by Microsoft. The book will cater to the needs of the server administration community and will be designed to be a critical reference. The book will extensively cover the most notable new feature of Windows Server known as the "Server Core." Server Core is a significantly scaled-back installation where no graphical shell (explorer.exe) is installed, and all configuration and maintenance is done entirely through the command-line windows, or by connecting to the machine remotely using Microsoft Management Console. Server Core will also not include the .NET Framework, Internet Explorer or many other features not related to core server features. A Server Core machine can be configured for four basic roles: Domain controller, DNS Server, DHCP Server, and file server. Chapters on setup and installation will also cover the new componentized operating system Image-based setup and deployment tools, using WIM. In addition to the already extensive Active Directory support this book will now fully cover the "Read-Only Domain Controller" operation mode in Active Directory, intended for use in branch office scenarios where a domain controller may reside in a low physical security environment, was introduced in Windows Server 2003 R2 and will be extended in the 2008 version. Chapters covering policy-based networking, branch management and enhanced end user collaboration will be extended. Windows Server 2008 will also ship Internet Information Services 7 and the current chapters on IIS will thus be extended. Coverage of Windows SharePoint Services 3.0 will also be introduced into this part of the book. We will also include coverage of the improved hot patching technology, which is a feature that allows non-kernel patches to occur without the need for a reboot. A significantly upgraded Terminal Services component, supporting RDP 6.0. will be covered in the chapter on terminal services. The most notable improvement is the ability to share a single application over a Remote Desktop connection, instead of the entire desktop. This will be added to an already extended chapter on this remote access technology. In addition to these new features the book will also carry over existing features brought over from (SP1/R2) of Server 2003. These include covering of new security features of the operating system, Group Policy management, change control and service level, and administration practices.