Microsoft KB Archive/829031

= Microsoft Solutions Guide for Securing Microsoft Windows 2000 Server =

Article ID: 829031

Article Last Modified on 1/20/2005

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Datacenter Server

-



SUMMARY
This article contains information about the Microsoft Solutions guide Securing Microsoft Windows 2000 Server. This guide reinforces the Microsoft Trustworthy Computing initiative through structured guidance to help you understand and implement the processes and decisions that you must make to create and to maintain a secure environment. This prescriptive solution is intended to help you reduce security vulnerabilities and lower the costs of exposure and security management in the Microsoft Windows 2000 environment.

This guide gives full life cycle advice about how to secure your Windows 2000 Server environment. It includes advice about how to do risk assessment and analysis, how to secure specific critical Windows 2000 server roles, and how to operate a secure environment after the initial lockdown phases are completed.



MORE INFORMATION
The Securing Microsoft Windows 2000 Server guide is made up of 11 chapters, plus a Test Guide, a Delivery Guide, and a Support Plan. Each of these guides includes applicable job aids, script files, and test cases. The 11 chapters of the Securing Microsoft Windows 2000 Server guide are the following:
 * Chapter 1 - Introduction to Securing Windows 2000 Server

This introductory chapter gives you a brief overview of the whole Securing Microsoft Windows 2000 Server guide.
 * Chapter 2 - Defining the Security Landscape

This chapter defines the components of security risk management. You must understand these components to perform a security analysis of your organization. This chapter gives you general guidance about how to perform a preliminary asset analysis of your organization. It also discusses how threats, exposures, vulnerabilities, and counter measures relate to each other.
 * Chapter 3 - Understanding the Security Risk Management Discipline

This chapter discusses proven practices from current security analysis methodologies that use Microsoft Solutions Framework (MSF) and Microsoft Operations Framework (MOF). It includes a detailed definition of the Security Risk Management Discipline (SRMD).
 * Chapter 4 - Applying the Security Risk Management Discipline

This chapter uses the SRMD to determine the threats and the vulnerabilities that have the greatest potential impact on a particular organization. It uses a fictitious company that has issues that are common to many businesses today to describe the steps that you can take to assess real-world vulnerabilities and to make decisions about how to implement Windows 2000 Servers. The conclusion of this chapter defines, describes, and analyzes the specific risks that this chapter discusses.
 * Chapter 5 - Securing the Domain Infrastructure

This chapter discusses how to determine the criteria to base decisions on that affect the organization at a domain level. This chapter gives a high-level overview of the Microsoft Active Directory service design, the organizational unit (OU) design, and domain policy. This chapter also discusses specific domain policies that are implemented in the fictional customer scenario that this guide uses.
 * Chapter 6 - Hardening the Base Windows 2000 Server

This chapter explains the base settings that are applied to the member servers in the fictional customer scenario that this guide uses. For example, Group Policy is used to apply as many changes as are possible to the default Windows 2000 Server configuration. For the member servers in the fictional customer scenario, the Group Policy settings that are described are stored in the security template, MSS Baseline.inf. To apply the settings, this template is imported into the Member Server Baseline Policy group policy. This group policy is linked to the Member Server OU.
 * Chapter 7 - Hardening Specific Server Roles

The domain controllers, the file servers, the network infrastructure servers, and the Web servers in any organization require different settings to maximize their security. This chapter describes the steps that you can take to make the domain controllers and the other primary member server roles as secure as possible.
 * Chapter 8 - Patch Management

This chapter discusses best practices to keep your environment up-to-date by applying all the necessary security patches, by finding out about new patches in a timely manner, by implementing these patches quickly and reliably, and by monitoring to verify consistent patch deployment.
 * Chapter 9 - Auditing and Intrusion Detection

This chapter discusses how to audit an environment to provide the best chance of noticing attacks. This chapter also discusses intrusion detection systems. These systems are applications that are designed specifically to detect behavior that indicates that an attack is occurring.
 * Chapter 10 - Responding to Incidents

This chapter discusses best practices to respond to different types of attacks. This chapter also includes the steps that you can take to effectively report incidents. It also includes a case study to describe a typical response to an incident.
 * Chapter 11 - Conclusion

This chapter gives you a brief review of the whole Securing Microsoft Windows 2000 Server guide.

