Almost every server runs services that offer access to organizational data and resources, software applications and any other elements of the server that are core towards the functionality of the network. This implies that it is important to protect these services because they offer potential vulnerability to the hacker (Kelbely & Sterling 123). In most case, when a network service has been attacked, there is a possibility of access to the network. In addition, there is a probability of sabotaging the service, which may result to huge loss to the organizations. The Windows Server 2008 has incorporated major control services that can help in eliminating the security concerns of the People’s Bank and Trust.
The Windows Server 2008 comes with Network Access Protection (NAP), which ensures that a workstation PC connected to the network have to meet the minimum network requirements that are computer defined as stated in the security policy of the organization by the network administrator (Marty 234). An example of such an instance is that a workstation is required to update the security and other critical patches before being guaranteed access to the server. Failure to do so means that the workstation can be quarantined or its access to the server is denied until it meets the minimum-security requirements (Minasi & Daril 145).
The Bank should change its password policies to more stringent measures, such as, limiting the number of trials, setting minimum password length, and the use of double authentication policies in its network security policies and strategies (Kelbely and Sterling 67).
A tool that will help in the realization of the above recommendation is the Microsoft Group Policy Resource Kit and the Active Directory service, which can be integrated in both the Server 2008 and the Windows Vista workstations. With these tools, the network administrator of the Bank can make use of policy-based management in order to ensure that there is effective administration of the user accounts and the workstation computers that run on Windows XP professional and Vista. This resource offers technical information regarding to the simplification and automation of the various administrative tasks. In addition, the resource kit offers system updates and provides a framework for the centralization of network resource management. (Layfield and Mueller 89)
Case 2: Using Windows Server 2008 Auditing
Windows server 2008 has various auditing enhancements, which are mainly used for increasing the levels of details during security auditing logs, and provides a framework for simplification and the use and management of the various auditing policies set forth by the company. The enhancements incorporated in Windows Server 2008 include (Ruest & Ruest 65):
- Global Object Access Auditing: This allows network administrators to set Computer wide System Access Control Lists (SACLs) for the file system and the registry. This is important in ensuring protection of all the critical files and folders, and the settings of the registry (Ruest & Ruest 66).
- “Reason for access” reporting: this offers the required privileges that can be used for evaluating the decision on whether to allow or deny access to a particular resource object. This is important in providing documentation for permissions, which is core in preventing the occurrence of a specific auditable event (Ruest & Ruest 66).
- Advanced Audit policy settings: this can be used to specify the target activities to be audited and so away with any other activities that do not require auditing. In short, it makes the auditing process easy to manage and decode.
In Windows Server 2008, there are 53 auditable events, implying that it offers a framework for selecting the number and the types of events to audit. A specific characteristic of the server 2008 is that all auditing events are integrated with the Group policy resource (The Microsoft Windows Server Team 345). This facilitates the configuration, deployment and management of these settings under the Group Policy Management Console (GPMC). Alternatively, this can be done under Local security Policy or the Organizational Unit (OU). The basic principle is that Windows server makes it easy to track network activities. Audit enhancements found in Windows Server 2008 can be used for linking the rules of the bank and the various audit policies (The Microsoft Windows Server Team 124). In the case of the People’s Trust and Bank, using audit policy settings on the OU will facilitate the documentation of compliance with the organizational rules, for instance, tracking the access of files by the employees, confirmation of the accurate SACL used in accessing the files, folders and registry keys, and tracking all the group administrator policies (Tittel & Korelc 78).
Case 3: managing client computers
Management of the client computers is an important aspect of network security and ensuring employee productivity at the Bank. Server 2008 has various utilities that can be configured in order to manage client computers, restrict access to specific file, and control operations among the client workstations (Tittel & Korelc 145). Limiting such rights implies that the client computers should be configured not to run as administrators during log on. In any case, the administrator account should be password protected in the network server, after which the accounts that do not have administrator properties should be configured not to have the rights to use the applications that they are not required to use. This can be achieved using the Remote Access Policy in Server 2008, which a set of rules used for defining authorization or rejection of connections (The Microsoft Windows Server Team 123). For each of the rules under the policy, there are profile settings and remote access permission settings. Additionally, access restriction of the client administrator can be done using the group policy. This is done by creating a group policy settings folder, then running the command MMC file via the Run utility, after which one can add-remove snap-in and then add the group policy. Then go to users, then admin temp in the control panel and disable access by double clicking on “prohibit access”. Every other settings, applications and files that are to be restricted are specified under the group policy settings.
Case 4: Solving a Problem with Security Updates
Client security in Windows server 2008 is achieved by using the Forefront Client security, which is used for providing unified virus protection for the client and the server. Forefront Client security features include real-time protection that has been integrated with the Windows Filter Manager, antivirus engine and advanced protection mechanism that bases on behavior analysis and tunneling signatures for virus detection and removal. In addition, the Forefront client security is compatible with the Network Access Protection service of Server 2008, meaning that any client computers that attempt to gain access to the network are crosschecked for security requirements for authorization or rejection. In many case, if the client computer security patches are not updated, they are not allowed to access the server. The Forefront client security feature solves this problem since it automatically searches and downloads the update patches in order to facilitate access to the server, thereby increasing overall security of the network (The Microsoft Windows Server Team 67).
Use the order calculator below and get started! Contact our live support team for any assistance or inquiry.[order_calculator]