1 / 26

Windows Security On a Network

Windows Security On a Network. Overview. Microsoft Windows XP Pro (SP2) Microsoft Windows Server 2003 User accounts and groups File sharing and file permissions Password/Lockout Policy Group Policy Security Policy Administrative Templates. Many security layers.

yon
Télécharger la présentation

Windows Security On a Network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Security On a Network

  2. Overview • Microsoft Windows XP Pro (SP2) • Microsoft Windows Server 2003 • User accounts and groups • File sharing and file permissions • Password/Lockout Policy • Group Policy • Security Policy • Administrative Templates

  3. Many security layers • Keep in mind that when it comes to securing a network, there are many security layers and many different types of security that may be enforced.

  4. Active Directory • Active Directory (AD) is a component of Microsoft Server 2003. • AD technology is based on standard Internet protocols. • Uses the Domain Name System (DNS). DNS is a standard Internet service that organizes groups of computers into domains.

  5. Active Directory • Provides centralized authentication and authorization services for Windows based computers. • Allows administrators to assign policies, deploy software, and apply updates to an entire network.

  6. Active Directory

  7. Microsoft Server 2003 • File Server • Print Server • Application Server • Domain Controller • Mail Server • Terminal Server • VPN Server • DHCP Server Server 2003 can be used as a server for a number of different things. Along with the examples we mentioned in class, a server can also be used for the above tasks. A server can do many things, they are not limited to the items on this screen.

  8. Windows Networking without a Server • Managing a network without a Domain Controller can be difficult. • Keeping the network secure is even more difficult. • Usually a peer-to-peer network. • Vulnerable to viruses and being hacked.

  9. Windows Networking without a Server • Keep your computer up to date by running Windows Updates. • Security Patches

  10. Windows Networking without a Server • Use Anti-Virus software to protect against Trojans, Worms, and other malicious software.

  11. Windows Networking without a Server • Enable Windows Firewall • Only allow exceptions for the services that are absolutely necessary for the network.

  12. Windows Networking without a Server • The use of user accounts will help protect hackers from gaining access to your peer-to-peer network. • Strong passwords • Non-administrator account

  13. Windows Networking without a Server • Automatic Updates • Virus Protection • Firewall • Users accounts • Disable Windows Services Not as secure as a Server-based network!!

  14. Windows Networking with a Server • Allows better control of user accounts and user groups. (AD) • Allows updates to be forced to computers. (AD) • More secure and organized file/print sharing. • Allows strong security policies. • Policies can be forced to computers.

  15. Windows Networking with a ServerUser Accounts • Enables better security and better user account control. • Roaming Profiles • Remote Access • Dial-in Access • Logon Hours • Ability to disable accounts • Groups

  16. Windows Networking with a ServerFile Permissions • Server 2003 allows an administrator to assign file permissions to files, folders, and printers shared across the network. • Permissions can be set for a specific user, or a group of users. • NTFS permissions can be set with a Graphical User Interface or the command line.

  17. Windows Networking with a ServerFile Permissions Share Permissions NTFS Permissions

  18. Windows Networking with a ServerPassword Policy • Server 2003 allows an administrator to set a password policy for all users to abide by. • Password History • Password Age • Password Length • Complexity Requirements

  19. Windows Networking with a ServerPassword Policy

  20. Windows Networking with a ServerAccount Lockout Policy • Server 2003 allows an administrator to set an account lockout policy.

  21. Windows Networking with a ServerGroup Policy • Allows an administrator to enforce various policies to the entire network, domain or specific Organization Unit (OU).

  22. Windows Networking with a ServerGroup Policy: Security Policy • Restrict access to the CD-ROM and Floppy Drive • Disconnect users when logon hours expire • Let “everyone” permissions apply to anonymous • Access the registry remotely • Access shares anonymously

  23. Windows Networking with a ServerGroup Policy: Administrative Templates • Remove icons from the desktop (i.e. My Computer, Network Places, etc.) • Allow/Deny access to the Control Panel • Restrict display settings (i.e. force background, no screensaver) • Remove items from the Ctrl + Alt + Del menu (i.e. Task Manager, Lock Computer, Change Password)

  24. Windows Networking with a ServerGroup Policy

  25. Windows Networking with a Server • User Accounts • Password Policy • Group Policy • Security Policy • Administrative Templates • File Permissions • Account Lockout Policy These are just some of the security features that Microsoft Windows has to offer to a Server-Based network!

  26. Anthony J. Arduini Management Information Systems October 2007

More Related