1st Edition
Securing Windows NT/2000 From Policies to Firewalls
In today's business environment it is no longer safe to conduct any business on the Internet without first protecting it. Small, medium, and large corporations require a massive dose of security to protect themselves and their digital assets from unwanted intruders. A managerial guide and practical technical tutorial, Securing Windows NT/2000: From Policies to Firewalls provides viable security solutions for your organization.
The author presents in-depth knowledge on how, why, and where these operating systems must be tuned in order to use them securely to connect to the Internet. The book includes the steps required to define a corporate security policy, how to implement that policy, and how to structure the project plan. Tables, charts, and work templates provide a starting point to begin assessing and implementing a solution that will fit the unique needs of your organization. Part two provides the reader with practical hands-on applications for the preparation, installation, and tuning of Windows NT/2000 operating systems.
Securing Windows NT/2000 provides step-by-step instructions that guide you through performing a secure installation and in preparing the system for secure operation on the Internet. Although a multitude of firewall application software can be used in conjunction with the sections detailing the securing of the operating system, Check Point FireWall-1/VPN-1 is used as it best demonstrates the effectiveness of translating the corporate security policy into a practical reality.
About the Author:
Michael Simonyi (www.stonewallem.com) is an IT professional working for private sector enterprise organizations. He has over 12 years of practical and theoretical experience, from mainframe systems to PC client/server networks. His areas of expertise center on practical systems management, networking, databases, and application architecture, with emphasis on quality.
A Need for Security
What is Security?
Attaining a Level of Security
The Importance of Checks and Balances
Access Controls
Communication and Training
Attaining a Level of Security
Identifying Risks
Physical Security
Logical Security
Employee or Human Resources Security
Assessing Risk
Establishing Controls
Monitoring Controls
Responsibility and Accountability
Internal Systems Control Structures
General Process for Change Management
Operations Control Log
System Work Log
What is a Security Policy?
Steps to a Security Policy
Why is a Security Policy Needed?
What Does a Security Policy Do?
Implementing the Security Policy
Involving and Informing Management
Communication of the Security Policy
Internal Controls
Scenario Example
Sample Security Policies
Security Return on Investment
Perimeter Security Scenarios
Basic Bastion Host (Dual-Homed Host)
Multi-Homed Bastion Host
Hybrid Multi-Homed Bastion Host
Directions in Security
Perimeter Security
Trusted Systems
Intrusion Detection Systems
Intrinsic Security
Honey Pots
Corporate Security Requirements for Conducting Business over the Internet
Internal Corporate VPNs
Business Partner VPNs
The Mobile Workforce and VPNs
Systems Management and Security
The Virtual Workforce
Implementing Check Point FireWall-1/VPN-1 with Windows NT and Windows 2000
Performing Background Preparation
Assembling the Hardware
Materials List
Network Settings
Password Selection
Documentation
Software Patches
Communications and Protocol Selections
Registry Tuning
System Policies
Installing the Operating System
Microsoft Windows NT 4.0 Server
Installing Check Point FireWall-1
Configuration for a Multi-Homed Host or DMZ Configuration
Defining the VPN
SecuRemote
Windows 2000 Server Setup, Installation, and Configuration for Check Point FireWall-1/VPN-1
Check Point FireWall-1/VPN-1 Operating Notes
Enhancing the Security Infrastructure
Virus Protection
Fault Tolerance and Load Balancing
Reporting and Management
Encryption Acceleration
Public Key Infrastructure
Authentication
Intrusion Detection
Backup and Recovery
Appendices
DoD Security Classifications
Asset Inventory List
Windows NT 4.0 SP6a Post Security Rollup Patch List
Letter Issued to Customers of the Egghead E-Commerce Site and Press Release
Virus Memo
Sample Systems Operations Procedures Manual
Systems Policies and Guidelines
Computer Security and Usage Policy
References
Index
Biography
Michael A. Simonyi