Database Server Security Overview When it comes to securing database servers, the actual database software usually provides some security features or mechanism which you can implement. A common database is Microsoft SQL Server which you can manage through its Enterprise Manager tool. The Enterprise Manager can be found in the SQL Server program group. It is recommended that you do not expose your SQL Server databases to public networks such as the Internet. If you do have to connect a SQL Server database to the Internet, a firewall should be Read More
Planning and Implementing an Authorization Solution
An Overview on Authorization Authentication is the first step in implementing a security strategy to protect your network resources and elements from unauthorized users, because it is the process that deals with identifying valid authorized network users from unauthorized users. Authentication therefore verifies the identity of users. The next step in securing your network resources and elements from unauthorized access is authorization. Authorization is the process that controls which objects an authenticated network user can access. Just because a user is authenticated, does not necessarily mean that the particular user Read More
Understanding and Implementing Access Control
An Overview of Access Control Allowing users and computers unlimited access to system resources and network resources can ultimately compromise the security and stability of an organization. Even though users and computers need to access network and system resources to perform certain tasks, the access that they require should be limited to those necessary to perform these tasks. Access control has since evolved from being access oriented with Windows 2000 and earlier to being control oriented with Windows Server 2003. With the launch of Windows Server 2003, Microsoft tightened its Read More
Planning and Implementing an Authentication Solution
An Overview on Authentication Authentication is the process of identifying authorized valid users from unauthorized users. It is therefore the initial step in defining and implementing a network security strategy because it deals with restricting access to the network. A solid authentication solution prevents unauthorized users such as hackers, and Trojan horses from accessing network resources. Implementing the ideal authentication strategy for your network could be tricky because while too much authentication would keep unauthorized network access under control, it could also prevent authorized network users from legitimately accessing network Read More
Wireless Connection Security
Wireless Network Security Threats Wireless networks do not have the inbuilt physical security of wired networks, and are unfortunately more prone to attacks from intruders. Once unauthorized access is gained to the wireless network, the intruder would be able to easily access the resources of the corporate, internal network. To complicate matters, there are numerous tools which attackers can use to detect and connect to a wireless network, thus making abusing a wireless network not an intricate task. The types of attacks that wireless networks are vulnerable to are listed Read More
Understanding and Implementing Smart Card Authentication
An Overview on Authentication and Smart Cards Administrators have to secure the network from attacks launched by hackers, spies, terrorists, thieves and criminals. Security encompasses numerous technologies, protocols, standards, policies, passwords, and secret keys. All these mechanisms typically focus on the following: Authentication Access Control Data Protection Auditing/Accountability Authentication is the process by which an entity identifies itself, before network logon is permitted. After a user is authenticated, access control defines what resources can be accessed, what actions can be performed on the resource, and whether these actions are audited Read More
Implementing Account and Security Policies
Understanding Security Policy Types With Windows Server 2003, you can implement and manage security settings at the following levels: Local computer (local security policies) Active Directory site, domain, or organizational unit (domain security policies) Local security policies are managed through Local Computer Group Policy Objects (GPOs), and domain security policies are managed through Group Policy with the Active Directory Domain Controller GPOs. However, domain security policies override local security policies. In Windows Server 2003 Active Directory environments, group policies include configuration settings for the following: Software policies Scripts Security policies Read More
Understanding Security Templates
With Windows NT 4.0, came the launch of the System Policy Editor feature which enabled administrators to manage the security settings of the system through a single user interface. The System Policy Editor feature allowed administrators to easily manage configurations of multiple computers because configuration settings could be copied between systems. With the introduction of Windows 2000, the System Policy Editor feature was replaced by Active Directory Group Policy and security templates. Windows 2000, Windows XP, and Windows Server 2003 utilize Active Directory Group Policy and security templates to distribute Read More
Securing Web Servers
Web Server Security Issues Internet Information Services (IIS) is the Microsoft Web server provided in each Windows Server 2003 Edition. Internet Information Services (IIS) 6.0 was designed as the solution for intranets, extranets, and the Internet. Through IIS, organizations can implement Web sites and applications, and Web services. IIS supports Secure Sockets Layer (SSL) version 3. SSL is used to encrypt HTTP and NNTP authentication data and transmission data through public key cryptography. IIS also supports Transport Layer Security (TLS), which is used to encrypt SMTP data transmissions. Basic security Read More
Understanding and Designing a Public Key Infrastructure
An Introduction to the Public Key Infrastructure (PKI) It has grown more important to ensure the confidentiality and integrity for data communication where an organization's network contains intranets, extranets, and Internet Web sites. Because of the connectivity of networks today, an organization's network is exposed to unauthorized users who could possibly attempt to access and manipulate mission critical data or the confidential data of its clients. The need to authenticate the identities of users, computers and even other organizations, has led to the development of the public key infrastructure (PKI). Read More
Share on: