RE: AD structure for a school environment

From: Michael D. Lowe (mlowe_at_ufl.edu)
Date: 11/14/03

  • Next message: NRastegar_at_aol.com: "RE: AD structure for a school environment"
    To: <focus-ms@securityfocus.com>
    Date: Fri, 14 Nov 2003 07:02:24 -0500
    
    
    

    First off you need to start with a set of policies. You need sit down with
    your management to specifically define what you are trying to do. And to
    support it through a written policy. Use the process of defining your
    policies to educate, elucidate & elicit support for the project. There are
    many ways to configure your environment. Some better than others. Some
    equally good. But until you know exactly what you are trying to accomplish
    you WILL miss an important design consideration(s). Believe me I have done
    so before I learned policies are not just paper, they are the blue print
    from which you proceed. And I would add they are your authority to say no to
    bad ideas.

    You have an opportunity to develop a system that is a pleasure to use, and
    more importantly to you, maintain. Most of us rarely get the opportunity to
    build a virgin system, you lucky dog you. We get legacy systems. Have fun
    it's a great challenge.

    Michael D. Lowe
    Coordinator Computer Applications
    Security/Network Administrator
    Office of the University Registrar
    PO Box 114000
    mlowe@ufl.edu
    352-392-1374x7270

    -----Original Message-----
    From: Guy Evans [mailto:guye@microsoft.com]
    Sent: Wednesday, November 12, 2003 5:27 PM
    To: thenile@ziplip.com; focus-ms@securityfocus.com
    Subject: RE: AD structure for a school environment

    The forest is the true security boundary. If you require the highest
    security model my suggestion would be to create 2 forests, 1 for
    teachers, 1 for students. You can create transitive trusts between
    forests and/or a trust firewall with 2003 AD. Take a look here for the
    latest MS info:

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
    ity/prodtech/win2003/w2003hg/sgch00.asp

    Guy

    ---------------------------------------------------------------------------
    Network with over 10,000 of the brightest minds in information security
    at the largest, most highly-anticipated industry event of the year.
    Don't miss RSA Conference 2004! Choose from over 200 class sessions and
    see demos from more than 250 industry vendors. If your job touches
    security, you need to be here. Learn more or register at
    http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
    and use priority code SF4.
    ---------------------------------------------------------------------------

    
    

    ---------------------------------------------------------------------------
    Network with over 10,000 of the brightest minds in information security
    at the largest, most highly-anticipated industry event of the year.
    Don't miss RSA Conference 2004! Choose from over 200 class sessions and
    see demos from more than 250 industry vendors. If your job touches
    security, you need to be here. Learn more or register at
    http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
    and use priority code SF4.
    ---------------------------------------------------------------------------


  • Next message: NRastegar_at_aol.com: "RE: AD structure for a school environment"

    Relevant Pages

    • RE: AD structure for a school environment
      ... The forest is the true security boundary. ... You can create transitive trusts between ... forests and/or a trust firewall with 2003 AD. Take a look here for the ... most highly-anticipated industry event of the year. ...
      (Focus-Microsoft)
    • RE: Mass Distribution of Security Policies
      ... It could start with a Network usage agreement, (Advisory Policy) to all ... Mass Distribution of Security Policies ...
      (Security-Basics)
    • RE: Security Policy-Please help
      ... your Masters in Systems & Network Security, ... Before you begin writing policies, you deffinetly want to make sure you've ... SANS Security Policy Project at http://www.sans.org/resources/policies/. ... L0phtcrack is one of the better tools for testing password ...
      (Security-Basics)
    • Re: Least User Priviledges for Network Administrators
      ... It makes sense to have a chain of command and approval policy to keep things ... the computer use policies, software purchasing policies, security ... upper management--both within the Network Technology group, ... driving the process of tightening down security. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: CEH and Intense School
      ... > You want more than 4 to know the bugs are ironed out in labs and so on. ... > Network with over 10,000 of the brightest minds in information security ... most highly-anticipated industry event of the year. ...
      (Pen-Test)