Terminal Servers @ Datacenter



Hi,

Looking for best practices in managing windows servers in a datacenter.

We have 100 windows servers with Terminal services. There is no Active
Directory domain.Everything is workgroup. There is a set of 10 admins
who share responsibility of administering these servers. Each admin
has access to a group of 10 or 15 Servers.

For the purpose of tracking access, we would like to setup one central
gateway server in the DMZ where all admins will login first. Based on
their user-id, they can initiate connection to their authorised
internal server.

It should not be possible for one server to initiate connection to
another server. All servers should accept connection only from this
central gateway server.

We are open to buying a third party product if required. It would be
great if we can also track what the admins are doing .

---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • Re: Migration EXC 2003 to 2007
    ... empty and exchange servers only contained the 2K7 server. ... I added our admins group there and the 2K3 exchange servers in the ... exchange 2007 there was new OU created called MSExchange Security Group and ...
    (microsoft.public.exchange.setup)
  • Re: Migration EXC 2003 to 2007
    ... empty and exchange servers only contained the 2K7 server. ... I added our admins group there and the 2K3 exchange servers in the ... exchange 2007 there was new OU created called MSExchange Security Group and ...
    (microsoft.public.exchange.setup)
  • Re: Trying UAs secured Web based Remailer
    ... Admins wrote: ... locate the abuse and user name responsible, ... Please explain exactly what "check into the data stream" means, ... or you'd have no security on your servers at all and wouldn't ...
    (alt.privacy)
  • Re: Hiding Versions
    ... The only use is to let admins ... who codes some decent exploits but does little more than root servers ... potential targets I may find in the wild. ... via placed data it can minimize our vulnerability in both situations. ...
    (FreeBSD-Security)
  • RE: [Full-Disclosure] Removing FIred admins
    ... Only the senior administrator and the CTO have the root password to the ... The senior admin does not "own" and servers, ... manager for all of the other admins. ... > local and domain administrator passwords on our Unix and Windows ...
    (Full-Disclosure)