Re: Is our security team right
- From: "Karl Levinson" <levinson_k@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 May 2006 12:24:50 -0400
<eddieturbo@xxxxx> wrote in message
news:1148382797.776230.322330@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Unfortunately someone in the security team has decided (presumably
cause it is easier for them) to build the standard OS and then harden
the machine. Only then are we going to be allowed to install our
applications on the servers!
Now excuse my ignorance but should it not be the other way around -
install OS, install Apps, confirm they are working, make (hardening)
security change, test app ........... if it still works continue, if it
does not then roll back hardening step and identify why it has broken
the app ????
Am I missing something? Can anyone point me to supporting documentation
which will allow me to stop this happening (and me spending weeks
trying to work out what is wrong)?
Sorry, I don't see any problem with the way they are planning to do it. I'm
also not sure how it will harm you if it is done this way. You're going to
have to research what the problem is no matter what way it is done. They're
not going to make one change, then let you test, then make another change.
They're going to apply them all at once. MS has some tools that can make
this process easier, especially for Windows 2003 and XP, and filemon and
regmon from www.sysinternals.com may help too. A good migration plan such
as keeping the old servers online until the new servers are validated as
working may also help prevent pain. But either way, migrating can mean some
unavoidable pain.
.
- Follow-Ups:
- Re: Is our security team right
- From: eddieturbo
- Re: Is our security team right
- References:
- Is our security team right
- From: eddieturbo
- Is our security team right
- Prev by Date: Re: Is our security team right
- Next by Date: Re: Is our security team right
- Previous by thread: Re: Is our security team right
- Next by thread: Re: Is our security team right
- Index(es):
Relevant Pages
|
|
