Re: Adding DSL Router to existing Win2K Server and 3 clients
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 01/29/05
- Next message: Przemek: "Re: unable to map to any drive"
- Previous message: Steven L Umbach: "Re: XCACLS utility help"
- In reply to: BC: "Adding DSL Router to existing Win2K Server and 3 clients"
- Next in thread: BC: "Re: Adding DSL Router to existing Win2K Server and 3 clients"
- Reply: BC: "Re: Adding DSL Router to existing Win2K Server and 3 clients"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Jan 2005 21:02:25 -0600
It would be a real good idea to have antivirus protection on all the
computers, particularly if you are going to have broadband access. Keep in
mind that files that users download and install and email attachments they
open are big sources of malware infections, particularly if the users have
local administrator membership. Antivirus software will not do much good if
not configured to run automated scans on schedule, scan all emails, and kept
up to date. Also be sure to have a plan to keep ALL your computers current
with critical updates from Windows Updates and the Windows Update Client can
be configured to do this automatically. I suggest you also enforce that the
users use strong passwords by configuring password policy.
You should also make sure that the server is hardened before you install the
internet connection. Be sure that it is current with critical updates,
strong passwords are used, and unneeded services are disabled such as telnet
and IIS - WWW if not used. IIS is installed by default and not secured in
Windows 2000. The server should also not be used for general web browsing.
You can use the free Microsoft Baseline Security Analyzer to check for basic
vulnerabilities on your server and other network computers. Instead on the
Linksys take a look at the Netgear FVS318. It is a true SPI firewall with
eight built in ipsec endpoints which may come in handy someday if you want
to joining network remotely or use as a VPN endpoint with Netgear's client
VPN. If you follow best security practices as described you can get by
without a firewall on the W2K server. Installing one would mostly be
beneficial to protecting the server from your internal workstations in case
one of them became infected but the fact that you would have to allow client
access for at least some ports and services would minimize it's
effectiveness for that purpose. The links below may help. --- Steve
http://www.microsoft.com/technet/security/tools/mbsahome.mspx --- MBSA
http://www.microsoft.com/smallbusiness/gtm/securityguidance/hub.mspx --
Microsoft small business security guidance.
http://www.netgear.com/products/details/FVS318.php --- FVS318 - around
$100.
"BC" <BC@discussions.microsoft.com> wrote in message
news:5189EEE2-66E9-4523-B336-EB79B276A615@microsoft.com...
> Do I have to worry about installing a firewall or antivirus program on the
> Win2K server if I install a DSL router (model BEFSR41)? The network is
> not
> connected to the internet at this time. But I want to add internet access
> mainly for the client's. What do I have to do make sure the server is kept
> secure?
- Next message: Przemek: "Re: unable to map to any drive"
- Previous message: Steven L Umbach: "Re: XCACLS utility help"
- In reply to: BC: "Adding DSL Router to existing Win2K Server and 3 clients"
- Next in thread: BC: "Re: Adding DSL Router to existing Win2K Server and 3 clients"
- Reply: BC: "Re: Adding DSL Router to existing Win2K Server and 3 clients"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
