Microsoft has issued release candidate 1 for Windows Server
2003 Service Pack 1 (SP1), the next milestone in its Trustworthy
Computing initiative.
The service pack offers security improvements, including Security
Configuration Wizard (SCW), which provides a role-based guide for
administrators on how to reduce the risk of attacks.
"With SCW you can disable unused services easily and quick- ly,
block unnecessary ports, modify registry values, and configure
audit settings," said Microsoft.
Another security tool, VPN Quarantine, is designed to limit network
access for machines on virtual private networks that do not have
security updates. Microsoft has also improved monitoring in
Internet Information Server, its web server software that runs on
Windows 2003.
The functions enable administrators to monitor and audit Internet
Information Services (IIS) configuration settings using an
XML-based, hierarchical store of configuration information for IIS
6.0. This allows network administrators to see which user accessed
the metabase in case it becomes corrupted, Microsoft said.
Post-Setup Security Updates is another improvement designed to
block incoming traffic to newly installed servers until the latest
patches to Windows Server 2003 are applied.
Graham Titterington, principal analyst at Ovum, said VPN Quarantine
would give users a better way to secure their networks. "People did
not have a technique to quarantine a network," he said. "It would
have been a manual process." With VPN a device can be prevented
from accessing certain parts of the network until it has been fully
patched.