From PDAs and laptops to insecure wireless modems, Windows users
have options for connecting to and infecting networks. Created in
partnership with our sister site SearchSecurity.com, this network
access control guide offers tips and expert advice on how to run a
properly secured Windows network. Learn how to mitigate who can
and cannot enter your network, how unauthorized users gain network
access, how to block and secure untrusted endpoints as well as
Windows-specific and universal access control policies and
procedures.
Controlling network access
- Hunting down a hacker
Track down users who have
hacked your Windows network with this advice from networking
security expert Wes Noonan.
- Active Directory Security School
No matter how secure all the layers of your network might be, poor
Active Directory (AD) security can render the rest of your
security measures useless. Find the answers to all of your AD
questions in this security school.
- Network Access Quarantine Control vs. Network Access
Protection
With the number of mobile devices and remote workers growing,
network quarantining has been a popular topic lately. Contributor
and Network Access Quarantine Control expert Jonathan Hassell
compares the features of NAQC with the forthcoming
Network Access Protection (NAP) program and advises on if and
when to deploy a network quarantining solution.
- Network Access Quarantine Control
Windows Server 2003's
Network Access Quarantine Control (NAQC), part of the Resource
Kit, prevents remote users from connecting to your network with
machines that aren't secure. Contributor Jonathan Hassell provides
step-by-step instructions on how NAQC works and how to configure
it.
Securing remote access points
Remote access and security for remote users has become a hot
topic for security professionals as telecommuting has grown in
popularity. A horde of remote users adds a number of new security
problems for Windows security admins, including endpoint security,
VPN security and remote user education.
This growing list of security concerns is a treasure chest for
potential hackers, as they can steal a user's notebook computer,
hack into an insecure VPN or take advantage of uneducated users. In
this section, pick up a few tips on how to ensure that your remote
access security is as tight as possible.
Remote access security tips
- Firewall settings for remote Windows users
If you feel like your remote users would be best protected by
Windows Firewall but your network is not set up for this,
Windows networking security expert has the answer to your
troubles.
- Remote access as an attack vector
In this excerpt of Chapter seven from "The Black Book on Corporate
Security," read about
remote desktop security. Authors Howard Schmidt and Tony Alagna
analyze how "unmanaged" remote access can serve as an attack
vector.
- Remote system security checklist
Remote system security has become more critical as growing
numbers of distributed workforces are removed from a controlled
central network. CISSP Kevin Beaver provides a list of items to
lock down on remote systems.
Endpoint security tactics
Endpoint security is the security of physical devices which may
literally fall into the hands of malicious users. Given the rapid
growth of employees who use laptop computers, securing network
endpoints has become of paramount concern for security
administrators.
Traditional means of securing the endpoint are going by the
wayside. A
firewall alone is no longer enough to defend your network from
the myriad threats that remote users, malicious hackers and the age
of easy-access information have wrought. In the summer of 2006, a
laptop containing personal data on nearly 30 million military
veterans and active duty personnel was stolen from an employee of
the U.S. Department of Veterans' Affairs. In April of 2007, a
laptop containing information on 160,000 employees of Neiman Marcus
was stolen. Follow the tips below to learn how to prevent such a
disaster from befalling yourself and your users.
Endpoint security tips
- Plan for a security breach, step by step
Prepare for a
security breach using this step-by-step guide. Your plan should
include important contact info, methodical response steps and
walk-through drills.
- Keeping pace with emerging endpoint security
technologies
Check out this overview of
endpoint security technology advancements and explains where
the technology is headed.
- Discussion: Laptop security
Read this discussion on
laptop data security for some helpful user-to-user advice on
how to secure the files on your notebook computer(s).
- Endpoint security: Guard your network at the
desktop
The days of securing a network by hardening the perimeter are gone.
Now
endpoint security is the latest solution to network security.
Read contributor Tony Bradley's primer on endpoint security
techniques.
Windows Firewall
Windows Firewall is Microsoft's overhaul of their previous
firewall, Internet Connection Firewall (ICF). In general, according
to Windows security expert Mark Minasi, a "firewall refers to any
of a number of ways to shield a computer network from other
networks." When one of the "other networks" includes the vast space
of the internet, it becomes clear that a firewall is a necessary
security tool for any Windows network.
Excerpts from Mark Minasi's book, "Mastering Windows Server 2003
Upgrade Edition for SP1 and R2" can be found in the tips below,
along with a short series of tips and advice from our Windows
security experts. Learn how to set up IPsec bypass, permit Ping,
make server applications work with Windows Firewall and more.
Windows Firewall tips
- Locking up the ports: Windows Firewall
This upgrade to best-selling author Mark Minasi's Mastering
Windows Server 2003 covers all the undocumented updates and
new features for Windows Firewall in Service Pack 1 and Windows
Server 2003 R2. With clear and easy instruction, this book
update tells you all about the SP1 and R2, including security
enhancements, management and administration tools. If you work with
or depend on Windows Server 2003, this book is for you.
- Managing Microsoft's Windows Firewall
Microsoft's
Windows Firewall can give network admins a headache. Check out
the advice of our Windows security experts to find out when to use
Windows Firewall, how to configure it for remote users and what can
cause Windows Firewall to automatically shut down.
VPNs
Virtual private networks (VPNs) allow remote employees to access
their company's respective network. Of course, when a number of
VPNs are run through the internet, several security questions
are raised. Do my users need extra security? Does my network need
extra security precautions? How easily can a hacker access my
network through my employee's VPN connection?
While a VPN traditionally comes with its own extra precautionary
security measures, that does not mean that a VPN does not create
extra risk. Check out the tips below to learn how to give your VPN
a penetration test and read a series of VPN quick tips.
VPN security tips
- VPN quick tips
Choose the best VPN technology for your enterprise learn to
maintain your VPN once it is deployed with this collection of
VPN security tips.
- Pen testing your VPN
Your VPN is a vital gateway into your network for your company's
road warriors, telecommuters and other remote users. This tip looks
at why it's important to add
VPN security to your list of concerns.