Microsoft hits security milestone

News

Microsoft hits security milestone

Cliff Saran
Microsoft has issued release candidate 1 for Windows Server 2003 Service Pack 1 (SP1), the next milestone in its Trustworthy Computing initiative.

The service pack offers security improvements, including Security Configuration Wizard (SCW), which provides a role-based guide for administrators on how to reduce the risk of attacks.

"With SCW you can disable unused services easily and quick- ly, block unnecessary ports, modify registry values, and configure audit settings," said Microsoft.

Another security tool, VPN Quarantine, is designed to limit network access for machines on virtual private networks that do not have security updates. Microsoft has also improved monitoring in Internet Information Server, its web server software that runs on Windows 2003.

The functions enable administrators to monitor and audit Internet Information Services (IIS) configuration settings using an XML-based, hierarchical store of configuration information for IIS 6.0. This allows network administrators to see which user accessed the metabase in case it becomes corrupted, Microsoft said.

Post-Setup Security Updates is another improvement designed to block incoming traffic to newly installed servers until the latest patches to Windows Server 2003 are applied.

Graham Titterington, principal analyst at Ovum, said VPN Quarantine would give users a better way to secure their networks. "People did not have a technique to quarantine a network," he said. "It would have been a manual process." With VPN a device can be prevented from accessing certain parts of the network until it has been fully patched.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy