To assist administrators in configuring the security settings for their Windows systems, Microsoft has produced three security guides that document all Windows security settings for current and legacy clients, and for Windows Server 2003. The guides also provide tools, including spreadsheets, templates, and scripts, to help administrators set and document the appropriate level of security for the servers they deploy.

Windows Server 2003, the first Windows product to ship since Microsoft’s Trustworthy Computing initiative began, has many features and services either turned off or locked down, so that the server is "secure by default." Administrators must then determine the optimal level of security for their circumstances and configure the server accordingly, a task that involves determining the correct balance between securing the server and ensuring that applications still run and users can perform their jobs. The three guides will help administrators configure servers for a variety of roles, understand the settings that affect security, and understand common security terminology.

The Windows Server 2003 Security Guide offers administrators detailed guidance on how to configure the security parameters for the server as well as for legacy clients (Windows 9x, and NT 4.0) and current clients (Windows XP and 2000 Professional). The guidance also offers advice on configuring enterprise clients in a high-security mode, which offers the greatest security but is not compatible with some applications. The guides cover seven server roles, including domain controller, file and print server, Web server, and bastion host (accessible from the Internet).

Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP offers a comprehensive listing of all the security-related configuration settings in Windows. For each security setting, the guide describes the vulnerability (potential for an intruder or hacker to exploit the feature), the countermeasure (how to reduce the vulnerability), and any potential impact (negative consequences) of deploying the countermeasure.

Microsoft Solutions for Security Glossary defines common computer and security terms.

Resources

All the guides can be obtained from Microsoft’s download site. Go to www.microsoft.com/downloads and click on "Server Applications."