Microsoft Publishes Security Operations Guide

Microsoft Corp. produced a Security Operations Guide for Windows 2000 Server this month as part of its concentrated push to elevate the priority of security in its products.

The guide, which can be found here, includes guidelines, cheat sheets and scripts.

Chapters deal with topics including platform security overviews, using Group Policy Objects to manage security, securing servers based on role, patch management, intrusion detection and incident response.

The kit includes "Job Aids" for assessing threats and vulnerabilities, a checklist of top security blunders, a chart of common attacks and countermeasures and an incident response quick reference card.

The guide ranges from the very broad down to the very specific. "This guide will help you identify the risks inherent in a networked environment, help you to work out the level of security appropriate for your environment, and show you the steps necessary to achieve that level of security. Although targeted at the enterprise customer, much of this guide is appropriate for organizations of any size," Microsoft's guide reads.

The guide focuses on operations for creating and maintaining a secure environment on servers running Windows 2000. Microsoft gets into specific detail in the text and appendices about specific services that should be disabled and what operators to use with the Microsoft Network Security Hotfix tool (Hfnetchk). However, Microsoft warns that the scope of the guide cannot show users how to run specific applications in a secure fashion.

Microsoft positions the guide as part of its Strategic Technology Protection Program (STPP), an initiative launched in October 2001. Microsoft recently reaffirmed that security is on its mind in January when chairman and chief software architect Bill Gates issued his Trustworthy Computing e-mail.

The guide can be read in a browser or downloaded as an 800 KB executable file that extracts into the Adobe Acrobat format.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

  • Microsoft Open License To End Next Year for Government and Education Groups

    Microsoft's "Open License program" will end on Jan. 1, 2022, and not just for commercial customers, but also for government, education and nonprofit organizations.

comments powered by Disqus