Microsoft Publishes Security Operations Guide

Microsoft Corp. produced a Security Operations Guide for Windows 2000 Server this month as part of its concentrated push to elevate the priority of security in its products.

The guide, which can be found here, includes guidelines, cheat sheets and scripts.

Chapters deal with topics including platform security overviews, using Group Policy Objects to manage security, securing servers based on role, patch management, intrusion detection and incident response.

The kit includes "Job Aids" for assessing threats and vulnerabilities, a checklist of top security blunders, a chart of common attacks and countermeasures and an incident response quick reference card.

The guide ranges from the very broad down to the very specific. "This guide will help you identify the risks inherent in a networked environment, help you to work out the level of security appropriate for your environment, and show you the steps necessary to achieve that level of security. Although targeted at the enterprise customer, much of this guide is appropriate for organizations of any size," Microsoft's guide reads.

The guide focuses on operations for creating and maintaining a secure environment on servers running Windows 2000. Microsoft gets into specific detail in the text and appendices about specific services that should be disabled and what operators to use with the Microsoft Network Security Hotfix tool (Hfnetchk). However, Microsoft warns that the scope of the guide cannot show users how to run specific applications in a secure fashion.

Microsoft positions the guide as part of its Strategic Technology Protection Program (STPP), an initiative launched in October 2001. Microsoft recently reaffirmed that security is on its mind in January when chairman and chief software architect Bill Gates issued his Trustworthy Computing e-mail.

The guide can be read in a browser or downloaded as an 800 KB executable file that extracts into the Adobe Acrobat format.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Dynamics 365: Why It May Not Be What You Think

    For starters, the cloud-based CRM/ERP software has some surprising integrations with PowerApps, Microsoft's low-code developer environment.

  • Microsoft 365 Insider Test Program Emerges for Organizations

    Microsoft has started a new Microsoft 365 Insider Program for organizations to test its software, but the program's name and scope could be changing.

  • IT Pros: Don't Forget To Protect Your Personal Security

    Don't be the IT pro who spends way too many hours each day keeping their users secure only to neglect their own home networks. Brien describes the two steps he took to avoid this trap.

  • Microsoft Edge Browser Shifting to Open Source Chromium Platform

    Microsoft plans to align its Microsoft Edge browser production efforts with the open source Chromium Web platform for the desktop version of the browser, the company announced on Thursday.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.