With the success of computer viruses like Slammer, security issues are now a top priority for Windows system administrators, right alongside day-to-day tasks such as setting up accounts and managing performance. If you use Windows 2003 Server at a small to medium-sized organization, or use Microsoft's Small Business Server, this thorough yet concise tutorial offers the hands-on advice you need for securing your network. Modern network operating systems include bundled services that range from traditional file and print sharing and Internet services to authentication, directory and remote access services each a potential security vulnerability as well as a capability. Securing Windows Server 2003 shows you how to put Windows security tools to work, and how to run the server's subsystems to protect users and resources. But that's just the beginning. Network security needs to be well thought-out, not treated as a fire drill when a threat occurs. This book focuses primarily on ways to plan and implement a secure operating environment. Microsoft security veteran Mike Danseglio uses real-world examples to show you how various security concepts relate to your own system, including:

• File System Security

• Group Policy and security templates

• Running secure code

• Authentication

• IP security

• Public Key Certificates and Public Key Infrastructure

• Smart Card technology

• DHCP and DNS security

• Internet Information Services security

• Active Directory security

• Remote access security

• Security audits

• Sending secure email, and more

Many chapters include a debate, in which fictional protagonists discuss the pros and cons of a particular strategy or solution. These debates provide an objective look at competing methodologies, so you can select the solutions that best fit your network. Read this book cover to cover to create and implement a security plan, or use individual chapters as stand-alone lessons. Either way, Securing Windows Server 2003 will guide you safely through the morass of security threats.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 12 Ratings

Good General Guide - 2006-01-27
Reviewer Rating:
I find this book overall well written and a lot of the advice practical. This book tends to be more wordy on the discussion, but does have some excellent nuts-n-bolts practical side. Overall, I think this is a useful guide to most people, but I found that much of the information to be too general, at least those familiar with practical experience or those studying MSCE certification material: GPOs, security templates, MSBSA, SUS, IPSec, IAS, VPN, etc. So at least for me, or others going through books for certification studies, a lot of the material is redundant and offers little in the way of new insights.

One thing that I found most shocking in a book on "Securing Windows" is that is no coverage of a firewall, either ICF or Windows Firewall. I wanted to know about those and how I could use the firewall in conjunction with routing and IPSec, but this essential topic is omitted. I would have also liked some more hands on material covering removing malware (viruses, spyware, etc.) from startup (registry keys) or configuring DACLs for services like DHCP, Telnet, etc. But this book doesn't delve in these depths beyond the basics.

Of interest was Chapter 9 "Certificates and PKI Infrastructure". I found that this chapter was more on philosphy and business aspects, rather than practical implementation. The later I found was sorely incomplete. In particular, the instructions for creating an offline rootCA will be problematic and maybe fail, as there is no mention having empty configuration with CDP and AIA sections using CAPolicy.inf.

Bottom line, good general overvew of security for novice administrators, but for more advanced folks might find the material to be a rehash of the basics.

Better than the MS Press book - 2005-07-22
Reviewer Rating:
I agree with what all the other reviewers said about this book! It is an excellent resource for security enthusiasts and experts alike!

I have the MSPress book for Exam 70-299, Implementing and Administering Security in a Windows Server 2003 Network. And yet, Mike's treatment of IPSEC, cryptography and other 'serious' stuff makes more sense to me now than when i read the MS Press book.

Mike also throws in generous portions of the book devoted to step by step 'how tos' to actually implement certain security scenarios.

Mike! When is your next book coming out??

decent coverage of Windows 2003 security but not up to the O'Reilly standards - 2006-08-28
Reviewer Rating:
This book is mediocre. It covers all security related topics with regard to Windows Server 2003. I wish some sections had more details. It seems like the author was thumbing through Microsoft technical reference materials and paraphrasing with "Ok so do step 1, then do step 2, then step 3." To this I ask, Well Ok but what is the purpose of step 2? Are there alternatives? What are the pros and cons of step 2? So I guess you could say many areas of this book left we wanting additional details. It did NOT seem like the author had worked through all of these scenarios in a realworld environment (like Mark Minasai).

I used to say "If you buy an O'Reilly book you can't go wrong." I will now modify that to "If you buy an O'Reilly book you USUALLY can't go wrong." This is too bad, since I love O'Reilly books. This is the weakest of all the O'Reilly books I have read.

With that said, the author DOES cover good topics and good explanations. I could not do better. I'm not saying it sucks or anything but I feel a little let down and would recommend to potential book buyers to look around for a better resource.

Useful Insights - 2006-02-26
Reviewer Rating:
Actually it is true, a lot of the book is a rehash of common Windows security practices that is way overdocumented, e.g. how many times must we redocument the simple tool Microsoft Baseline Security Analyzer. However, interspersed between the rehashed material are useful insights.

I only wish there was coverage of topics like Windows Firewall or ICF within a Windows security book. I thought that topic would be of import for any security book.

HANDS-ON SECURITY - 2005-11-16
Reviewer Rating:
Are you savvy about security in the Windows Server 2003 operating system? If not, this book is for you! Author Mike Danseglio, has done an outstanding job of writing a great book that shows you how to put security to work on behalf of your organization and your users.

Danseglio begins by setting the stage for the rest of the book by providing an introduction to Windows Server 2003. Next, the author covers basic computer security concepts, including cryptography and fundamental practices for security administrators. Then, he covers various aspects of physical security, which is essential for any data security to succeed. The author continues by dealing with securing files with Encrypting File System and other file oriented technologies. In addition, the author next focuses on using Group Policy as a security tool and utilizing Security Templates. He also discusses ways you can protect against running bad applications. Next, the author covers the various authentication protocols supported by Windows Server 2003, including Kerberos. Then, he examines IP Security and its proper deployment to secure network communication. The author continues by conducting an exhaustive examination of PKI and certificate-based cryptography. In addition, the author covers smart card technologies and their proper deployment. He also focuses on the grotesque lack of security in DHCP and DNS technologies and how you can try to shore them up. Next, the author covers Internet Information Services security, or the lack thereof. Then, he examines Active Directory design and operation from a security standpoint, including proper planning and deployment; as well as, securing data between domain controllers. The author continues by covering the security features of Remote Access, including dial-up and VPN connectivity. Finally, he covers additional topics such as administrative security, patch management, and auditing.

With the preceding in mind, the author has also done an excellent job of writing a book that covers Windows Server 2003 and some amount of Windows XP security. But, in order to understand Windows based security, the author has also made sure that non-Windows security topics like physical security, security policy and risk management were covered.

Browse Similar Topics

Top Level Categories:
Operating Systems
Security

Sub-Categories:
Operating Systems > Windows Server 2003
Windows Server 2003 > Administration
Windows Server 2003 > Security
Security > Operating Systems
Operating Systems > Windows Server 2003