Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

6421 b Module-08

Download as PPTX, PDF
Bibekananada Jena
Bibekananada Jena

Module 8: Increasing Security for Windows Servers Security is an essential consideration for networking with Windows Server 2008. In this module, you will learn how to implement various methods to increase security. Windows Firewall with Advanced Security is one of the features in Windows Server 2008 that is used to increase security. You can also use Windows Server Update Services to ensure that approved security updates are applied to servers in a timely way. Lessons Windows Security Overview Configuring Windows Firewall with Advanced Security Deploying Updates with Windows Server Update Services Lab : Increasing Security for Windows Servers Deploying a Windows Firewall Rule Implementing WSUS After completing this module, students will be able to: Describe a process for increasing the security of Windows Server 2008. Configure Windows Firewall with Advanced Security. Describe Windows Server Update Services and how to use it.

1 of 24
Module 8 Increasing Security for Windows Servers
Module Overview • Windows Security Overview • Configuring Windows Firewall with Advanced Security • Deploying Updates with Windows Server Update Services
Lesson 1: Windows Security Overview • Discussion: Identifying Security Risks and Costs • Applying Defense-In-Depth to Increase Security • Best Practices for Increasing Security
Discussion: Identifying Security Risks and Costs What are some of the risks and associated costs to Windows- based networks? 5 min
Applying Defense-In-Depth to Increase Security Defense-in-depth provides multiple layers of defense to protect a networking environment Security documents, user education Policies, Procedures, & Awareness Physical Security OS hardening, authentication Firewalls Guards, locks Network segments, IPsec Application hardening, antivirus ACLs, encryption, EFS Perimeter Internal Network Host Application Data
Best Practices for Increasing Security Some best practices for increasing security are: Windows Server 2008 Apply all available security updates quickly Follow the principle of least privilege Restrict console login Restrict physical access
Lesson 2: Configuring Windows Firewall with Advanced Security • What Is Windows Firewall with Advanced Security? • Discussion: Why Is a Host-Based Firewall Important? • Firewall Profiles • Demonstration: How to Configure Firewall Profiles • Deploying Windows Firewall Rules
What Is Windows Firewall with Advanced Firewall? Inbound rules Outbound rules Connection security rules Windows Firewall with Advanced Security is a host-based firewall the protects individual servers Control inbound communication initiated from the network All inbound requests are blocked by default Control outbound communication initiated by the host All outbound requests are allowed by default Configure IPsec for encryption and authentication
Discussion: Why Is a Host-Based Firewall Important? Why is it important to use a host- based firewall like Windows Firewall with Advanced Security? 5 min
Firewall Profiles The firewall profiles are: Domain Public Private Firewall profiles are a set of configuration settings that apply to a particular network type Windows Server 2008 R2 introduces the ability to have multiple active firewall profiles
Demonstration: How to Configure Firewall Profiles In this demonstration you will see how to configure firewall profiles
Deploying Windows Firewall Rules You can deploy Windows Firewall rules: • Manually • By exporting and importing firewall rules • By using Group Policy
Lesson 3: Deploying Updates with Windows Server Update Services • What Is Windows Server Update Services? • Windows Server Update Process • Server Requirements for WSUS • Configuring Automatic Updates • WSUS Administration • What Are Computer Groups? • Approving Updates
What Is Windows Server Update Services? Automatic Updates Server running Windows Server Update Services Automatic Updates LAN Internet Test Clients
Windows Server Update Services Process Update Management Phase 1: Assess • Set up a production environment that will support update management for both routine and emergency scenarios Phase 3: Evaluate and Plan • Test updates in an environment that resembles, but is separate from, the production environment • Determine the tasks necessary to deploy updates into production, plan the update releases, build the releases, and then conduct acceptance testing of the releases Phase 4: Deploy •Approve and schedule update installations •Review the process after the deployment is complete Phase 4: Deploy • Approve and schedule update installations • Review the process after the deployment is complete Phase 2: Identify • Discover new updates in a convenient manner • Determine whether updates are relevant to the production environment Identify Evaluate and Plan Deploy Assess
Server Requirements for WSUS Software requirements: Hardware requirements are similar to the Windows operating system IIS 6.0 or later Microsoft .NET Framework 2.0 or later Microsoft Management Console 3.0 Microsoft Report Viewer Redistributable 2008 SQL Server 2008, SQL Server 2005 SP2, or Windows Internal Database
Configuring Automatic Updates WSUS Server Client Server Client computers must be configured to use the WSUS server as a source for updates Group Policy is used to configure the client servers Other Group Policy settings related to Auto: Update frequency Update installation schedule Whether automatic restarts are allowed Default computer group in WSUS
WSUS Administration
What Are Computer Groups? Computer groups are a way to organize WSUS clients Create custom computer groups to control update application Default computer groups: All Computers Unassigned Computers
Approving Updates Updates can be approved automatically but it is not recommended Updates should be tested before they are approved for production Updates can be declined if they are not required Updates can be removed if they cause problems
Lab: Increasing Security for Windows Servers • Exercise 1: Deploying a Windows Firewall Rule • Exercise 2: Implementing WSUS Logon information Virtual machine NYC-DC1, NYC-SVR1 User name Administrator Password Pa$$w0rd Estimated time: 45 minutes
Lab Scenario • Your organization has implemented new software for monitoring client computers and servers. This software is already installed on the computers, but your central monitoring console is unable to initiate communication with the software. The installation routine for the software did not open the necessary port in Windows Firewall. • You need to deploy a Windows Firewall rule that allows all computers in the organization to respond to communication attempts from the centralized monitoring console that runs on port 10005. Documentation from the product vendor indicates that you can test this port by using a Web browser to view an XML file. • In the past management of updates for clients and servers in your organization has been ad hoc. Some servers have not had updates applied while other are applying updates immediately. This has resulted in an insecure environment. You are implementing WSUS to begin implementing a controlled process for applying updates to clients and servers.
Lab Review • Why was it appropriate to deploy the firewall rule by using Group Policy? • Is the use of wuauclt.exe typically required when implementing WSUS?
Module Review and Takeaways • Review Questions • Tools

More Related Content

6421 b Module-08

  • 1. Module 8 Increasing Security for Windows Servers
  • 2. Module Overview • Windows Security Overview • Configuring Windows Firewall with Advanced Security • Deploying Updates with Windows Server Update Services
  • 3. Lesson 1: Windows Security Overview • Discussion: Identifying Security Risks and Costs • Applying Defense-In-Depth to Increase Security • Best Practices for Increasing Security
  • 4. Discussion: Identifying Security Risks and Costs What are some of the risks and associated costs to Windows- based networks? 5 min
  • 5. Applying Defense-In-Depth to Increase Security Defense-in-depth provides multiple layers of defense to protect a networking environment Security documents, user education Policies, Procedures, & Awareness Physical Security OS hardening, authentication Firewalls Guards, locks Network segments, IPsec Application hardening, antivirus ACLs, encryption, EFS Perimeter Internal Network Host Application Data
  • 6. Best Practices for Increasing Security Some best practices for increasing security are: Windows Server 2008 Apply all available security updates quickly Follow the principle of least privilege Restrict console login Restrict physical access
  • 7. Lesson 2: Configuring Windows Firewall with Advanced Security • What Is Windows Firewall with Advanced Security? • Discussion: Why Is a Host-Based Firewall Important? • Firewall Profiles • Demonstration: How to Configure Firewall Profiles • Deploying Windows Firewall Rules
  • 8. What Is Windows Firewall with Advanced Firewall? Inbound rules Outbound rules Connection security rules Windows Firewall with Advanced Security is a host-based firewall the protects individual servers Control inbound communication initiated from the network All inbound requests are blocked by default Control outbound communication initiated by the host All outbound requests are allowed by default Configure IPsec for encryption and authentication
  • 9. Discussion: Why Is a Host-Based Firewall Important? Why is it important to use a host- based firewall like Windows Firewall with Advanced Security? 5 min
  • 10. Firewall Profiles The firewall profiles are: Domain Public Private Firewall profiles are a set of configuration settings that apply to a particular network type Windows Server 2008 R2 introduces the ability to have multiple active firewall profiles
  • 11. Demonstration: How to Configure Firewall Profiles In this demonstration you will see how to configure firewall profiles
  • 12. Deploying Windows Firewall Rules You can deploy Windows Firewall rules: • Manually • By exporting and importing firewall rules • By using Group Policy
  • 13. Lesson 3: Deploying Updates with Windows Server Update Services • What Is Windows Server Update Services? • Windows Server Update Process • Server Requirements for WSUS • Configuring Automatic Updates • WSUS Administration • What Are Computer Groups? • Approving Updates
  • 14. What Is Windows Server Update Services? Automatic Updates Server running Windows Server Update Services Automatic Updates LAN Internet Test Clients
  • 15. Windows Server Update Services Process Update Management Phase 1: Assess • Set up a production environment that will support update management for both routine and emergency scenarios Phase 3: Evaluate and Plan • Test updates in an environment that resembles, but is separate from, the production environment • Determine the tasks necessary to deploy updates into production, plan the update releases, build the releases, and then conduct acceptance testing of the releases Phase 4: Deploy •Approve and schedule update installations •Review the process after the deployment is complete Phase 4: Deploy • Approve and schedule update installations • Review the process after the deployment is complete Phase 2: Identify • Discover new updates in a convenient manner • Determine whether updates are relevant to the production environment Identify Evaluate and Plan Deploy Assess
  • 16. Server Requirements for WSUS Software requirements: Hardware requirements are similar to the Windows operating system IIS 6.0 or later Microsoft .NET Framework 2.0 or later Microsoft Management Console 3.0 Microsoft Report Viewer Redistributable 2008 SQL Server 2008, SQL Server 2005 SP2, or Windows Internal Database
  • 17. Configuring Automatic Updates WSUS Server Client Server Client computers must be configured to use the WSUS server as a source for updates Group Policy is used to configure the client servers Other Group Policy settings related to Auto: Update frequency Update installation schedule Whether automatic restarts are allowed Default computer group in WSUS
  • 19. What Are Computer Groups? Computer groups are a way to organize WSUS clients Create custom computer groups to control update application Default computer groups: All Computers Unassigned Computers
  • 20. Approving Updates Updates can be approved automatically but it is not recommended Updates should be tested before they are approved for production Updates can be declined if they are not required Updates can be removed if they cause problems
  • 21. Lab: Increasing Security for Windows Servers • Exercise 1: Deploying a Windows Firewall Rule • Exercise 2: Implementing WSUS Logon information Virtual machine NYC-DC1, NYC-SVR1 User name Administrator Password Pa$$w0rd Estimated time: 45 minutes
  • 22. Lab Scenario • Your organization has implemented new software for monitoring client computers and servers. This software is already installed on the computers, but your central monitoring console is unable to initiate communication with the software. The installation routine for the software did not open the necessary port in Windows Firewall. • You need to deploy a Windows Firewall rule that allows all computers in the organization to respond to communication attempts from the centralized monitoring console that runs on port 10005. Documentation from the product vendor indicates that you can test this port by using a Web browser to view an XML file. • In the past management of updates for clients and servers in your organization has been ad hoc. Some servers have not had updates applied while other are applying updates immediately. This has resulted in an insecure environment. You are implementing WSUS to begin implementing a controlled process for applying updates to clients and servers.
  • 23. Lab Review • Why was it appropriate to deploy the firewall rule by using Group Policy? • Is the use of wuauclt.exe typically required when implementing WSUS?
  • 24. Module Review and Takeaways • Review Questions • Tools