IT News & Technology update

Provide comprehensive update related to Computer, technology, software, anti virus and another electric device

Windows Server 2008 (Security)

Written by IT News on 10:50 PM

From a security perspective Windows Server 2008 includes Network Access Protection (NAP). The NAP engine ensures that workstation computers that connect to your network meet minimum computer defined requirements set forth in the security policy your administrator creates.

For example, a virtual employee visits corporate HQ for the first time in four weeks with his laptop. When he hooks up to the network, he is required to update security and critical windows patches before connecting to the network. Until all this work is done, the laptop via NAP can be quarantined or denied access completely until the computer meets the minimum health requirements.

In a perfect world, all domain controllers would be in a single server room with unlimited bandwidth and power with constant surveillance. We do not live in this world and in many corporations there are quite a few satellite or branch offices throughout the country or world. In Window Server 2008, you can configure Read-Only Domain Controllers (RODC).

An RODC is a domain controller that you could install at a remote location and its sole purpose is to host a read-only copy of your Active Directory (AD) database. This method gives you peace of mind in not having to worry about the physical security of a domain controller hundreds or thousands of miles away. The RODC holds a minimal set of information and all changes made must come from a domain controller with full control that replicates to the RODC.

For example, a major car dealership could have all of their domain controllers in corporate headquarters and put an RODC in every dealership location throughout the country instead of the current common practice of a full-control domain controller. I am really excited about this feature in Windows Server 2008.

Related Posts by Categories

Widget by Hoctro | Jack Book
  1. 2 comments: Responses to “ Windows Server 2008 (Security) ”

  2. By Jan Adler on July 10, 2007 at 6:08 AM

    That's a really great enhancement! While we in our company have already implemented some steps in this direction by rolling up Desktop Authority from Scriptlogic and providing the mobile access security for users coming to our network with their laptops either externally or internally it'll be great to get the security control on the protocol level and double the strength of security level. That's especially interesting to get this implemented for the areas where we store security documentation and sensible data. And yes, RODC is a great functionality provided that it is used where needed. In desktop authority we use a separate method to protect our settings from unwanted changes. We just don't gibe our junior administrators the ability to make changes to the configuration of modules we use within Desktop Authority to manage the domain computers. Where's it doesn't give the ability to block from changing active directory objects if the user has domain administration rights, it provides the ability to limit the manage scope of those admins and provide them with only that functionality that they are taking the responsibility of.

  3. By IT News on July 11, 2007 at 5:46 AM

    Hello Jan Adler,

    Anyway thanks for your comment
    share me more about your experience on that issue.


Search This Blog

Ads and Sponsored by:

Want to subscribe?

Subscribe in a reader.