In today's business environment it is no longer safe to conduct any business on the Internet without first protecting it. Small, medium, and large corporations require a massive dose of security to protect themselves and their digital assets from unwanted intruders. A managerial guide and practical technical tutorial, Securing Windows NT/2000: From Policies to Firewalls provides viable security solutions for your organization. The author presents in-depth knowledge on how, why, and where these operating systems must be tuned in order to use them securely to connect to the Internet. The book includes the steps required to define a corporate security policy, how to implement that policy, and how to structure the project plan. Tables, charts, and work templates provide a starting point to begin assessing and implementing a solution that will fit the unique needs of your organization. Part two provides the reader with practical hands-on applications for the preparation, installation, and tuning of Windows NT/2000 operating systems. Securing Windows NT/2000 provides step-by-step instructions that guide you through performing a secure installation and in preparing the system for secure operation on the Internet. Although a multitude of firewall application software can be used in conjunction with the sections detailing the securing of the operating system, Check Point FireWall-1/VPN-1 is used as it best demonstrates the effectiveness of translating the corporate security policy into a practical reality.
About the Author:
Michael Simonyi (www stonewallem.com) is an IT professional working for private sector enterprise organizations. He has over 12 years of practical and theoretical experience, from mainframe systems to PC client/server networks. His areas of expertise center on practical systems management, networking, databases, and application architecture, with emphasis on quality.
Michael A. Simonyi (Stonewall'em Etobicoke Ontario Canada)
Auerbach Publishers Inc.
Country of Publication:
29 April 2002
Professional and scholarly
Professional and scholarly
Professional & Vocational
Further / Higher Education
Executive Management Overview A Need for Security What is Security? Attaining a Level of Security The Importance of Checks and Balances Access Controls Communication and Training Attaining a Level of Security Identifying Risks Physical Security Logical Security Employee or Human Resources Security Assessing Risk Establishing Controls Monitoring Controls Responsibility and Accountability Internal Systems Control Structures General Process for Change Management Operations Control Log System Work Log What is a Security Policy? Steps to a Security Policy Why is a Security Policy Needed? What Does a Security Policy Do? Implementing the Security Policy Involving and Informing Management Communication of the Security Policy Internal Controls Scenario Example Sample Security Policies Security Return on Investment Perimeter Security Scenarios Basic Bastion Host (Dual-Homed Host) Multi-Homed Bastion Host Hybrid Multi-Homed Bastion Host Directions in Security Perimeter Security Trusted Systems Intrusion Detection Systems Intrinsic Security Honey Pots Corporate Security Requirements for Conducting Business over the Internet Internal Corporate VPNs Business Partner VPNs The Mobile Workforce and VPNs Systems Management and Security The Virtual Workforce Implementing Check Point FireWall-1/VPN-1 with Windows NT and Windows 2000 Performing Background Preparation Assembling the Hardware Materials List Network Settings Password Selection Documentation Software Patches Communications and Protocol Selections Registry Tuning System Policies Installing the Operating System Microsoft Windows NT 4.0 Server Installing Check Point FireWall-1 Configuration for a Multi-Homed Host or DMZ Configuration Defining the VPN SecuRemote Windows 2000 Server Setup, Installation, and Configuration for Check Point FireWall-1/VPN-1 Check Point FireWall-1/VPN-1 Operating Notes Enhancing the Security Infrastructure Virus Protection Fault Tolerance and Load Balancing Reporting and Management Encryption Acceleration Public Key Infrastructure Authentication Intrusion Detection Backup and Recovery Appendices DoD Security Classifications Asset Inventory List Windows NT 4.0 SP6a Post Security Rollup Patch List Letter Issued to Customers of the Egghead E-Commerce Site and Press Release Virus Memo Sample Systems Operations Procedures Manual Systems Policies and Guidelines Computer Security and Usage Policy References Index