organization
with more than just static images that get pushed out like in RIS, but rather a tool that
provides ongoing and manageable updates to image files.
WDS also supports the imaging of Windows 2003 servers and Windows XP client systems
in the same manner that RIS did in terms of pushing out images or using an unattend
script file to send images to systems.
Windows Deployment Services is covered in detail in Chapter 26, “Windows Server 2008
R2 Administration Tools for Desktops.”
Improvements in Security in Windows Server 2008 R2
Significantly more than just cosmetic updates are the security enhancements added to
Windows Server 2008 R2. As organizations are struggling to ensure that their environ-
ments are secure, employees can depend on information privacy, and content is protected
for regulatory compliance reasons; having the tools to secure the environment is critical.
Enhancing the Windows Server 2008 R2 Security Subsystem
Part IV of this book, “Security,” is focused on security in the different core areas. Chapter
13 addresses core security subsystems of Windows Server 2008 R2 as it relates to server
systems. This includes the basics of server hardening, patching, and updating but also
extends into new server security areas added to Windows Server 2008 R2, such as device
control level security, wireless access security, and Active Directory Rights Management
Services (RMS). Windows Server 2008 R2 has continued the “secure by default” theme at
Improvements in Security in Windows Server 2008 R2
27
Microsoft and no longer installs components like Internet Information Services (IIS) by
default. The good part about it is that components that are not core to the operation of a
1
server are not installed on the system; however, it means every time you install software,
you need to add basic components and features. Getting to remember what has to be
installed, configured, or made operational is important as servers are being built and
added to a Windows Active Directory environment.
Transport Security Using IPSec and Certificate Services
Chapter 14, “Transport-Level Security,” addresses site-to-site and server-to-server security,
addressed through the implementation of IPSec encryption. Not new to Windows, IPSec
has finally gotten several new Group Policy management components added to aid in the
implementation and management of IPSec in the enterprise. Also not new to Windows,
but something that has been greatly enhanced, is Microsoft’s offering around Public Key
Infrastructure (PKI), specifically Certificate Services. It seems like everything security
related is somehow connected to certificates, whether that is file encryption using
Encrypting File System (EFS), email encryption using S/MIME, remote mobile device
synchronization using certificate access, or transport security using IPSec. Everything
needs a certificate, and the ability of an organization to easily create and manage certifi-
cates is the focus of Chapter 14.
ptg
Security Policies, Policy Management, and Supporting Tools for
Policy Enforcement
Completely new to Windows Server 2008, updated in Windows Server 2008 R2, and a
major focus for organizations are security policies and policy management around security
systems. It used to be we would just lock down systems, make sure they were secure by
default, and use our best judgment and best effort to secure a network. However, with
laws and regulations, or even human resource departments getting involved in informa-
tion security, the root of all IT security practices fall on having set security policies defined
so that IT can implement technologies to address the organization policies around infor-
mation security. This is covered in detail in Chapter 15, “Security Policies, Network Policy
Server, and Network Access Protection.”
Chapter 15 goes beyond the policies and common best practices around policy manage-
ment in an
with more than just static images that get pushed out like in RIS, but rather a tool that
provides ongoing and manageable updates to image files.
WDS also supports the imaging of Windows 2003 servers and Windows XP client systems
in the same manner that RIS did in terms of pushing out images or using an unattend
script file to send images to systems.
Windows Deployment Services is covered in detail in Chapter 26, “Windows Server 2008
R2 Administration Tools for Desktops.”
Improvements in Security in Windows Server 2008 R2
Significantly more than just cosmetic updates are the security enhancements added to
Windows Server 2008 R2. As organizations are struggling to ensure that their environ-
ments are secure, employees can depend on information privacy, and content is protected
for regulatory compliance reasons; having the tools to secure the environment is critical.
Enhancing the Windows Server 2008 R2 Security Subsystem
Part IV of this book, “Security,” is focused on security in the different core areas. Chapter
13 addresses core security subsystems of Windows Server 2008 R2 as it relates to server
systems. This includes the basics of server hardening, patching, and updating but also
extends into new server security areas added to Windows Server 2008 R2, such as device
control level security, wireless access security, and Active Directory Rights Management
Services (RMS). Windows Server 2008 R2 has continued the “secure by default” theme at
Improvements in Security in Windows Server 2008 R2
27
Microsoft and no longer installs components like Internet Information Services (IIS) by
default. The good part about it is that components that are not core to the operation of a
1
server are not installed on the system; however, it means every time you install software,
you need to add basic components and features. Getting to remember what has to be
installed, configured, or made operational is important as servers are being built and
added to a Windows Active Directory environment.
Transport Security Using IPSec and Certificate Services
Chapter 14, “Transport-Level Security,” addresses site-to-site and server-to-server security,
addressed through the implementation of IPSec encryption. Not new to Windows, IPSec
has finally gotten several new Group Policy management components added to aid in the
implementation and management of IPSec in the enterprise. Also not new to Windows,
but something that has been greatly enhanced, is Microsoft’s offering around Public Key
Infrastructure (PKI), specifically Certificate Services. It seems like everything security
related is somehow connected to certificates, whether that is file encryption using
Encrypting File System (EFS), email encryption using S/MIME, remote mobile device
synchronization using certificate access, or transport security using IPSec. Everything
needs a certificate, and the ability of an organization to easily create and manage certifi-
cates is the focus of Chapter 14.
ptg
Security Policies, Policy Management, and Supporting Tools for
Policy Enforcement
Completely new to Windows Server 2008, updated in Windows Server 2008 R2, and a
major focus for organizations are security policies and policy management around security
systems. It used to be we would just lock down systems, make sure they were secure by
default, and use our best judgment and best effort to secure a network. However, with
laws and regulations, or even human resource departments getting involved in informa-
tion security, the root of all IT security practices fall on having set security policies defined
so that IT can implement technologies to address the organization policies around infor-
mation security. This is covered in detail in Chapter 15, “Security Policies, Network Policy
Server, and Network Access Protection.”
Chapter 15 goes beyond the policies and common best practices around policy manage-
ment in an
Similar Books
