Basic Rules Security Windows Server Auditing DNS …

1 M ay 2015 Basic Rules of Window s Ser verSecur it ySecurity News: PCI DSS v3 Im plem entation HurdleTop Tips for Windows Server Securit yUseful How-tos for Windows ServerPowerShell to Secure Windows ServerQuick Reference Guides: Windows Server AuditingDNS Auditing3M ay 2015 SysAdmin M agazine Basic Rules of Windows Server Securit yby Russell Sm ithTen Sim ple Ways t o Prevent Securit y Breaches in Windows Server 2012by Krishna Kum arPCI DSS v3's N um ber One Im plem ent at ion Hurdleby John O'Neill Sr. Windows 10 Technical Preview: N ew Securit y Feat uresby Krishna Kum arCont ent s581113 How t o Det ect Who Creat ed a Scheduled Task on Windows Server 19M ay 2015 SysAdmin M agazine Secure PowerShel Remoting Using Constrained Endpointsby Russell SmithQuick Reference Guide: Windows Server AuditingHow to Monitor Deletion of DNS Records2223 Monitoring Event Logs with PowerShellby Russell Sm ith 17 How t o Det ect Unaut horized Soft ware Inst allat ion on Windows Server - Who?

2 What ? When?15 Quick Reference Guide: Exchange Server Auditing24 Basic Rules ofWindows Server Security by Russell Smith M ay 2015 SysAdmin M agazine 3 Specializing in the m anagem ent and Security of Microsoft-based IT system s, Russell is the author of a book on Windows Security and a contributing author and Windows Server is considered to be secure out-of-the-box, like any part of your IT infrastructure, it needs to be patched, monitored and configured in an ongoing effort to ensure that it isn?t left exposed to attack. Let go through some of the tools and best practices that can help you keep Windows Server protected.

3 M ay 2015 SysAdmin M agazine 4 Configure Baseline Securit y To keep the attack surface to a m inim um , Windows Server ?s m odular design allows you to add Server roles and features as required. Nevertheless, Windows Server is configured to provide interoperability and backwards com patibility with legacy system s out-of-the-box, and though this is convenient and m akes Windows Server easier to use, it can leave system s vulnerable. Sm all businesses that have lim ited IT resources can use the Security Configuration Wizard (SCW) to lock down Windows Server .

4 SCW is installed by default in Windows Server 2012 R2, and can be found on the Tools m enu in Server Manager. The wizard creates Security policies based on a series of questions you answer about your Server , which then can be applied to the local device, or converted to a Group Policy Object (GPO) and used to configure one or m ore servers if you have Active ?s free Security Com pliance Manager (SCM) tool com es bundled with a series of tem plates for securing Windows Server and client devices. SCM gives adm inistrators m ore control over the settings applied than SCW, and allows you to create custom Security baselines, and com pare settings between tem plates.

5 Separat e Adm inist rat ive Dut ies and Least Privilege Securit y Virtualization technologies m ake it easier than ever to separate out Server roles, so you should m ake sure that dom ain controllers don?t host other Server roles or applications, and are never used to perform everyday adm inistration tasks. Installing Server roles and applications on separate servers gives you m ore control over adm inistrative privileges, and helps to im prove Security by ensuring access to critical system s can be appropriately restricted. In a sim ilar vein, dom ain adm inistrator accounts should only be used where absolutely necessary.

6 Using dom ain adm inistrator accounts to m anage workstations for exam ple, m akes it considerably easier for an attacker to get access to those credentials, at which point you can consider your entire Windows infrastructure owned. M onit oring and Audit ing Windows Server has built-in tools for m onitoring and Auditing , such as Event Viewer and som e handy PowerShell cm dlets. While using custom views in Event Viewer is useful for getting an overview of Server events, and PowerShell an option if you have the tim e and resources to create your own solution, the best way to ensure that Windows Server stays secure, and to m onitor configuration changes, is to deploy a third-party change Auditing solution.

7 Auditing solutions provide critical and detailed inform ation about who changed what, when and where, and includes ?before? and ?after ? configuration data so you can easily understand what has changed. Reporting features allow you to easily understand the changes that are occurring across your Windows Server estate, including applications such as Active Directory and Exchange, and in different easy-to-read form ats using pre-configured reports included with the software, so that you can get started quickly. They also go beyond the Auditing capabilities native to Windows Server to help better secure your system s by pulling inform ation from a wider variety of sources, and have extra features such as user activity video recording.

8 Windows Server is configured to provide interoperability and backwards compatibility with legacy systems out-of-the-box, and though this is convenient and makes Windows Server easier to use, it can leave systems vulnerable. Auditing solutions provide critical and detailed information about who changed what, when and where, and includes ?before? and ?after ? configuration data so you can easily understand what has Sim ple Ways to Prevent Securit y Breaches in Windows Server 2012 by Krishna KumarM ay 2015 SysAdmin M agazine 510+ years in IT Industry specializing in designing, im plem entation and adm inistration Windows Server is one of the most commonly deployed critical systems in the organization.

9 Most of the applications used in the organization are also Windows based, plus there are other legacy applications built on these Windows platforms. Since these servers are used the most, they need to be configured with tight Security . The latest ones, Windows Server 2012 and Windows Server 2012 R2 have some great Security features and improvements to protect from Security threats and vulnerabilities. These features need to be implemented and configured to prevent against any kind of Security breaches occurring in the environment. Given below are ten simple ways to prevent Security breaches in Windows Server 2012.

10 M ay 2015 SysAdmin M agazine 61. M icrosoft Securit y Assessm ent ToolMicrosoft Security Assessm ent Tool is a free tool which helps identify and assess Security threats providing the guidelines for m inim izing risks quickly and efficiently. This single tool can run across the com plete environm ent like a PC Server , database or other heterogeneous environm ent. It has ?a set of hundred questionnaires? which helps understand the Security strategy and uses best practices to give the m ost appropriate recom m M icrosoft Securit y Baseline AnalyzerMicrosoft Security Baseline Analyzer helps scan the local and rem ote system s with eight categories of effectiveness, trustworthiness and reliability.