Ben’s Blog

Helping Ben’s students keep up with Ben since 2005.

«
»

Implementing NI – 11/9/2009

Posted by Ben on Monday, November 9, 2009

Today’s topic is one of those quintessential networking topics — security.  Today was our first real discussion about the various security methodologies that are out there, but we definitely have brushed over them before.

As you’ll remember, there are several approaches we can take when looking to secure our intellectual property, and we should choose several in order to protect it.  We can choose authorization methods, which have the network require that people prove they are who they say they are (usually by way of username and password) before being allowed access to network assets — as well as setting up user rights and permissions to go along with their accounts.

We looked at the built-in groups that  come with Windows’ initial installation and discussed some of the things users in those groups can do.  For instance, we talked about two common local groups — the administrators and power users groups.  We talked about how the groups are similar in that they have elevated rights, but how the administrator account is able to accomplish so much more (driver installation and most “system” tasks).

We also talked about setting security templates — collections of security settings that we can apply to our machines so that we aren’t spending an inordinate amount of time tweaking mundane settings.  We discussed how Windows comes with its own security templates and how we can come up with our own and apply them to our computers.

The EFS (Encrypted File System) was also discussed — how the file system itself can encrypt files that are only open-able by the user that created them.  In order to do this, you must have the NTFS file system in place.

Finally, we discussed the Microsoft Baseline Security Analyzer (MBSA), which will comb through your system and compare it to the current state your server should be (regarding updates) and known security implementations (requiring compelx passwords, etc.).  It will then show you a report you can use to harden your network, which is a good idea, all around.

Homework:

This entry was posted on Monday, November 9, 2009 at 2:19 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»