0

Possible Duplicate:
What do I have to configure on my server to increase security from default?

Hello, I am a "returning" MS Windows Server admin, I haven't been in in MS server business for a while. I have been asked to setup a Windows Server for development purposes.

Could you please recommend basic security products: Firewall and Antivirus. Any advice on security practices or useful resources are highly appreciated.

Thank in advance.

Community
  • 1
Dean
  • 979
  • 3
  • 9
  • 19

2 Answers2

2

A simple search would have turned up the following information.

Windows Server 2003

Is Windows 2003 Firewall appropriate for a web server?

What do I have to configure on my server to increase security from default?

Do I need a hardware firewall for Win 2003?

Windows Server 2003: Need Security Tips and DNS Info

Windows Server 2008

How Can I Harden the TCP/IP Stack in Windows Server 2008?

What is the best way to harden Windows Server 2008 R2?

How can a block IP addresses using Windows Server 2008 firewall?

Windows Server 2008 firewall: do I need to set outbound rules?

Miscellaneous

https://serverfault.com/questions/111316/recommended-networking-and-security-books

Community
  • 1
GregD
  • 8,713
  • 1
  • 23
  • 35
  • I understand that it would, its not laziness. Not being around for so long, plus not being a full time sys-admin, I wanted to ask for experienced administrators opinions. Thanks for the links. – Dean Jan 03 '11 at 15:43
2

I don't like to recommend particular products because it's a moving target; what might be suitable for my needs today may not be suitable for my needs tomorrow, let alone suitable for your needs in the first place.

If you read proper reviews, e.g. the virus bulletin AV reviews and NOT the reviews in computer magazines which are often written by idiots and in any case aimed at home users, you may see them mention products that perform well in certain circumstances (e.g. requirements for file server, web server and email server can be very different, how important is policy based centralised management and deployment to you?). Choose a scanner that closely matches your circumstances and trial it.

As for the other stuff, again depends on what you're trying to do. Configuration requirements for a web server or edge email server are different from those for a general LAN file server.

With firewalls, again researching your proper requirements is king but I'd be looking to protect all servers with the Windows firewall itself, and wrap the whole LAN up with a "proper" (for want of a better word) firewall solution as well.

I've had good results with a "back to back" configuration with something like sonicwall/Fortinet on the outside perimeter and ISA/Forefront on the internal side. That doesn't mean that this config or my product choices are the right choices for you however, but it gets you started.

Rob Moir
  • 31,664
  • 6
  • 58
  • 86