Windows NT Security Handbook

Without truly understanding the intricacies of network security, many systems administrators erroneously believe their Windows NT workstations and servers are secure. One advantage of NT is the first-class security premise on which Microsoft designed and built it. But unless you master the elaborate NT security architecture and correctly implement all the necessary security features, NT's effective security innovations will not protect your system.

Network security threats come from far and wide--from an internal disgruntled user or systems administrator, from Internet hackers worldwide, and even from accidental and calamitous mishaps. Implementing an effective security system starts by focusing on the primary security issues for your system.

NT security is a topic that deserves its own book, and such is Tom Sheldon's Windows NT Security Handbook. Sheldon is an experienced network engineer, programmer, and consultant and has written more than 20 books. The handbook reflects his experience.

A Practical Publication
Whereas many security texts are heavily theoretical and are based on laboratory tests, the handbook is extremely practical, with numerous real-world examples. It is an exhaustive reference that guides you through the issues that face network and security administrators responsible for NT-based systems.

Although the NT documentation and even Microsoft Windows NT Server Resource Kit and Microsoft Windows NT Workstation Resource Kit contain sections on security, neither is written as clearly and precisely as the handbook. For every possible security breach mentioned in the handbook for NT systems, both standalone and networked, Sheldon provides an appropriate solution you can implement.

The handbook's opening section, "Security Boot Camp," is devoted to general security issues and policies. As the name implies, this section discusses the essentials of network and computer security. The overview covers everything from definitions to C2 security, including policies, security management, and protective measures.

Security Strategies
Experienced security administrators may want to scan the overview section quickly and jump to page 100. Where, Sheldon begins exploring in detail all of NT's security features and potential security holes that can place an enterprise at risk.

Sheldon illustrates how to develop security strategies for NT networks and how to monitor for possible hackers or unauthorized activity. The handbook takes a defensive approach (necessary in any production environment) to developing strategies and countermeasures that minimize security risks.

Sheldon concentrates on the following areas:

• analyzing, evaluating, and monitoring NT system security
• implementing a security policy
• securing remote-access and mobile users
• securing NT in an Internet and intranet environment
• controlling domains, domain logons, and security
• controlling encryption, electronic commerce security, and virus invasion
• avoiding or fixing security holes in NT
• protecting the system from techniques hackers use to break in
• implementing and securing user accounts and file system permissions
• protecting private and virtual WANs that span the globe
• providing security for multiplatform, multiapplication environments
• building Internet firewall defenses on NT Server platforms
• securing Microsoft BackOffice
• implementing firewalls and proxy servers, including Microsoft Proxy Server
• securing Microsoft Internet Information Server (IIS)

From this list, you can see that the handbook is a comprehensive guide to protecting your NT system effectively.

Domain Models and Security
The handbook also provides great detail about one of the most confusing aspects of NT: domains. Sheldon explains the different types of NT domains and the security issues and the resolution needed for each domain type.

No matter which domain model your system uses, you cannot be too concerned about security. Sheldon writes that paranoia is a good thing: The more you worry about system security, the more likely you will protect your system from attack. However, he also states that security is often put on the back burner because many network administrators reactively put out network fires or single-mindedly strive for better performance on their networks. Although network throughput is crucial, what good is a fast server if a rogue user can crash the system and cause costly losses?

The Big Picture
The book attempts to resolve major security issues and give you a big-picture solution. Throughout the handbook, Sheldon lists hundreds of available resources and vendors for solutions to the security issues and problems he discusses. You can use these resources to design and implement a total security system without gaps.

For more information, Sheldon maintains a Web page (http://www.ntresearch.com) that contains several additional NT security white papers and references. The handbook also lists hundreds of relevant security and NT-based universal resource locators (URLs) where you can find assistance and advice.

The book concludes with a step-by-step description of how to evaluate security status on an NT device. Sheldon provides a detailed, standard evaluation process for eight different NT security criteria.

Don't Expose Your System
If you do not have an effective security system in place, you might as well have a virtual neon "Hack Me" sign attached to your network that simultaneously flashes "Secure Me." If you need a guide to NT system security and general information system security, get a copy of Sheldon's Windows NT Security Handbook. It is a thorough, informative book about NT security. Just as many systems administrators do not know how to secure their systems, many hackers do know how to enter an unsecured system.

Windows NT Security Handbook

Author: Tom Sheldon Publisher: Osborne McGraw-Hill, Berkeley, CA, 1997, ISBN:0-078-82240-8 Price: $34.99, 679 pages