The ins and outs of NT's native security features

Computer security is a hot topic this year, no matter what operating system you use. Your Windows NT system is not immune to security problems, and you may wonder how to secure your system better. Stephen A. Sutton's book, Windows NT Security Guide, will help your NT security endeavors. Sutton is president of Trusted System Services and has a reputation as knowledgeable in the NT security field. His book is a fairly detailed guide to the ins and outs of NT's native security features.

The book covers everything from accounts and domains to recommendations about how to secure installation. The Guide has three basic parts: general information targeted at day-to-day NT users; administration, written for systems administrators; and assessment, designed for people who need to know whether NT is secure enough for their requirements.

Let's quickly peek at each section. In Part 1, "General Use," Sutton discusses user accounts, NT domains, working environment, access control lists, and special situations such as using NT's Remote Access Service (RAS). This part of the book is very useful, especially for those new to NT's security features.

The next section, "Administration," covers planning NT domains, managing groups and accounts, security auditing, the Internet and intranets, trusted computing bases, and NT subsystems such as the Registry. This section finishes with a chapter called "Summary and Checklist." A would-be administrator will find information that will assist in building a good NT domain model and in managing users, groups, and resources adequately. The administration section is similar to Mark Minasi's Mastering Windows NT Server, except that Sutton writes from an acute security perspective, offering detailed information about each security dialog item. The closing "Summary and Checklist" chapter is a handy quick reference list to the complete administration section.

Part 3, "Assessment," consists of one chapter devoted to NT security. This section discusses the Trusted Computer System Evaluation Criteria (TCSEC--better known as the Orange Book--a government gauge for security) as it pertains to NT; networking using TCSEC; and a broad brush of NT security, feature by feature.

The Guide also contains an appendix on secure installations of NT. I found this section the most useful one of the book. The eight pages provide excellent how-to information for almost anyone who is installing an NT system. This appendix covers Registry settings, file systems access control lists (ACLs), user rights policies, and a few miscellaneous items such as disabling booting from floppy disks and limiting access to system-shutdown features.

Overall, Sutton's Guide is useful because it describes each of NT's internal security features. However, the book focuses almost exclusively on teaching the reader about the security features of NT, without much regard to building a secure network or connecting to untrusted networks. You will not learn much from this book about firewalls, proxy servers, virtual private networking, or other functions that you may need to build your NT network environment. Although the book contains a chapter entitled "The Internet and Intranets," half of the chapter very generally describes the types of attacks your network may experience, and the other half quickly discusses some of Microsoft's Internet Information Server (IIS) security concerns.

If you're new to NT security, Sutton's Windows NT Security Guide will help you get started. The book definitely provides valuable information about a hands-on approach to NT security administration, but you'll probably find yourself wanting to learn much more about building a secure computing environment--especially if you're connecting to the Internet or to a business partner's network.

Windows NT Security Guide
Author: Stephen A Sutton
Publisher: Addison-Wesley Developers Press, Reading, Mass, 1997, ISBN 0-201-4196-9
Price: $29.95, 373 pages