Windows 7 / Getting Started

Using Common Practices for Securing and Managing Windows Server 2008

There are a handful of practices used to secure and manage a Windows 2008 environment. The first is to identify security risks to determine what the organization needs to be concerned about when applying a security policy. The second is that the organization can implement a tool like Microsoft Operations Manager to monitor the network and simplify management tasks on a day-to-day basis. And the third is to use maintenance practices to improve the ability of keeping the network environment stable and operational.

Identifying Security Risks

A network's security is only as good as the security mechanisms put into place and the review and identification process. Strong security entails employing Windows 2008 security measures, such as authentication, auditing, and authorization controls, but it also means that security information is properly and promptly reviewed. Information that can be reviewed includes, but isn't limited to, Event Viewer logs, service-specific logs, application logs, and performance data.

All the security information for Windows 2008 can be logged, but without a formal review and identification process, the information is useless. Also, security-related information can be complex and unwieldy depending on what information is being recorded. For this reason, manually reviewing the security information might be tedious but can prevent system or network compromise.

The formal review and identification process should be performed daily. Any identified activity that is suspicious or could be potentially risky should be reported and dealt with appropriately. For instance, an administrator reviewing a particular security log might run across some data that might alert him of suspicious activity. This incident would then be reported to the security administrator to take the appropriate action. Whatever the course of action might be in the organization, there should be points of escalation and remediation.

Using System Center Operations Manager 2007 to Simplify Management

Many of the recommendations in this tutorial focus on reviewing event logs, monitoring the configuration, and monitoring the operations of the Windows 2008 system. This can be difficult to do for an administrator on a daily basis and the problem is proportional to the number of servers that an administrator is responsible for. Microsoft has developed a product to make these tasks easier and more manageable, namely System Center Operations Manager 2007.

System Center Operations Manager 2007 is an enterprise-class monitoring and management solution for Windows environments. It is designed to simplify Windows management by consolidating events, performance data, alerts, and more into a centralized repository. Reports on this information can then be tailored depending on the environment and on the level of detail that is needed and extrapolated. This information can assist administrators and decision makers in proactively addressing Windows 2008 operation and any problems that exist or might occur.

Many other intrinsic benefits are gained by using System Center Operation Manager 2007, including, but not limited to the following:

  • Event log monitoring and consolidation
  • Monitoring of various applications, including those provided by third parties
  • Enhanced alerting capabilities
  • Assistance with capacity-planning efforts
  • A customizable knowledge base of Microsoft product knowledge and best practices
  • Web-based interfaces for reporting and monitoring

Leveraging Windows Server 2008 Maintenance Practices

Administrators face the often-daunting task of maintaining the Windows 2008 environment in the midst of daily administration and firefighting. Little time is spent identifying and then organizing maintenance processes and procedures.

To decrease the number of administrative inefficiencies and the amount of firefighting an administrator must go through, it's important to identify those tasks that are important to the system's overall health and security. After they've been identified, routines should be set to ensure that the Windows 2008 environment is stable and reliable. Many of the maintenance processes and procedures described in the following sections are the most opportune areas to maintain.

[Previous] [Contents] [Next]

In this tutorial:

  1. Windows Server 2008 Management and Maintenance
  2. Initial Configuration Tasks
  3. Managing Windows Server 2008 Roles and Features
  4. Server Manager
  5. Server Manager Diagnostics Page
  6. Server Manager Reliability and Performance Monitor
  7. Server Manager Configuration Page
  8. Server Manager Storage Page
  9. Auditing the Environment
  10. Auditing Resource Access
  11. Managing Windows Server 2008 Remotely
  12. Server Manager Command-Line Tool
  13. Using Common Practices for Securing and Managing Windows Server 2008
  14. Keeping Up with Service Packs and Updates
  15. Maintaining Windows Server 2008
  16. Running the Domain Controller Diagnosis Utility