This guide is the joint product of a community of Windows security managers and experts, who have voluntarily shared their experiences in this field so that others may benefit. The guide can be used to substantially improve the security of Windows 2000 computers and networks.
Just as Windows 2000 is the next evolution of Windows NT 4.0, this document is built on Securing Windows NT 4.0 Step-by-Step Guide, also produced by The SANS Institute. It was the joint product of Windows security managers and experts who, together, support more than 286,000 users and have more than 380 years of Windows security experience. Those professionals continue to contribute on a regular basis.
This booklet largely applies to both Windows 2000 Server environments and, almost as importantly, Windows 2000 Professional environments. Since Windows environments are almost universally networked and/or part of a domain, securing individual workstations is as important as securing the servers.
SANS' Step-by-Step series raises information sharing to a new level in which experts share techniques they have found to be effective. They integrate the techniques into a step-by-step plan and then subject the plan, in detail, to the close scrutiny of other experts. The process continues until consensus is reached. This is a difficult undertaking. A large number of people spend a great deal of time making sure the information is useful and correct.
Windows environments are constantly evolving as new applications and users are added, as new threats and responses emerge, as new Hot Fixes and Service Packs are offered, and as new versions are released. Hence no prescription for setting up a secure environment can claim to be a comprehensive and timeless formula for absolute safety.
Though the booklet provides valuable guidance, it is not a text on the subject. Texts provide background on the way Windows 2000 security, cryptography, and other relevant technologies work, and on less sensitive administrative techniques. In addition, the booklet can not replace in-depth training by skilled instructors. Such security training should be mandatory for new Windows system and security administrators where security is important. Furthermore, acting on all the steps in this booklet does not obviate the need for an overall corporate security policy, effective user education, or for monitoring electronic sources of security updates and acting upon the information they provide. The appendix lists the most popular Windows NT/2000 security web sites and mailing lists that are popular sources of new security threats and solutions.
Securing Windows 2000 Step-by-Step parallels the phases of the implementation and operation of a Windows 2000 system. Steps are organized into those phases and each step's description includes some information about the problem the step is intended to solve, the actions that need to be taken, tips on how to take the action if it is not obvious, and caveats where they add value. Where actions are more appropriate for organizations with extremely critical security requirements, they are noted with the word "Advanced." The primary focus is on servers, connected in networks, with or without domain services, though some recommendations affect workstations, as well.