The Network Security. Org

A Wall Around Your Servers

Server isolation builds on the concept of domain isolation, which I described in last month's column. While domain isolation ensures that computers in your Active Directory domains can only communicate with each other, server isolation protects specific servers by tightly controlling which client computers can communicate with them. One nice feature of server isolation is that you can start small and learn how to leverage the IP Security (IPsec) capabilities of Windows to protect your most important servers. During this process you can then build the base for planning towards more comprehensive domain isolation.

Why Isolation?

Last month I discussed the perils of letting computers in your network freely exchange IP packets. In a typical network you don't have control over which computers can connect to each other -- clients and servers gladly accept and process packets from other corporate computers, as they should. However, they just as gladly talk to an unknown laptop plugged into one of your switch ports. The consequences can be dire, if for instance a worm gets introduced and spreads quickly from the rogue computer to the rest of your network. Redmond | Column: A Wall Around Your Servers

More News

• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say
  



• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware