Press Release
December 21, 2004
"Securing Windows Server 2003": Hands-On Advice for Securing and Implementing Windows Server 2003
Sebastopol, CA--Microsoft Windows Server 2003 is more than just a
thoroughly modern PC-based server operating system. The product arrives
loaded with a host of user and network services used by customers whose
installations range from departmental servers to global enterprise
networks. Unfortunately, each service has its own vulnerabilities. It's no
wonder that security is of foremost concern to most system administrators.
"Security is one of the primary functions of any server-based operating
system," says security expert Mike Danseglio, author of Securing Windows
Server 2003 (O'Reilly, US $39.95). "Without security, any user or program
could do anything to your servers--and wreak havoc on your ability to
effectively manage the environment." A security administrator wants to
provide functionality and security to users without burdening them or
restricting them in a way that hinders their work. "This is the mark of a
great security administrator," says Danseglio. "The ability to successfully
balance the security of proprietary and personal data and the usability of
your system in a way that maximizes the productivity of your organization."
An elusive goal to many, it is by no means unattainable; with Danseglio's
book, system administrators learn how they can do exactly that.
"I saw a gap in the security knowledge available to the public," reflects
Danseglio. "Microsoft tells people how things work at a very atomic
level--this setting does this, that feature does that. They never really
discuss how to make technology work in a real-world, scenario-based
situation. I wanted to change that and give the reader the opportunity to
apply these technologies to their problems."
The book provides readers with a concise overview of each service in
Windows Server 2003, its most common patterns of use, and specific
guidelines for making it secure. A unique feature of "Securing Windows
Server 2003" is the Security Showdown technique the author uses to present
different approaches to security questions. "This is a point-counterpoint
debate between myself and a semi-fictional coworker, Don. I use it several
times throughout the book to show that some debates about security
methodologies and techniques are not easily answered. Some of them are so
contentious that they seem like religious debates at times," explains
Danseglio.
"You should understand that security-focused individuals tend to have
opinions about security and that they like to argue with people who hold
different values," he continues. "These are good-natured and often help
explain both positions. So please read these sections as I've intended, as
an open discussion of the merits and hazards of multiple tactics to
achieve the same goal."
Throughout the book, Danseglio uses hands-on examples to illustrate
methods of planning and implementing a secure operating environment. The
book provides full coverage of the following topics:
Understanding the capabilities of the Windows Server 2003 system
Learning the basics of security, from encryption to account password
protection
Derailing low-tech intrusions by making systems physically secure and by
using smart cards
Securing Active Directory and using Group Policy and Security Templates
as security tools
Securing the core Windows Server 2003 networking services, including DNS,
DHCP, IIS, IPSec, and remote access
Using Windows Server 2003 authentication and authorization protocols,
including Kerberos, PKI-based cryptography, and certification-based
cryptography
Solving the knotty problems of patch and update management, and
implementing administrative security and auditing
Stopping bad programs from running on your server
The book can be read cover-to-cover to create and implement a security
plan, or individual chapters can function as stand-alone lessons. Either
way, Securing Windows Server 2003 will guide system administrators
safely through the morass of today's security threats.
Early praise for Securing Windows Server 2003:
"A 'must read' for all Windows Server 2003 administrators who care about
creating secured networks."
--Michael Howard, Security Engineering, Microsoft Corporation and coauthor
of Writing Secure Code
"You'll find yourself referring back to Danseglio's easy-to-read advice so
frequently, you'll wish the book had been printed on durable plastic
sheets. Real-world, accurate, and definitely practical."
--Don Jones, author of Microsoft Windows Server 2003 Delta Guide,
speaker, Microsoft MVP, and founder of Braincore.net
Additional Resources:
Securing Windows Server 2003
Mike Danseglio
ISBN: 0-596-00685-3, 426 pages, $39.95 US, $57.95 CA
order@oreilly.com
1-800-998-9938; 1-707-827-7000
About O'Reilly
O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.
Return to: O'Reilly Press Room
|
Recent Press Releases
Press Release Archive »
Resources
Press Contacts
Corporate
Sara Winge
800/998-9938 x7109
Media Relations - North America
Sara Peyton
800/998-9938 x7118
Media Relations - Germany
Corina Pahrmann
+49-221-973160-22
Media Relations - Japan
Kenji Watari
+81-3-3356-5227
Media Relations - United Kingdom
Josette Garcia
+44 (0)1252-721284
Media Relations - Conferences
Maureen Jennings
800/998-9938 x7083
|
