70-216 - I secure server

Author

I secure server

drizzits

2002-09-12, 10:49 am

Hey everyone,

I have a question for you. We want to set up secure server. Now the one problem we are running into is this. WE want to encrypted the data on the hard drive. But the problem is EFS is not recommmeneded for this per microsoft fi you are goin got share files amongst users.

Any Ideas on how to solve this problem.

Drizzits

jeff_j_black

2002-09-12, 11:07 am

You can't use EFS on shared files. You can and should control access to data with share and file folder permissions. If you have a server with sensitive data, regular users should not be able to log on locally and the server should be physically secured. There may be third party encryption programs that you would give everyone the password to, but that would kind of invalidate its use anyway.

cm2gj

2002-09-14, 4:18 pm

quote:
Originally posted by drizzits
Hey everyone,

I have a question for you. We want to set up secure server. Now the one problem we are running into is this. WE want to encrypted the data on the hard drive. But the problem is EFS is not recommmeneded for this per microsoft fi you are goin got share files amongst users.

Any Ideas on how to solve this problem.

Drizzits

like jeffblack says, you must take advantages of NTFS5 and win2k Features. Use the NTFS permisions and Shared folder permisions with a good design and you will have a good secure server........

some good best practice is change the admin account name, disable services that you don't need like IIS, Terminal, etc. Use policies to make a better secure server (ie: passwords policies, audityng loggind events, etc)

CyberDude

2002-09-15, 12:25 pm

If you had XP, you could share EFS files.

You could use IPSec policies and Certficates. If you only want certain users to access this server, config the server as secure server, and the clients as server (as the clients will no doubt want to be able to connect to other resources as well.

Sponsored Links