Windows 2000 Professional: Alter NetMeeting policies to secure data
While Windows Messenger has gradually replaced NetMeeting for online chatting and desktop conferencing, NetMeeting installs by default on Windows 2000 systems. Among other things, NetMeeting enables users to share applications and allow others to access their desktops.
However, these activities can pose a security risk, enabling outsiders to access sensitive data. You can prevent users from sharing applications or their desktops with NetMeeting by setting a handful of group policies, either at the local level or at the domain or organizational unit levels.
To set the policies at the local level, open the MMC, and add the Group Policy snap-in focused on the local computer. Browse to the User Configuration\Administrative Templates\Windows Components\Netmeeting\Application Sharing branch.
Several policies in this branch limit sharing partially or altogether. To determine a policy's function, double-click the policy, and select the Explain tab to view an explanation of its function.
To further secure your network and data, you should also spend some time examining the additional policies offered in the NetMeeting branch. For example, if enabled, the Prevent Sending Files and Prevent Receiving Files policies in the NetMeeting branch will prevent file transfers via NetMeeting.
Windows 2000 Server: Enable multilink connections
The Routing and Remote Access Service (RRAS) supports the Multilink feature, which enables clients to dial into a Windows 2000 RRAS server with multiple connections to increase bandwidth. For example, a user might connect using two 56-K modems to achieve a total bandwidth of 112 K (although the actual bandwidth will be somewhat less). Multilink is also useful for aggregating both B channels of an ISDN BRI connection.
To allow multilink connections, you must first enable multilink for the server. Open the RRAS console from the Administrative Tools folder, right-click the server in the console, and choose Properties. On the PPP tab, select the Multilink option, and click OK.
By default, remote access policies follow the server settings for multilink. Therefore, if you've configured the server to allow multilink connections, clients will be able to use multilink.
If you want to restrict the use of multilink connections to specific users, you must modify the default remote access policy to deny multilink and then add a new policy applicable to the necessary clients that enables it.
To disable multilink for the default policy, open the Remote Access Policies branch, and double-click the default policy. Click Edit Profile, click Multilink, select Disable Multilink, and click OK twice. Add a new policy that applies to the allowed group, and enable multilink on the Multilink tab for that policy.