Questions

Hardening Server 2008 R2

+
0 Votes
Locked

Hardening Server 2008 R2

James Schroer
I'm tasked with building a Windows 2008 R2 image for our enterprise but I need a little help getting started. I've worked with many different windows server images that were hardened/secured by other teams but I've never done this my self before. Now I'm starting from a fresh Windows 2008 R2 build and I want to start securing it. Where do I start? Can everything in 2008 R2 be hardened by GPO? Or is there still a lot of stuff that needs to be done to the image to secure it? Any documentation of just a general hardening would be helpful.
+
0 Votes
robo_dev

Be sure to goto nist.gov not nist.org. Nothing against the other site, but it's not what you want

http://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=228

+
0 Votes
James Schroer

Thanks, I'll start with that and see where it takes me.

+
0 Votes
Nimmo

Some general adive on hardening a system is to remove any un-used services and applications.

I found this link which shows the basic steps you can start off with http://blog.tevora.com/enterprise-applications/10-steps-to-harden-windows-server-2008-2/

Also download the Windows Server 2008 security guide from here http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17606