General discussion


Global Policies

By pr0teus ·
This will be my first time setting up global policies (hope it's as good for me as it is for them).

I'm administering a network of 40+ users. PDC is NT4, but most workstations are Win2k, 5-10 are XP and perhaps another 5 are NT4 WS's.

Also have a Terminal server for branches that connect to us by wireless (they aren't a part of our network, not administered by PDC, they simply use the term. server to access a specialised software). Additionally, we have a proxy server running ProLAN Suite (yeah crappy - I know). This administers emails and http. And finally, a fax server.

We also plan to set up an SMS server to administer patches.

I want to set policies to:

- Disable FTP from desktops
- Disable patch/update downloads
- Limit user privileges
- Any other recommendations you (the pundits) may have

What are my steps?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Change platforms

by Richard.Vickery In reply to Global Policies

Linux does all that stuff, and everything else that you could possibly want to do. Linux was born on, and grew up on the network, setting user privaleges is what it does best without the need to find other programs to do stuff. It also does text, word-processing, and can serve Microsoft work-stations, if need be; but who would want to do that?

Collapse -

Thanks but...

by pr0teus In reply to Change platforms


I'm a big fan/supporter of Linux, but I'll try to wean them off MS later. Right now, I'm just seeking some guidance as to how to do GP's.

Collapse -

Well first put everything behind a NIX of some description

by HAL 9000 Moderator In reply to Global Policies

NT was never a great Server platform to begin with and with no support it's even worse now. You'll need to have some very heavy duty Protection on the dangerous side of the DMZ and Windows NT just isn't up to that task.

With NT$ and Y2K there shouldn't be too many problems with the network but you'll have to be running XP in Mixed Mode to communicate with the NT4 Servers pretty simple stuff really and the basic configuration of the network is fairly simple as for setting permissions and the like but where you'll have trouble is with the Wireless Ports as they are an open invitation into the system which you don't really want. If you can keep all the Wireless stuff on the other side of Nix Servers & Routers it would be great but without knowing what it is you are trying to protect it makes it a bit hard to give a more detailed input in the actual configuration.

As for Use Privileges you can disable the Auto Update on the XP &Y2K machines and push out Patches from the Server/s as required as NT4 no longer has any support they will not be a problem with them and again this all depends on what the system is being used for you can limit the users accounts so that they are unable to install or patch software in the Domain Permissions.

If the budget will not stretch to several Nix Servers to secure things at the very least some of the better Routers running Linux are a must but without knowing exactly what is involved and what level of access the users need the rest is all academic.

If you'd like to drop me a Peer Mail with the details I can give you some more detailed help.



Related Discussions

Related Forums