Microsoft Solutions for Security. Delivering the Windows Server 2003 Security Guide



Similar documents
Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

The 2007 R2 Version of Microsoft Office Communicator Mobile for Windows Mobile: Frequently Asked Questions

Pipeliner CRM Phaenomena Guide Getting Started with Pipeliner Pipelinersales Inc.

Overview of Microsoft Office 365 Development

Pipeliner CRM Phaenomena Guide Add-In for MS Outlook Pipelinersales Inc.

Pipeliner CRM Phaenomena Guide Administration & Setup Pipelinersales Inc.

Deploying the Workspace Application for Microsoft SharePoint Online

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

Pipeliner CRM Phaenomena Guide Sales Target Tracking Pipelinersales Inc.

Pipeliner CRM Phaenomena Guide Lead Management Pipelinersales Inc.

Windows Scheduled Tasks Management Pack Guide for System Center Operations Manager. Published: 07 March 2013

Lab Answer Key for Module 11: Managing Transactions and Locks

Windows Small Business Server 2003 Upgrade Best Practices

Lab Answer Key for Module 6: Configuring and Managing Windows SharePoint Services 3.0. Table of Contents Lab 1: Configuring and Managing WSS 3.

Open Source at Microsoft. Aras Drives Performance in Product Life-Cycle Processes

How To Set Up A Load Balancer With Windows 2010 Outlook 2010 On A Server With A Webmux On A Windows Vista V (Windows V2) On A Network With A Server (Windows) On

Migrate from Exchange Public Folders to Business Productivity Online Standard Suite

Key Benefits of Microsoft Visual Studio Team System

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

Using Apple Remote Desktop to Deploy Centrify DirectControl

Writers: Joanne Hodgins, Omri Bahat, Morgan Oslake, and Matt Hollingsworth

Integrating Business Portal 3.0 with Microsoft Office SharePoint Portal Server 2003: A Natural Fit

TeamCompanion Solution Overview. Visual Studio

Redeploying Microsoft CRM 3.0

Overview of Active Directory Rights Management Services with Windows Server 2008 R2

Connector for Microsoft Dynamics Configuration Guide for Microsoft Dynamics SL

Improving Performance of Microsoft CRM 3.0 by Using a Dedicated Report Server

UPGRADE. Upgrading Microsoft Dynamics Entrepreneur to Microsoft Dynamics NAV. Microsoft Dynamics Entrepreneur Solution.

RedBlack CyBake Online Customer Service Desk

SmoothWall Virtual Appliance

Multiple Formatter Support for the Logging Application Block

Module 1: Introduction to Designing Security

All other trademarks are property of their respective owners.

Hyper-V Server 2008 Getting Started Guide

Process Assessment and Improvement Approach

Management Reporter Integration Guide for Microsoft Dynamics GP

Expanded Frequency Capping

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

Windows Server Update Services 3.0 SP2 Step By Step Guide

Active Directory Provider User s Guide

Hyper-V Server 2008 Setup and Configuration Tool Guide

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

Microsoft Dynamics CRM Adapter for Microsoft Dynamics GP

CRM Form to Web. Internet Lead Capture. Installation Instructions VERSION 1.0 DATE PREPARED: 1/1/2013

Managing UNIX Generic and Service Accounts with Active Directory

Update and Installation Guide for Microsoft Management Reporter 2.0 Feature Pack 1

SQL Server 2005 Reporting Services (SSRS)

MOF MSF. Unitek. Microsoft Operations Framework. Microsoft Solutions Framework. Train. Certify. Succeed.

Implementing and Supporting Windows Intune

for Java developers Building Mobile Applications Introduction 1 Building Mobile Applications

Technical Brief for Windows Home Server Remote Access

Windows BitLocker Drive Encryption Step-by-Step Guide

Hands-On Lab: WSUS. Lab Manual Expediting WSUS Service for XP Embedded OS

Our goal is to create total solutions that are as unique as our clients.

Lab Answer Key for Module 9: Active Directory Domain Services. Table of Contents Lab 1: Exploring Active Directory Domain Services 1

Pipeliner CRM Phaenomena Guide Importing Leads & Opportunities Pipelinersales Inc.

Step-by-Step Guide for Monitoring in Windows HPC Server 2008 Beta 2

Deep Dive into SharePoint Provider Hosted Apps

Microsoft Dynamics GP. Payroll Connect

Veeam Task Manager for Hyper-V

BizTalk Server Business Activity Monitoring. Microsoft Corporation Published: April Abstract

SharePoint Composites. Do-It-Yourself SharePoint solutions

Office Language Interface Pack for Farsi (Persian) Content

NEOXEN MODUS METHODOLOGY

Deploying Microsoft RemoteFX on a Single Remote Desktop Virtualization Host Server Step-by-Step Guide

Securing Windows 2000 Server Support Plan

Credit Card Extension White Paper

MBAM Self-Help Portals

CRM to Exchange Synchronization

Installing and Using Sage App Manager

Microsoft Dynamics GP. Electronic Signatures

SQL Server 2014 BI. Lab 04. Enhancing an E-Commerce Web Application with Analysis Services Data Mining in SQL Server Jump to the Lab Overview

AD RMS Step-by-Step Guide

Published April Executive Summary

Overview of Active Directory Rights Management Services with Windows Server 2008 R2

Helm 4 Windows Event Viewer

Microsoft Infrastructure Assessment

Enable File and Folder Auditing

Building More Secure Commercial Software: The Trustworthy Computing Security Development Lifecycle

EventTracker: Support to Non English Systems

How to Secure a Groove Manager Web Site

Statement of Work. Systems Center Configuration Manager. Prepared for School Board of Sarasota County Thursday, 12 June 2008 Version 1.3.

Microsoft Lync Server 2010

How to Install Microsoft Mobile Information Server 2002 Server ActiveSync. Joey Masterson

Datacenter Management Optimization with Microsoft System Center

The Fast Track Project Glossary is organized into four sections for ease of use:

Windows Azure Pack Installation and Initial Configuration

Google Apps Deployment Guide

User Guide. Live Meeting. MailStreet Live Support:

DOCUMENT MANAGEMENT SYSTEM WHITE PAPER

Microsoft Axapta Financial Management consists of several individually packaged offerings: Microsoft Axapta Financials I and Financials II

Microsoft Dynamics AX 2009 Installation Guide. Microsoft Corporation Published: November 2009

Microsoft Business Solutions Navision 4.0 Development I C/SIDE Introduction Virtual PC Setup Guide. Course Number: 8359B

Abstract. Microsoft Corporation Published: August 2009

Customizing Remote Desktop Web Access by Using Windows SharePoint Services Stepby-Step

MICROSOFT DYNAMICS CRM Vision. Statement of Direction. Update: May, 2011

Introduction to DirectAccess in Windows Server 2012

How To Install Outlook Addin On A 32 Bit Computer

Hardware & Software Requirements for BID2WIN Estimating & Bidding, the BUILD2WIN Product Suite, and BID2WIN Management Reporting

Microsoft Office Communicator 2007 Getting Started Guide. Published: July 2007

Transcription:

Microsoft Solutions for Security Delivering the Windows Server 2003 Security Guide

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2003 Microsoft Corporation. All rights reserved. Microsoft and Visual Basic are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Table of Contents Introduction... 1 Microsoft Solution Framework... 2 Readiness Management... 2 Project Management... 3 Risk Management... 3 Team Model... 3 Process Model... 4 Microsoft Operations Framework... 6 Tools and Templates... 7

Introduction This guide provides general information intended for business planners, information technology (IT) architects or project managers regarding the Microsoft recommended best practices for coordinating and implementing this solution. This guide also includes pointers to a variety of resources including: Microsoft Solution Framework (MSF) Microsoft Operations Framework (MOF) Microsoft Security Risk Management Discipline (SRMD) Sources for prerequisite knowledge and training on the topics essential to this solution Descriptions of the tools and resources provided with this guidance are designed to assist you in planning, scheduling and managing your implementation 1

Microsoft Solution Framework The Microsoft Solutions Framework (MSF) provides proven practices for planning, building, and deploying a variety of technology solutions. MSF combines best practices of software design and development together with building and deploying infrastructure into a single project lifecycle for guiding technology solutions of all kinds. MSF helps organizations to achieve a delicate balance of flexibility while meeting commitments and minimizing risk. Microsoft also provides a wealth of MSF-specific resources for customers to download from its Web site at http://www.microsoft.com/msf/. The fundamental elements of MSF include: Readiness Management Project Management Risk Management Team Model Process Model Readiness Management At the beginning of a solution project, before the vision/scope phase, the organization needs to have a clear understanding of: The organization's specific security scenario and requirements: To address the needs of organization's initiating security solution implementations, Microsoft Solutions for Security (MSS) has created the Security Risk Management Discipline (SRMD). The SRMD is a detailed process used to determine which threats and vulnerabilities have the most potential impact on a particular organization. Because every company has different business requirements, it is impossible to create one list of vulnerabilities that will have the same impact on every environment, so SRMD enables an organization to incrementally build its security and identify potential areas requiring attention in the future. The organization's internal competencies: This solution is intended to be easily understood and readily implemented by a Microsoft Certified Systems Engineer (MCSE) with two years of experience, and at least basic familiarity with the following Microsoft Official Curriculum (MOC) course materials: MOC Course 2810 Fundamentals of Network Security MOC Course 2830 Designing Security for Microsoft Networks MOC Course 2150 Designing a Secure Microsoft Windows 2000 Network MOC Course 2153 Implementing a Microsoft Windows 2000 Network Infrastructure 2

Project Management MSF provides a large and diverse body of materials to assist organizations with application development, infrastructure deployment, and project management. This solution uses a subset of these MSF tools and methodologies to derive a number of project management tools intended to assist Business Planners or IT Architects implement this solution, including: A sample Microsoft Project schedule, named Windows Server 2003 Security Guide Implementation Project Schedule.mpp, which details some of the tasks, time requirements and resources, is included in the Tools and Templates\Delivery Guide folder provided with this solution. A sample Vision/Scope document, named Windows Server 2003 Security Guide Implementation Vision/Scope.doc, has been created to expedite the process of a security project focused on the Windows Server 2003 Security Guide. A sample Functional Specification, named Windows Server 2003 Security Guide Implementation Functional Specification.doc, has been created to define the functionality of the security project focused on the Windows Server 2003 Security Guide. This functional specification will be combined with several spreadsheets that accompany the Windows Server 2003 Security Guide Tools and Templates. Risk Management An essential element of project management is controlling the inherent risks of a project. Most individuals associate the concept of risk with the potential for loss, including value, control, functionality, quality, or time. However, risks also arise from the uncertainty surrounding project decisions and their outcomes, which can result in a failure to maximize opportunity gain. MSF advocates the aggressive management of risks by planning mitigation strategies and contingency plans well in advance of these risks becoming actual issues or blocking factors to success. Team Model MSF provides both a framework for separating the roles and responsibilities of application development and infrastructure deployment initiatives, and tools for defining these roles and their interactions. Program Management Manages the project specification and serves as primary architect; maintains the project schedule and reports project status; drives assessment and management of risks; facilitates negotiation within the team; coordinates the feature versus schedule versus resources tradeoff decision making. Product Management Acts as the customer advocate and manages customer requirements; drives the shared vision/scope of the project; develops and maintains the business case; drives feature versus schedule versus resource tradeoff decisions. Development Specifies the features of the solution design; estimates time and effort required to complete each feature; builds or supervises the building of the solution. 3

Test Verifies the solution functionality and ensures that all known issues are documented. User Experience Acts as user advocate; manages user requirements; drives usability and performance enhancement tradeoff decisions; develops and provides user training. Release Management Acts as advocate for operations, support, and delivery channels; manages procurement; coordinates solution deployment; drives manageability and supportability tradeoff decisions. Process Model The process model is the major element of MSF, representing best practices that have been identified, used, and refined by Microsoft from its own experiences coordinating large scale application development and infrastructure deployment projects. The primary concepts of the MSF process model include: Managing tradeoffs A balance must exist between resources (people and money), schedule (time), and features (scope). Should one of these elements require change, the other items also must change in some manner. Milestone driven approach Milestones are a key theme in MSF. Milestones are used to plan and monitor project progress, and serve as intermediary points in the project. They are used to gauge progress, ensure synchronization with customer expectations, coordinate with other team members on deliverables, and check in with stakeholders or sponsors regarding progress and direction. Iterative approach MSF recommends that solutions are developed by building, testing, and deploying a core of functionality first, then adding sets of features regularly. It relies upon living documents, which are regularly refreshed as new feature sets are added. It relies upon using daily builds of the solution, frequently gauging progress, and ongoing tracking and control of project artifacts. Regular phases and milestones A wide variety of valuable project tools and templates are available online from MSF for each of these project phases including: Envisioning Phase Vision/scope template Project structure template Risk assessment tool and management tools Planning Phase Business, User, System and other requirements templates Functional Specification templates Development, Risk Management, Test, Training, Quality and other Plan templates Building Phase Templates for content and code deliverables Test plan and test case templates, although detailed Test Plan and Cases are included with the Test Guide of this solution Deploying Phase Deployment and Communication plan templates 4

MSF is closely related to the Microsoft Operations Framework (MOF), which is the Microsoft approach to achieving mission critical production system reliability, availability and manageability. MOF is based on an internationally accepted set of best practices in IT service management called the IT Infrastructure Library (ITIL). MSF and MOF have been designed to work effectively either together, or independently. 5

Microsoft Operations Framework MOF provides technical guidance that enables organizations to achieve mission critical system reliability, availability, supportability, and manageability of Microsoft products and technologies. The Operations Guide for this guidance is based on MOF, and it outlines the appropriate tasks necessary for Operating, Supporting, Optimizing and Changing this guidance. MOF provides valuable operational guidance in the form of white papers, operations guides, assessment tools, best practices, case studies, templates, support tools, and services. This guidance may help you address the people, process, technology, and management issues pertaining to operations within complex, distributed, heterogeneous IT environments. 6

Tools and Templates This set of guidance includes a number of tools and templates, which may be used to assist in the testing and deployment of the Windows Server 2003 Security Guide in most customer environments. The illustration below details the stages in the deployment process where certain tools or security templates were intended to be used. Figure 1.1 Tools and templates usage 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information