Can I implement a firewall ID that turns on only when needed?

I help support a large (500+) server environment. We have a security group that periodically needs to do investigations on servers with regards to employee fraud, misuse of equipment, etc. I don't want to give these folks admin rights across every box. Is there an easy way to implement a "firewall" ID that I can turn on only when needed?
Create a domain user account but disable it. Ensure it uses a complex password. Give it membership in the local computer administrators group. When the group needs to check out a server, enable the account. Allow a user to use this account only when necessary. Otherwise they are to use their own account. Be sure to enable the account before use, be sure to reset the password after each use. Also, be sure to log their activity. You may want several of these accounts. Use a special group in which you grant them membership, then the group can be give the local admin access. Since each user has an account, you can maintain accountability.
This was last published in April 2004

Dig Deeper on Network intrusion detection and prevention and malware removal



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: