We know that, as DBAs, network security was atop your list of concerns in 2006. With this in mind, our tips this year were geared toward helping you solve a variety of problems, including suffering performance during testing, how to protect your users from themselves and password insecurity.
Of course, those aren't the only issues we cover. We also tackle a Windows VPN alternative, when to pull the plug on network isolation, open source tools and more. Here are the top 10 network security tips from the past year on SearchWindowsSecurity.com.
TrueCrypt: Free encryption utility
In the mobile world the only sure way to secure sensitive data is with encryption. But any such encryption utility has to be easy to use on Windows machines. Contributor Serdar Yegulalp takes an extensive look at a free partition- and disk-level encryption utility called TrueCrypt that is both effective and easy to use.
Open source Windows security tools
For Windows security, open source tools are often an afterthought, but they can be more flexible than Microsoft tools and less costly than third-party tools. Contributor Tony Bradley reviews a few of the lesser known open source security tools.
Free tool review: AccessChk permissions checker
Administrators typically go to great lengths to make sure that network servers are secure. Mistakes do happen though. It is not uncommon for security groups to have overlapping or even contradictory permissions. Contributor Brien Posey reviews a permissions-testing tool called AccessChk that helps with this problem.
Active Directory Federation Services
ADFS sounds complicated. Not so according to contributor Jonathan Hassell. Hassell steps you through the ADFS process, including what you'll need to make it work.
Building better password policies
In some cases passwords are your network's last line of defense and your only tool to ensure strong passwords is your password policy. Contributor Kevin Beaver suggests tweaking your policy to improve security and usability and discusses ways to get management on board.
OpenVPN: An open source alternative to Windows VPNs
Depending on your network needs, you may want to deploy an IPSec VPN to provide secure remote access to your workforce. Cost-conscious Windows shops will often stick with Windows offerings, but this article from Justin Korelc and Ed Tittel describes an open source VPN alternative called OpenVPN that is both scalable and simple.
How to (really) harden Windows clients
Hardening Windows clients with a long checklist or an auditor's suggestions might be overkill according to contributor Kevin Beaver. Take a look at his bare-minimum checklist and his recommendations for hardening clients according to vulnerability assessments.
Microsoft Rights Management Services: An introduction
Don't be confused or apprehensive about RMS. Contributor Serdar Yegulalp explains the technology, what you'll need, how to use it and its limitations.
Minimize Windows security testing's impact on performance
Testing security is a good thing, but if you're not careful you could adversely affect your Windows networks and systems. Contributor Kevin Beaver has extensive security testing experience and tells you how and when to test to ensure the slightest network impact possible.
Network isolation: When to pull the plug
When security comes up, there is always a discussion of isolating a sensitive server, but this is often impractical. Contributor Serdar Yegulalp discusses four ways to isolate sensitive servers and their data.