How will Windows XP cope with security?
During the past year, Microsoft has made a concerted
effort to develop secure products. Windows XP, for example,
contains a wide variety of security features that
proactively protect systems and make security a little
easier for the end-user, including the addition of the
Internet Connection Firewall (ICF) and automatic updates as
well as advancements in the Encrypting File System (EFS),
security templates, and smart card support.
ICF, activated by default when you use the networking
wizard, blocks all inbound traffic to the system. You can
easily tell if the firewall is active by looking at your
network connections. Any network connection protected by ICF
is red.
ICF is a powerful packet firewall, but it does not have
all the features and functionality of an enterprise
solution. Its main purpose is to protect stand-alone systems
with broadband Internet connections. ICF is ideal protection
for telecommuters and corporate remote-access solutions.
ICF is either on or off; you cannot selectively protect
specific ports or protocols. You do have the ability to
allow a few protocols to pass, such as HTTP, FTP, and L2TP.
You also have the ability to define additional ports. ICF
also includes logging capabilities that allow you to record
unsuccessful inbound traffic and successful outbound
traffic. Recording all successful outbound traffic will
generate some large, unwieldy log files, but monitoring
unsuccessful inbound attempts will give you a good picture
of what attacks are being attempted against the system. The
log files can be accessed by an administrator and copied to
other administrators via the network, giving them the
ability to determine if individual machines are under
attack.
In an enterprise environment, system administrators want
to limit the control individual users have over the ICF
settings. Users should not have the ability to disable the
firewall or open ports without proper authorization and
approval. If they do have this ability, an administrator
might be lured into a false sense of security, thinking all
users have systems protected from inbound connections when
they really have disabled its functionality. To prevent this
from happening, ICF settings for Windows XP Professional can
be controlled through Group Policy settings. Group Policy
can force users to enable the firewall when not connected to
the corporate network, for example.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
