Upon the purported release of Windows Server 2008, it will have been five years since the last server product update (and by update, I mean a major "pay-for" revision) from the Redmond behemoth. A lot can change in five years, particularly in the security arena. I'm pleased to report that security remains at the forefront of Windows Server 2008.
Here are some (not all) of the features, improvements and inclusions—or exclusions, as the case may be—that you can investigate in Windows Server 2008.
Server Core is, of course, a new thought paradigm in the world of Windows on the server, though Unix proponents have long argued that Windows was too much bloat and unnecessary code on an Internet-facing server. With Server Core, you have the most fundamental part of Windows Server, finely tuned for performance, with all of the other stuff -- including
One new feature of Terminal Services in Longhorn Server is the Terminal Services Gateway. You'll find this to be a great feature if you work in an environment where many remote users would still need to be able to take advantage of RDP-based application deployment.
Terminal Services Gateway allows users to access hosted applications from a centralized Web portal accessible over Port 443 (or any other port you choose) via an encrypted HTTPS channel. But what about access control, you ask? Windows Server 2008 adds the concept of connection authorization policies, or CAPs, that administrators can create to define user groups that are permitted to access TS through the TS Gateway machine. So you can limit hosted application use to only those users that need it, saving space and bandwidth and reducing the potential for misuse or attack.
The new version of IIS, version 7, is completely modular—imagine a Server Core mentality reduced to a single piece of software. Users have never really been able to pick and choose from IIS features and abilities, but now you can load them in any combination and with no dependencies and really create a lean, mean server that does what you want it to do very well. Again, it also plays with a reduced attack surface, less chance of vulnerable code running and so on.
Active Directory security enhancements
And finally, you have read-only domain controllers (RODCs). Interestingly enough, the feature is basically its name: RODCs get data replicated to them from full domain controllers, but no changes can be made to its own copy of the directory database. Thus, no information can be replicated back to the full DCs in the domain it's a member of. By creating an RODC, you reduce the risk of someone attacking a branch office location and sending poisoned data throughout all of AD. A limit on how credentials are cached on the RODC lessens the possibility that accounts can be cracked from a stolen DC, and the RODC can't issue falsified Kerberos tokens to get nefarious users onto the full network. It's a better scenario for those remote DCs, from a security and hardening perspective.
The bottom line? There's a lot to look forward to in Windows Server 2008 for the security guy.
About the author: Jonathan Hassell is an author, consultant and speaker residing in Charlotte, N.C. Jonathan's books include RADIUS and Learning Windows Server 2003 for O'Reilly Media and Hardening Windows for Apress. His work is seen regularly in popular periodicals such as Windows IT Pro magazine, PC Pro and Microsoft's TechNet Magazine, as well as the website SecurityFocus, He speaks around the world on topics including networking, security and Windows administration. He can be reached at firstname.lastname@example.org.