Windows Server Configuration Standards
1.0 Overview
This standard defines terms and procedures for properly setting up and securing a °ÄÃÅ¿ª½±½á¹û Windows server. The configurations discussed are specific to the °ÄÃÅ¿ª½±½á¹û environment and may not work on all machines.
2.0 Purpose
The purpose of this standard is to provide all system administrators, IT staff or other approved personnel the appropriate information to abide by the Server Security Policy and to configure a Windows server for safe and reliable use.
3.0 Scope
This standard addresses °ÄÃÅ¿ª½±½á¹û Windows servers only.
4.0 Standard
4.1 Server Request
Prior to any server installation, the administrator must first fill out a . Once the server has been approved, the administrator can then start the process of ordering and installing the server.
4.2 Configuration Guidelines
The following Windows-specific configurations must be made.
- Install only Windows 2003 Server or newer.
- Rename local Administrator account to something other than Administrator, and ensure it has a strong password
- Join the local Murray State domain, unless otherwise authorized by Information Systems
- Only use NTFS
- Do not use FTP, use SFTP (e.g., FreeFTPD)
- Any database server installations need to be cleared through Murray State Application Development Support Services
- Any application that needs to run it's own SMTP server must be cleared through Information Systems
- Contact the Security Analyst for centralized logging
4.3 Security Tools
The following tools must be installed, properly configured and actively running on each server:
- Anti-virus and anti-spyware that abides by the Anti-Virus Policy
4.4 Department Notification
Alert the appropriate departments/technicians if the server has additional needs.
- Contact the Backup Operators on what needs to be included in the backup routine.
- Contact the Network Analyst to add the server to the appropriate update reboot group in Active Directory.
- Contact the Network Technician if the server needs any type of system monitoring.
5.0 Definitions
Server
For purposes of this policy, a Server is defined as an internal °ÄÃÅ¿ª½±½á¹û Server. Desktop machines and Lab equipment are not relevant to the scope of this policy.