Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Architecting a secure Windows network is not an easy task. It is not unusual to spend as much as six months to a year in a lab testing the security infrastructure and configuration before any actual implementation is started. And with each release of the operating system, service packs, and patches, security configuration and change management is becoming more complex and time-consuming every day.

In the 1990's, it was enough to know that the server operating system boasted the so-called C2 security rating---a rating granted by the National Computer Security Center (NCSC) for products that have been evaluated against the Department of Defense Trusted Computer System Evaluation Criteria (TCSEC). Unless you were working in defense or the CIA or some sensitive environment, you never really cared about such security ratings. But those years are now only a distant memory of what life was once like as the Windows Server network administrator.

In the last decade, even on the largest networks, the security administrator on the network and the network administrator were the one and the same person. Today, security administration involves more work than a single person can handle, and on a large network an entire team of engineers specializes only on network security.

I still remember the not-too-foggy past, circa 1998, when as one of a handful of network administrators for a large enterprise we would all share the Windows NT Administrator account. Besides the sharing of the account, almost all of our hundreds of NT servers spread around the country used that Administrator account for just about every major service or application that needed a domain account on the network. We also used that account to log on to all our servers. What were we thinking back then?

Those days began to fade very quickly as soon as the cyberwars started, viruses and hostile code flooded the Internet and bandwidth became so cheap that anyone with a telephone line could order megabit speed for less that the cost of monthly karate classes.


  • 1