IT Professionals SIG Larry Copeland February 16, 2008
Discussion on best practices with Microsoft servers and some common
sense tips
Slide 2
Larry Copeland SIG Leader Over 20 years experience with
enterprise systems from Mainframes, minis, LANS, down to Pocket
PCs. Holder of two bachelors degrees (History and Comp Science)
Training in Apple, DELL/EMC, IBM, Novell, and Microsoft products
Currently employed full time by a local university that cant be
named due to security concerns. Job function is mostly system
administration with some consulting and project management.
Slide 3
Larry Copeland SIG Leader Past employers include Litton
Industries, Piggly Wiggly, Kraft Foods, Hunt Oil Company, CSSI (Now
Buchanan Associates),Textron, EDS, Perot Systems, BancTec and 3
Texas universities. Started IBM PC Users Group at East Texas State
University while a student Have been in and out of the NTPCUG since
the early 90s Believer in the User Group Concept of users helping
users
Slide 4
Secure the server physically Lock access doors Lock server case
Screen saver password Keyboard lock Fingerprint scan
Slide 5
Firewalls Router Cisco Pix Software Checkpoint Server -
ISA
Slide 6
Environmental Security Air control Control the hot spots
Temperature control Control physical access Video funny accident in
a server farm http://www.youtube.com/watch?v=3jnqieV0m_s
http://www.youtube.com/watch?v=3jnqieV0m_s
Slide 7
Check the power UPS Power conditioner Diesel Power
generators
Slide 8
When building many servers Consider using a standard image
Makes it easy to restore Microsoft Automated Deployment Service is
one way to do this
Slide 9
Server names ( Microsoft code names) Some names to avoid:
Payroll Server Customers Inventory Accounts Hard to spell names
Some Cool names: Animal names cougar, lion, tiger, etc Enterprise,
Zorg, Xfiles, Captain Kirk
Slide 10
Administrator accounts Using care on who gets server admin
rights harder to keep system under control Local admin name
probably should be renamed
Slide 11
Firmware updates Check with hardware vendor Perc Dell Flash
drivers for HBAs
Slide 12
Software patches Test before installing Push through automated
process Zen works WSUS SMS
Slide 13
Backups Make sure they run Test occasionally
Slide 14
Virus Protection Making sure it is up to date Make sure it is
turned on Read system notes
Slide 15
FTP Use Care (Data is sent in clear text) Can use a Secure FTP
Document, document, document Put in some Visio diagrams Inventory
hardware
Slide 16
Upcoming presentations Certificate Discussion (New Horizons)
Mar 15 Enterprise Server Trends Apr 19 IT Security (David Wood) May
17 Server Automation June 21 Network Applications July 19
