|
Previous | Table of Contents | Next |
The goal of this chapter is to investigate the security aspects of Windows NT and how you can implement Windows NT into an Internet or intranet strategy. This chapter will concentrate on using Windows NT as an Internet web server or as a proxy server gateway that allows internal users to access the Internet while blocking Internet users from accessing internal resources. Important topics include:
- General Windows NT features related to security.
- Windows NT architecture and security subsystem.
- Environmental features related to security including domains, trust relations, user accounts, groups, rights, and permissions.
- Logon and authentication in the Windows NT environment.
- Internet connections and the use of Windows NT as a public web server.
- Microsoft Internet Information Server (IIS), a web server included with Windows NT.
- Microsoft Proxy server, a firewall-like product for Windows NT.
The first thing to know about Windows NT is that two versions exist, both of which have the same core features, security system, and networking support.
Note: This chapter will discuss Windows NT Server unless otherwise noted.
Windows NT is designed to provide file and print services and an architecture for running client/server applications. It also supports remote communication services and Internet services. NT Server is an ideal platform for providing web services on the Internet or for use as a proxy server. It can also operate as a firewall with additional third-party software.
Microsofts marketing strategy for Windows NT has been to build in as many networking and Internet features as possible. In fact, Windows NT server comes with a full web server component called the Internet Information Server (IIS) and a free evaluation copy of Microsoft Proxy Server is available for download from Microsofts web site.
Some additional features of Windows NT are as follows:
Of course, a Microsoft representative could probably add about 50 more items to this list. The main point is that Microsoft has bloated Windows NT with features that are normally purchased separately with other operating systems. You can view a complete product summary list at Microsofts web site (http://www.microsoft.com).
Windows NT networks are based on the workgroup model or the domain model. In the workgroup model, user accounts and access are handled individually at each Windows NT computer. A workgroup is usually a small departmental network. In contrast, a domain is a large collection of servers and users, often representing an entire company or division of a company. In the domain model, a domain-wide user account database holds user accounts and provides a place for administrators to control access to the network. Once you successfully log on to a domain account, there is usually no need to log on again when accessing other systems in the domain, assuming you are authorized to access those systems.
Previous | Table of Contents | Next |