Security will always be one of the top issues for network administrators. Microsoft has made some major improvements in the Windows operating systems over the years, and the Windows .NET Server line is no exception. Following are some of the enhancements that have been made to make the Windows environment more secure.
Encrypting File System (EFS) Enhancements
EFS now makes use of larger keys, which in turn help to prevent EFS files being decrypted by unauthorized viewers. Another enhancement is that multiple authorized users can now access shared encrypted files. This is a major enhancement to EFS, and will make it more usable in a networking environment. The final enhancement is that EFS files that are used as offline files can now be encrypted. This allows protection of locally cached documents that previously were left unprotected.
Ownership of TCP/UDP Ports
The netsat command line utility has been improved to show which process running on a server was in charge of allowing communication to individual ports. This helps to manage servers for security purposes, security audits, and performance enhancement by shutting down processes that are not needed.
IPSec Monitor Enhancements
IPSecmon.exe has been replaced with a Microsoft Management Console (MMC) snap-in. This console provides detailed information about IPSec policy and active security states.
Policies for Restricting Software
Active Directory Policies now have a Software Restriction Policy. This policy allows administrators to determine which applications are allowed to run on a machine.