Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 322
  • Last Modified:

Win2003 Small Business Server : Encryption

I'm looking to install SBS2003 in the office, as we want to migrate from a Workgroup to a domain, vpn, Exchange, etc.

We'd like to use file encryption on the server, for additional security, since people want external access to the server (for admin) and workstations. Since we would only have one server machine (i.e. no backup domain controller), is encryption a good idea?

All the posts I've seen so far have related to recovering encrypted files from workstations / home pcs - and it doesn't seem like you can.

If this machine fails, will we loose our data on a re-install or can the data be resurected after a fresh install? Do I need to do anything special to enable restoration of data, or will it just be possible (which seems to remove the point of encryption!).

Thanks in advance for all your advice!

Ian.
0
ibradshaw
Asked:
ibradshaw
  • 4
  • 2
1 Solution
 
Fatal_ExceptionCommented:
First, I would never run a single server in your domain.  You can install SBS on the first server, then add an additional Domain Controller afterwards, to give you some redundancy.

Regarding a failed server, just be sure you get VERY good backups of all your important data, including the System State.  You can use the built-in Ntbackup, or a third party utility like Veritas (which I recommend).

Encrypytion is a great idea.  Just be sure you have a Recovery Agent on the server, in case the admin needs to recover encrypted data.  The Recovery Agent is configured in Active Directory.  There is quite a bit written about this and a Google search will give you quite a few hits..

FE
0
 
Fatal_ExceptionCommented:
Here is some extra reading for you..

Encrypting File System in Windows XP and Windows Server 2003

http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx

Recovery of Encrypted Files on a Server

http://support.microsoft.com/default.aspx?scid=kb;en-us;283223&sd=tech

Creating a Recovery Agent

http://www.winnetmag.com/Article/ArticleID/24103/24103.html
0
 
ibradshawAuthor Commented:
Just one quick question...

if we want an additional domain controller, does this mean buying two copies of SBS, or can we install it twice on two different machines?

Thanks for your help FE!

SBS with encryption and an updated backup policy seems the way to go.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
Fatal_ExceptionCommented:
No...  you cannot install it on two different machines.  You may have noticed that you have to activate 2003 with MS, as you do the XP clients.  But, for a backup Domain Controller, you don't need SBS, but just the standard W2K3 server, which will save you a lot of $...  Just make sure that the SBS server is the first one installed on the Domain.  Then once installed, you can add your standard version 2003 server to the domain and configure it as your 2nd AD/DNS server....

Good luck, and thanks..!!

FE
0
 
ibradshawAuthor Commented:
I thought it would be, just wondered if it had been setup to allow this since it was designed for small business's without much of an IT budget. - haven't bought anything yet! A few issues were still working through before we change over... now one less!

I would have thought you'd need two copies of SBS, so thanks for the advice! And saving us some cash!

Cheers

Ian.
0
 
Fatal_ExceptionCommented:
No problem..  if you have any other questions, come on back to EE and ask away..!!

Have a great weekend..

FE
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now