I'm about to set up a new site at work with a new domain and everything. It will mostly be hostin windows 2003, windows 2008 and linux (centos5) servers.
The domain controllers will be windows server 2008 x64. I need to lock this environment down so it will be secure etc.
1) Would you use "link layer topology discovery" in a business server environment? Is it secure? Should I just remove (disable) it?
2) As AD is relying on DNS, is there any reason to keep "Netbios over TCP/IP" running? All windows servers will be joined in the domain, linux will use AD as DNS servers.