?
Solved

Top 10 critical checks for windows servers

Posted on 2013-01-17
9
Medium Priority
?
383 Views
Last Modified: 2013-02-01
We have got to audit a number of virtual windows 2008 file/database servers for critical controls, albeit not just specific to security (although they will undoubtedly be up there in the top 15). By audit this is more a risk assessment/healthccheck, not audit who can access what in the traditional sense of the word.

I was trying to identify probably a top 10-15 critical controls list for the servers so we can do as much as possible in the time available. Patching, weak password identification etc are 2 obvious security ones, but I don’t want to purely focus on security settings.

The objective is to ensure the servers have optimum availability, security/confidentiality, integrity, alignment with vital controls and best practice. What would your top 15 checks be in your expert opinion, i.e. which are the most important/vital. I would rather some feedback rather than being pointed to a guide.
0
Comment
Question by:pma111
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 124

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 668 total points
ID: 38786641
Security Patches and User Account Policys should be in your top 10.

But also what Group and Local Policies are in effect.

Also what applications are installed, and what shares if any are enabled

Remote Access to what and who?

Firewall Enabled and Rules

How many nics enabled and to which LANs
0
 
LVL 3

Author Comment

by:pma111
ID: 38786662
any top 5 controls outside of security per server?
0
 
LVL 124
ID: 38786689
how does your server baseline match against your build document.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Author Comment

by:pma111
ID: 38786693
I was more leaning towards controls such as backup/resore, performance management etc etc...
0
 
LVL 23

Assisted Solution

by:Ayman Bakr
Ayman Bakr earned 668 total points
ID: 38786783
I kind of agree that security controls should be in the top 10; apart from what was mentioned by hanccocka also the following should not be forgotten:
-> Guest accounts, anonymous accounts should be disabled.
-> Firewall enabled and only necessary ports opened.

However, to answer you question on performance, you should be looking at:
-> CPU utilization should usually not exceed 80 - 90 % / event alerts should be set at this threshold.

-> Memory Utilization also should usually have threshold alerts at utilizations closing 80 to 90 %

-> Disk Queue Length should usually not exceed 2.

-> Network/Bandwidth utilization

On the backup/restore side of the picture, it should really depend on your strategy. Some do a daily incremental backup and a once a week full backup. However you concern should be a checklist of:
-> where should your backup be stored
-> Testing the backup and restoration periodically
-> Having several copies of a backup
-> Off-site location for a backup
-> Quarterly/Yearly backup
0
 
LVL 20

Assisted Solution

by:wolfcamel
wolfcamel earned 664 total points
ID: 38786841
do you have monitoring and alerting - will you get an email if CPU utilization goes high, or if available disk space drops below 5%?
Are all autostarting services started?
Event logs monitored?
are all device drivers up to date?
are UPS devices checked to see what their battery life is?
Do you get alerts if the server reboots? or if software is added/removed?
0
 
LVL 3

Author Comment

by:pma111
ID: 38787160
So grouping these answers

1) security
2) performance management
3) backup/restore

Any more? I was hoping for quite a comprehnsive list of areas to cover
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 38787249
it is both comprehensive and simple..
measure everything and get alerts / monitoring when those measurements don't meet the criteria you have set.
Monitor all relevant changes - such as security, updates, firewall attacks.
Backup your data and your configuratation.
Test your backups and restore.
Ensure you have things well documented so you can restore or fix things if they break.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38788826
Add one more category for the group - maintenance tasks:
-> how often should servers be restarted
-> when should they be updated/upgraded (software installed, OS)
-> periodic system and software patch release updates
-> periodic check on the event logs and reactive (later proactive) troubleshooting and maintaining
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question