Solved

Top 10 critical checks for windows servers

Posted on 2013-01-17
9
372 Views
Last Modified: 2013-02-01
We have got to audit a number of virtual windows 2008 file/database servers for critical controls, albeit not just specific to security (although they will undoubtedly be up there in the top 15). By audit this is more a risk assessment/healthccheck, not audit who can access what in the traditional sense of the word.

I was trying to identify probably a top 10-15 critical controls list for the servers so we can do as much as possible in the time available. Patching, weak password identification etc are 2 obvious security ones, but I don’t want to purely focus on security settings.

The objective is to ensure the servers have optimum availability, security/confidentiality, integrity, alignment with vital controls and best practice. What would your top 15 checks be in your expert opinion, i.e. which are the most important/vital. I would rather some feedback rather than being pointed to a guide.
0
Comment
Question by:pma111
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 167 total points
Comment Utility
Security Patches and User Account Policys should be in your top 10.

But also what Group and Local Policies are in effect.

Also what applications are installed, and what shares if any are enabled

Remote Access to what and who?

Firewall Enabled and Rules

How many nics enabled and to which LANs
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
any top 5 controls outside of security per server?
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
how does your server baseline match against your build document.
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
I was more leaning towards controls such as backup/resore, performance management etc etc...
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 23

Assisted Solution

by:Ayman Bakr
Ayman Bakr earned 167 total points
Comment Utility
I kind of agree that security controls should be in the top 10; apart from what was mentioned by hanccocka also the following should not be forgotten:
-> Guest accounts, anonymous accounts should be disabled.
-> Firewall enabled and only necessary ports opened.

However, to answer you question on performance, you should be looking at:
-> CPU utilization should usually not exceed 80 - 90 % / event alerts should be set at this threshold.

-> Memory Utilization also should usually have threshold alerts at utilizations closing 80 to 90 %

-> Disk Queue Length should usually not exceed 2.

-> Network/Bandwidth utilization

On the backup/restore side of the picture, it should really depend on your strategy. Some do a daily incremental backup and a once a week full backup. However you concern should be a checklist of:
-> where should your backup be stored
-> Testing the backup and restoration periodically
-> Having several copies of a backup
-> Off-site location for a backup
-> Quarterly/Yearly backup
0
 
LVL 20

Assisted Solution

by:wolfcamel
wolfcamel earned 166 total points
Comment Utility
do you have monitoring and alerting - will you get an email if CPU utilization goes high, or if available disk space drops below 5%?
Are all autostarting services started?
Event logs monitored?
are all device drivers up to date?
are UPS devices checked to see what their battery life is?
Do you get alerts if the server reboots? or if software is added/removed?
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
So grouping these answers

1) security
2) performance management
3) backup/restore

Any more? I was hoping for quite a comprehnsive list of areas to cover
0
 
LVL 20

Expert Comment

by:wolfcamel
Comment Utility
it is both comprehensive and simple..
measure everything and get alerts / monitoring when those measurements don't meet the criteria you have set.
Monitor all relevant changes - such as security, updates, firewall attacks.
Backup your data and your configuratation.
Test your backups and restore.
Ensure you have things well documented so you can restore or fix things if they break.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
Comment Utility
Add one more category for the group - maintenance tasks:
-> how often should servers be restarted
-> when should they be updated/upgraded (software installed, OS)
-> periodic system and software patch release updates
-> periodic check on the event logs and reactive (later proactive) troubleshooting and maintaining
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Suggested Solutions

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now