Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Top 10 critical checks for windows servers

Posted on 2013-01-17
9
Medium Priority
?
380 Views
Last Modified: 2013-02-01
We have got to audit a number of virtual windows 2008 file/database servers for critical controls, albeit not just specific to security (although they will undoubtedly be up there in the top 15). By audit this is more a risk assessment/healthccheck, not audit who can access what in the traditional sense of the word.

I was trying to identify probably a top 10-15 critical controls list for the servers so we can do as much as possible in the time available. Patching, weak password identification etc are 2 obvious security ones, but I don’t want to purely focus on security settings.

The objective is to ensure the servers have optimum availability, security/confidentiality, integrity, alignment with vital controls and best practice. What would your top 15 checks be in your expert opinion, i.e. which are the most important/vital. I would rather some feedback rather than being pointed to a guide.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 123

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 668 total points
ID: 38786641
Security Patches and User Account Policys should be in your top 10.

But also what Group and Local Policies are in effect.

Also what applications are installed, and what shares if any are enabled

Remote Access to what and who?

Firewall Enabled and Rules

How many nics enabled and to which LANs
0
 
LVL 3

Author Comment

by:pma111
ID: 38786662
any top 5 controls outside of security per server?
0
 
LVL 123
ID: 38786689
how does your server baseline match against your build document.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 3

Author Comment

by:pma111
ID: 38786693
I was more leaning towards controls such as backup/resore, performance management etc etc...
0
 
LVL 23

Assisted Solution

by:Ayman Bakr
Ayman Bakr earned 668 total points
ID: 38786783
I kind of agree that security controls should be in the top 10; apart from what was mentioned by hanccocka also the following should not be forgotten:
-> Guest accounts, anonymous accounts should be disabled.
-> Firewall enabled and only necessary ports opened.

However, to answer you question on performance, you should be looking at:
-> CPU utilization should usually not exceed 80 - 90 % / event alerts should be set at this threshold.

-> Memory Utilization also should usually have threshold alerts at utilizations closing 80 to 90 %

-> Disk Queue Length should usually not exceed 2.

-> Network/Bandwidth utilization

On the backup/restore side of the picture, it should really depend on your strategy. Some do a daily incremental backup and a once a week full backup. However you concern should be a checklist of:
-> where should your backup be stored
-> Testing the backup and restoration periodically
-> Having several copies of a backup
-> Off-site location for a backup
-> Quarterly/Yearly backup
0
 
LVL 20

Assisted Solution

by:wolfcamel
wolfcamel earned 664 total points
ID: 38786841
do you have monitoring and alerting - will you get an email if CPU utilization goes high, or if available disk space drops below 5%?
Are all autostarting services started?
Event logs monitored?
are all device drivers up to date?
are UPS devices checked to see what their battery life is?
Do you get alerts if the server reboots? or if software is added/removed?
0
 
LVL 3

Author Comment

by:pma111
ID: 38787160
So grouping these answers

1) security
2) performance management
3) backup/restore

Any more? I was hoping for quite a comprehnsive list of areas to cover
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 38787249
it is both comprehensive and simple..
measure everything and get alerts / monitoring when those measurements don't meet the criteria you have set.
Monitor all relevant changes - such as security, updates, firewall attacks.
Backup your data and your configuratation.
Test your backups and restore.
Ensure you have things well documented so you can restore or fix things if they break.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38788826
Add one more category for the group - maintenance tasks:
-> how often should servers be restarted
-> when should they be updated/upgraded (software installed, OS)
-> periodic system and software patch release updates
-> periodic check on the event logs and reactive (later proactive) troubleshooting and maintaining
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
A look into Log Analysis and Effective Critical Alerting.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question