An invaluable resource for IT professionals looking to stay one step ahead

Published: August 8, 2005 | Updated : March 17, 2006

By Tony Bailey, Senior Product Manager, Security and Compliance Solutions

See other Security Tip of the Month columns.

The Microsoft Security Solutions and Compliance (MSSC) team creates prescriptive guidance to help IT professionals stay one step ahead of security issues.

Released Guidance

Identity and Access Management
Microsoft Identity and Access Management Series is a series of papers providing identity and access management concepts, techniques, and solutions for use in heterogeneous IT environments.

Client Security
Applying the Principle of Least Privilege to User Accounts on Windows XP discusses the high-level issues that organizations may face in applying and implementing the least-privileged user account (LUA) approach for Microsoft Windows XP-based systems. This paper also provides useful links to other online resources that explain these concepts in more detail.

Windows XP Security Guide provides recommendations for deploying Microsoft Windows XP. It describes the features and recommended settings for Windows XP Service Pack 2 (SP2), including templates for security settings for Windows Firewall, information about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more.

Server Security
The Services and Service Accounts Security Planning Guide is an important resource to plan strategies to run services securely under the Microsoft Windows Server 2003 and Windows XP operating systems.

Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide describes the challenges in planning and implementing quarantine services with VPN through the new features available in Microsoft Windows Server 2003 with Service Pack 1 (SP1).

Microsoft Solution for Securing Windows 2000 Server provides advice to help IT professionals understand and implement the processes and decisions that can help them build a more secure Microsoft Windows 2000 Server environment.

Windows Server 2003 Security Guide offers easy-to-understand guidance, tools, and templates to help secure Windows 2003 Server in many environments.

Threats and Countermeasures Guide provides a reference to many of the security settings available in the current versions of the Microsoft Windows operating systems.

The Antivirus Defense-in-Depth Guide provides an easy-to-understand overview of different types of malware and the risks they pose. It details considerations for planning and implementing a comprehensive antivirus defense for your organization, as well as how to quickly and effectively respond to and recover from malware incidents.

The Administrator Accounts Security Planning Guide addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. It provides prescriptive guidance to help secure local and domain-based administrator-level accounts and groups.

Network Security
Securing Wireless LANs with Certificate Services addresses vulnerabilities in today’s wireless networks and provides information about how to design, implement, and operate a wireless security infrastructure built with 802.1X and WLAN encryption, RADIUS, and a public key infrastructure (PKI).

Securing Wireless LANs with PEAP and Passwords guides you though the complete life cycle of planning, deploying, testing, and managing a wireless security solution when employing user names and passwords to authenticate users and computers to the WLAN. It uses a flexible architecture that is adaptable for organizations ranging in size from less than 50 users to those with several thousand users.

The Secure Access Using Smart Cards Planning Guide concentrates on security administrator accounts and securing remote access when implementing smart cards.

The Security Monitoring and Attack Detection Planning Guide describes how to plan a security monitoring system on Windows-based networks. Such a system can help detect attacks that originate from internal and external sources. The main aim of a security monitoring system is to identify unusual events on the network that indicate malicious activity or procedural errors.

Windows NT 4.0 and Windows 98 Threat Mitigation Guide identifies security issues in and hardening strategies for networks that include computers running the Microsoft Windows NT 4.0 and Microsoft Windows 98 operating systems.

Server and Domain Isolation Using IPsec and Group Policy Guide supports a server and domain isolation solution through all stages of the IT lifecycle, starting at the initial evaluation and approval phase and continuing through to deployment, testing, and management of the completed implementation.

Security Management
MOF SMF Security Management provides information about security management for organizations that have deployed, or are considering deploying, Microsoft or other technologies in a data center or other enterprise-level computing environment.

The Security Risk Management Guide helps customers of all types plan, build, and maintain a successful security risk management program.

Let Us Know What You Think
Give the team your feedback about the latest security solutions guidance by sending an e-mail.