Documenting the Zones
Applies To: Windows Server 2012
Generally, the task of determining zone membership is not complex, but it can be time-consuming. Use the information generated during the Designing a Windows Firewall with Advanced Security Strategy section of this guide to determine the zone in which to put each host. You can document this zone placement by adding a Group column to the inventory table shown in the Designing a Windows Firewall with Advanced Security Strategy section. A sample is shown here:
Host name |
Hardware reqs met |
Software reqs met |
Configuration required |
Details |
Projected cost |
Group |
|---|---|---|---|---|---|---|
CLIENT001 |
No |
No |
Upgrade hardware and software. |
Current operating system is Windows XP. Old hardware not compatible with Windows 8. |
$?? |
Isolated domain |
SERVER002 |
Yes |
No |
Join trusted domain, upgrade from Windows Server 2008 to Windows Server 2012 |
No antivirus software present. |
$?? |
Encryption |
SENSITIVE001 |
Yes |
Yes |
Not required. |
Running Windows Server 2012. Ready for inclusion. |
$0 |
Isolated server (in zone by itself) |
PRINTSVR1 |
Yes |
Yes |
Not required. |
Running Windows Server 2008 R2. Ready for inclusion. |
$0 |
Boundary |
Next: Planning Group Policy Deployment for Your Isolation Zones