Chapter 1. Operating System and Baseline Security

Server or network security doesn't start from a configuration or implementation level. In order to achieve the maximum result, it has to start from a policy or framework level. Also, your security and hardening policy must apply to all your end-to-end devices and services for it to effectively secure your IT infrastructure. The network or server components can be a part of this policy. Since the emphasis of this book is more towards the server security aspect, I will focus more on server security configuration instead of a broad security. Physical security is more important than any other security. For the purpose of this book, my assumption is that a policy, framework, and physical security are already in place. So our security conversation starts from a server level.

In this chapter, my plan is to walk you through a security tool, Security Configuration Wizard (SCW), and it's configuration details, and explain how you can use this tools in your environment to make the existing or new server infrastructure more secure. This tool will provide you with a common platform to create a policy template and apply these polices in an automated fashion, regardless of how they are defined and where they are coming from.