Chapter 1 - The Windows 2000 Server Security Migration Path

Abstract

Windows 2000 Server adds a great number of security enhancements to those that were available in the previous versions of the operating system. These enhancements include Public Key Infrastructure capabilities, the Kerberos v5 authentication protocol, smart card support, the Encrypting File System, and IPSec. These new additions to security are necessary for protecting data as organizations start depending on their information technology infrastructure even more than in the past. Any vulnerability could wreak havoc on those mission-critical systems. A network security plan is vital for upgrading the network from Windows NT 4.0 to Windows 2000 Server. At a minimum, the network security plan must include security group strategies, security group policies, network logon and authentication strategies, and strategies for information security. Before upgrading to Windows 2000 Server in a production environment, it needs to be tested. The test environment should mimic the production environment, so that one can obtain an accurate picture of how the implementation will affect the production environment. When one is satisfied with the results of testing, one should carefully consider the timing of the upgrade to the production environment to ensure that no interruption occurs during a particularly busy time for the organization.