Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Security Improvement Module

Securing Network Servers (2000)

  • April 2000
  • By Julia H. Allen, Klaus-Peter Kossakowski, Gary Ford, Suresh Konda, Derek Simmel
  • The practices recommended in this report from 2000 are designed to help administrators configure and deploy network servers that satisfy organizational security requirements.
  • Publisher: Software Engineering Institute
    CMU/SEI Report Number: CMU/SEI-2000-SIM-010
  • Abstract

    The development of computer networks has resulted in an important class of computers: network servers. The primary purpose of these machines is to provide services, including both computational and data services, to other computers on the network. 

    Because of their service role, it is common for servers to store many of an organizations most valuable and confidential information resources. They also are often deployed to provide a centralized capability for an entire organization, such as communication (electronic mail) or user authentication. Security breaches on a network server can result in the disclosure of critical information or the loss of a capability that can affect the entire organization. Therefore, securing network servers should be a significant part of your network and information security strategy. 

    Many security problems can be avoided if servers and networks are appropriately configured. Default hardware and software configurations are typically set by vendors to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new servers to reflect your security requirements and reconfigure them as your requirements change. 

    The practices recommended here are designed to help you configure and deploy network servers that satisfy your organizations security requirements. The practices may also be useful in examining the configuration of previously deployed servers.

  • Download