OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Windows 2000 Professional and firewalls
From: Henry Sieff (hsieffORTHODON.COM)
Date: Tue Aug 01 2000 - 12:35:50 CDT

I haven't seen anything specifically on Windows 2000; the old
guidelines for hardening an NT server (such as they are) still apply.
A couple of features seem to make it better:

Built in system file protection.
Encrypting File System
Support for IPSec, PKI, etc.

THe problem is that it is untested, and thus far there hasn't been
much by way of independent assessment. I imagine it will do the job as
well as a Linux box if configured properly; you'll just need a faster
processor, more RAM, and of course, there are simply more options to
choose from when implementing the actual firewall code if you choose
Linux (esp. once the 2.4 kernel is stable).

That said, I think Win2k is a definite improvement over NT, and if
configured properly can be made as secure as a Linux based solution.

Henry
>-----Original Message-----
>From: Ken Grossman [mailto:ken.grossmanGSA.GOV]
>Sent: Tuesday, August 01, 2000 7:50 AM
>To: FOCUS-MSSECURITYFOCUS.COM
>Subject: Windows 2000 Professional and firewalls
>
>
>I have been tasked with investigating setting up a firewall
>for my office.
>In some of the lectures on firewalls that I have attended in
>the past, the
>lecturer was against using Windows NT as the underlying OS of
>the machine
>that is running the firewall software due to its security
>problems. Has
>there been any evidence that Windows 2000 is a more secure and viable
>firewall OS than Windows NT? I would prefer to use UNIX/Linux as the
>underlying OS but would like to have some supporting evidence.
Thanks.
>
>Ken Grossman
>