12.1. General Server Security Guidelines

There are two goals in the security process of any server: Allow authorized users to access the information they need, while preventing unauthorized users from gaining information they should not have. These goals seem to be almost polar opposites; an administrator has to let a user access his or her files, at the same time an attacker has to be prevented from accessing them. Considering that an attacker may be another employee who does have legitimate access to the server, it is easy to understand why server administrators are sometimes grumpy.

12.1.1. Server Construction

The first place to start with server security is the server itself. Remember, redundancy, scalability, and availability are critical ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.