Table Of Contents - Cisco TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0 Configuration Manual

Hardening windows server 2003 for cisco tms 13.0

Hide thumbs Also See for TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0:

Troubleshooting manual (16 pages)

Table of Contents

Contents

References and related documents ........................................................................................................ 5

Preface .................................................................................................................................................... 5

Pre-install considerations ........................................................................................................................ 7

Installing baseline configuration .............................................................................................................. 7

File system............................................................................................................................................... 9

Administrator account .............................................................................................................................. 9

Set strong password and lockout policies ............................................................................................... 9

Secure the SQL Server ......................................................................................................................... 10

Use Local Service User .................................................................................................................. 10

Disable Network Protocols ............................................................................................................. 10

Cisco TMS Service User Account ......................................................................................................... 10

Create a Cisco TMS Service Account ............................................................................................ 10

Assign file ACLs for Cisco TMS directories .................................................................................... 10

Configure Cisco TMS Services to use Service Account ................................................................ 12

Remove unnecessary user accounts .................................................................................................... 13

Remove unnecessary windows components ........................................................................................ 14

Disable unnecessary windows services ................................................................................................ 15

Network services ................................................................................................................................... 17

Configuring TCP/IP ........................................................................................................................ 17

Configuring the Windows Firewall .................................................................................................. 17

Apply appropriate file ACLs ................................................................................................................... 18

Audit policy ............................................................................................................................................ 20

User rights assignment .......................................................................................................................... 21

Security options ..................................................................................................................................... 23

Set event viewer history ........................................................................................................................ 27

Remove any file shares ......................................................................................................................... 27

Screen saver ......................................................................................................................................... 28

Disable dump file creation ..................................................................................................................... 28

Miscellaneous registry changes ............................................................................................................ 28

Protect the registry from anonymous access ................................................................................. 28

Disable 8.3 file format compatibility ................................................................................................ 28

Clear paging file at shutdown ......................................................................................................... 29

Disable Autorun from CD ............................................................................................................... 29

Protection against denial of service attacks ................................................................................... 29

Check status of logon screen shutdown button ............................................................................. 29

Enable logging on the website .............................................................................................................. 30

Delete the default installed examples .................................................................................................... 30

Disable unneeded web extensions ........................................................................................................ 30

Steps to repeat after Cisco TMS installs and upgrades ........................................................................ 30

Set proper authentication methods ................................................................................................ 30

Delete unused application mappings ............................................................................................. 31

Optional - Configure Cisco TMS to use HTTPS ............................................................................. 32

Optional - Remove XAPDLL ........................................................................................................... 32

Optional - Remove Polycom Endpoint support .............................................................................. 32

Cisco TMS upgrades ............................................................................................................................. 33

Continued monitoring ............................................................................................................................ 33

Up to date patching ............................................................................................................................... 33

Cisco TMS Secure Server Configuration Guide 13.0

Document revision history

Page 2 of 34