References And Related Documents; Preface - Cisco TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0 Configuration Manual

General

References and related documents

Windows Server 2003 Security Guide
Windows 2003 Threats and Countermeasures Guide
Knowledge Base article
when you modify security settings and user rights assignments
Professional Server Pages 3.0 (WROX)
Knowledge Base article
Corporation)
ISA Server and IIS Server (Microsoft Corporation)
Securing (Hardening) Windows Servers (Business Advisory Services Information Security)
Port Assignments foe Commonly-Used Services (Microsoft Corporation)
Windows 2003 Server TCP/IP Core Networking Guide (Microsoft Corporation)
Windows 2003 Group Policy (Microsoft Corporation)
SQL Server 2005 -

Preface

Cisco TelePresence Management Suite (Cisco TMS) is scalable, easy-to-use and integrates with
existing applications to increase the value of your video network. It provides complete visibility and
centralized control for on-site and remote video systems. Cisco TMS supports management,
deployment, and scheduling of the entire video network, including telepresence, from one single
product.
Hardening a server reduces its exposed services, enforces stricter policies on behavior, and removes
components or functionality not essential to the server's task. Through the Trustworthy Computing
Initiative Microsoft has significantly increased the security of a default installation of Windows 2003
SP2 compared to Windows 2000 or earlier. If you still wish to further tighten the security of your
installed servers Microsoft provides guidelines on hardening servers based on several degrees of
strength and the task that the server will perform.
This document is intended to provide instruction on how to harden a Windows 2003 server for the
tightest security, that Microsoft terms 'Specialized Security – Limited Functionality' while still
maintaining compatibility with the Cisco TMS application.
Hardening a server to this level reduces functionality of the server. Weigh your needs against these
changes before attempting to harden a server. This reduction in functionality will affect other policies
and methods one may normally expect to have available with Windows Server.
Take care when modifying the server as mistakes could render it unusable. A rebuild will be necessary
for recovery. The methods used in this document will allow no access to the Windows Server itself
except for users who are administrators. Additional information on risks regarding these changes are
available in the Microsoft Security Guide and Threats and Countermeasures documentation listed at
the beginning of this document.
This document describes
The installation of Windows.
The process of adding Cisco TMS.
How to secure Windows and IIS for a stand-alone installation of Cisco TMS.
The descriptions provided here apply to Windows 2003 SP2 and Cisco TMS version 12 and newer.
For versions older than Cisco TMS version 12, we recommend starting with a new Windows 2003
SP2server and upgrading to the latest version of Cisco TMS v12 to take advantage of the security
updates integrated into these products.
Cisco TMS Secure Server Configuration Guide 13.0
(Microsoft Corporation)
823659 Client, service, and program incompatibilities that may occur
2222473 Registry Settings for Windows File Protection (Microsoft
Setting Up Windows Service Accounts
(Microsoft Corporation)
(Microsoft Corporation)
General
Page 5 of 34