Windows NT Security

Windows NT Security

by Michael McInerney

A solid security foundation for enterprise NT 4/Windows 2000 networks!

  • Understand Windows NT 4 and Windows 2000 security architecture
  • Make the most of NTFS file and directory permissions
  • Restrict users via system policies and user profiles
  • Use encryption, decryption, authentication, and Windows 2000 Kerberos support


A solid security foundation for enterprise NT 4/Windows 2000 networks!

  • Understand Windows NT 4 and Windows 2000 security architecture
  • Make the most of NTFS file and directory permissions
  • Restrict users via system policies and user profiles
  • Use encryption, decryption, authentication, and Windows 2000 Kerberos support
  • Web security via Proxy Server filtering, logging, and alerts
  • Windows 2000 Security Configuration Toolset, Group Policies, DFS, and more

In Windows NT Security, leading global IT consultant Michael McInerney presents the hands-on, task-oriented information you need to maximize NT security right now(and crucial insights into key underlying concepts for building a more secure enterprise for the long term. You'll find detailed coverage for NT 4 enterprise networks, plus discussion of Windows 2000's extensive security improvements and practical guidance for migration.

McInerney introduces security models of both Windows NT 4 and Windows 2000, demonstrating how to establish a rock-solid security foundation from scratch, how to audit existing NT networks, and how to enhance flawed security quickly and effectively. Discover how to make the most of NT's powerful file and directory security mechanisms, as well as the new Windows 2000 Distributed File System (DFS). Learn how to secure IIS-based Internet/intranet sites and RRAS remote access; even how to secure specific registry keys.

McInerney provides in-depth coverage of NT/Windows 2000 encryption and authentication, including a detailed look at Kerberos support in Windows 2000. Appendices provide comprehensive system policy file listings;services and packet filter logging information; and a comprehensive Security Checklist.

Editorial Reviews

McInerney, an Ireland-based consultant specializing in security issues, demonstrates how to plan security for domains and Active Directory-based networks, audit existing NT networks, and restrict users via user profiles and system policies. The guide also covers NTFS file and directory permissions; Web security via proxy server filtering, logging, and alerts; and Windows 2000 security configuration, tool set, file system encryption, and Kerberos support. Intended for system and network administrators. Annotation c. Book News, Inc., Portland, OR (

Product Details

Pearson Education
Publication date:
Prentice Hall Microsoft Technology Series
Product dimensions:
7.03(w) x 9.21(h) x 1.17(d)

Related Subjects

Read an Excerpt



System security is a tricky subject to write about. The measurement of what is secure and what isnÕt secure is highly subjective and dependent on many factors. The individual or group view of todayÕs requirements for your organization, assumptions, and any known facts concerning the situation in the future and views on the criticality of your systems are all factors relating to this measurement.

It would be very easy for me to preach about what I think you should do to secure your systems, but without knowledge of your individual environment and needs, it would also be very wrong.

With this book I have approached the subject of security in two ways. First, I have tried to show why you may consider implementing a particular security feature or process. This attempt has been included to prompt the discussions between you and your colleagues that are a necessary part of the design process for the security model. Second, I have included step-by-step guides for implementing the security feature itself. You will be able to use the step-by-step guides to implement the security features and thresholds that are right for your organizational needs, adapting the examples as necessary.


Windows NT Security targets Systems and Network Administrators, Security Professionals, System Audit Specialists, Compliance Officers, Developers, and anybody who needs to understand Windows NT and Windows 2000 security features.

Concern over data security today means that management focus is moving more than ever toward data and system security. Sadly, this focus and the ensuing demand for performance are not always accompanied by a largebudget allowing for add-on tools and specialist consultants who can design your security model and help to implement this design. The responsibility for the design, implementation, and maintenance of the security model falls on the shoulders of the System Administrators or other in-house group of professionals who may not have needed to face this particular challenge before.

The content of this book requires a good administrative knowledge of Windows NT systems and also Windows 2000 systems if you wish to leverage the Windows 2000 content to its fullest potential. Many of the functions and features discussed in this book focus on the system registry as both a source of information and also the place to make changes to move toward the target of securing your systems. For this reason, the reader knowledge level for this book has been set between intermediate and advanced. Readers should be comfortable using the registry editing tools for browsing and amending settings before attempting any of the exercises that include this type of activity.


Windows NT Security is divided into three parts.

Part One, System Security Overview, is an introduction to security concepts and how these concepts can be mapped to the Windows NT security architecture. This is a good starting point for all readers and will give you grounding in this particular topic. Seasoned Security Professionals who feel comfortable with their own knowledge in this area may still want to cover this part of the book simply as a comparison tool to their own thoughts.

Part Two, Windows NT 4.0 Security Components, looks at the security related components of Windows NT 4.0. This part of the book looks at all of the built-in features of Windows NT and how they can be best leveraged at your own site to meet the needs for security and also give the flexibility required to run a business.

Part Three, Looking Forward to Windows 2000, looks at Windows 2000 and the changes in the security model between Windows NT 4.0 and Windows 2000. This part contains an introduction to the Active Directory and then moves on to look at the security-specific features contained in the new operating system. Encrypting file systems, distributed file systems and the security concerns around this technology, the security configuration tool set, and group policies are discussed in this part of the book.

Each chapter is organized as individual unit. The chapter can be looked at on its own, and because of this organization, the seasoned NT professional can use the book as a reference guide to each topic. The main focus, however, is on building a security model for your organization, and as readers work through the book, the security model can be defined around the concepts and discussions contained in each chapter. Readers will gain the most benefit from this approach to the book.

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >