Nowadays, Web sites are a key asset to organizations of all sizes, providing information and services to clients, suppliers and employees. Unfortunately, they also open new threats to the enterprise network. In this primer, Michael Cobb, managing director of security consultancy Cobweb Applications Ltd., and author of IIS Security, lays down the groundwork for locking down a Web server before it goes live.
The primer begins with a look a Web server hardening procedures, followed by access control and security policies. He also explains how to secure other network services such as SMTP and FTP, and the best way to prepare recovery plans and backup procedures.
Readers will come away with a checklist to ensure any IIS Web server is secure and ready to handle the online world.
- Download the
- primer: Insider's guide to IIS Web server security (.pdf).
- Download the accompanying audio track: Insider's guide to IIS Web server security
This was first published in October 2007