Administrator's Guide

Security Recommendations 53

Additional Security Recommendations

In addition to the practices mentioned in “Standard Security Recommendations,” Dell recommends the

following practices to ensure security:

• Format all volumes as NTFS.

• Disable automatic log on.

• Disable the guest account.

• Do not install IIS sample applications.

• Disable parent paths.

• Move the Microsoft Active Directory Connector and scripts virtual directories from the default website

to another location.

Ensure that you place appropriate restrictions on any Anonymous Logon groups. To allow UNIX

users

who do not have Windows user accounts to access resources on a system running Windows, you must

explicitly add the Anonymous Logon group to the Everyone group and assign the Anonymous Group

appropriate permissions.

Maximum Security Recommendations

This section provides information about practices recommended for maximum security on your

storage server.

• Allow no more than two administrators on the storage server.

• Do not allow passwords that have no expiration date.

• Enable Logon Success and Logon Failure auditing.

• Disable unnecessary services.

• Disabling unnecessary services also increases performance.

• Remove the IISADMPWD virtual directory.

• Enable application logging options for all web and FTP sites.

• Ensure that Internet Explorer zones have secure settings for all users.

• Use the storage server only for shares and services that are actively used.

• Disable http sharing if http shares are not used.