Windows Web Server Management Overview
At eUKhost we offer a full array of server management services with our dedicated servers executed by a team of specialised technicians. Server management includes installation and maintenance of standard software packages, IIS Web Server, MsSQL Server, MailEnable / SmarterMail Server Configuration, security monitoring, Management and technical support.
As soon as your server is setup, it will start to perform as per your requirements. The following is the list of tasks performed by our Windows Server Administrators on customer request to maintain their dedicated server and ensure it's security.
Review Audit logs
- Check application log for warning and error messages for service startup errors, application or database errors and unauthorized application installs.
- Check security log for warning and error messages for invalid logons, unauthorized user creating, opening or deleting files.
- Check system log for warning and error messages for hardware and network failures.
- Check web/database/application logs for warning and error messages.
- Check directory services log on domain controllers.
Perform/verify daily backup
- Run and/or verify that a successful backup of system and data files has completed
- Run and/or verify that a successful backup of Active Directory files has completed on at least one Domain Controller
Track/monitor system performance and activity
- Check for memory usage.
- Check for system paging.
- Check CPU usage.
Check free hard-drive space
- Check all drives for adequate free space
- Take appropriate action as specified by site's Standard Operating Procedures
Physical checks of system
- 1.Visually check the equipment for amber lights, alarms, etc.
- Take appropriate action as specified by Standard Operating Procedures
Update Anti-Virus signature file & do the other updates:
- Download and install current Anti-Virus signature files.
- Scan all hard-drives using current Anti-Virus signature files.
- Check vendor websites such as Microsoft, Sun, HP, Oracle, etc for new vulnerability information including patches and hotfixes.
Summary of security measures:
- Provide Physical Security for the machine.
- Schedule automatic windows updates.
- Use NTFS on all your partitions.
- Test & install Patches and Hotfixes.
- Use passwords on all user accounts.
- Disable unnecessary services.
- Apply OS upgrades and service packs.
- Schedule Downtime for Reboots.
- Create/maintain user and groups accounts.
- Set user and group security.
- Check user account passwords.
- Rename the Administrator Account to some different or consider creating a dummy Administrator account in place of the default one.
- Changing the default RDP port to something else.
- Disable network sharing & default shares.
- Disable dump file creation, which can cause leaking of sensitive information account passwords.
- Password security, turn on 'password complexity requirements' in Group Policy, so no weak passwords are setup for any accounts. Reset the passwords regularly for all the accounts.
- Disable the default Guest account if found to be active.