Cyber Security Institute
Thursday, May 08, 2008
Draft guidance for securing servers
The National Institute of Standards and Technology is seeking comment on its draft guidelines for securing servers, released this week. NIST Special Publication 800-123 [1], “Guide to General Server Security,” makes recommendations for securing server operating systems and softwarein addition to maintaining a secure configuration with patches and software upgrades, security testing, log monitoring and backups of data and operating system files. The recommendations apply to a variety of typical servers, such as Web, e-mail, database, infrastructure management and file servers.