Typically performed on a business critical, Internet-facing machine, this hardening exercise focuses on the execution of an action plan to increase Windows 2000 host security. Industry best practices dictate that an 'image' server be employed to assure the "roll out" of secure hardened OSs to business critical servers within the enterprise. The hardening applies security policies, patches and fixes in addition to industry accepted modifications such as registry settings, addition of an IPsec policies, removal of non-essential services, removal from domain or AD models, rights modification of common system tools to deny typical hacker exploits, and many, many other considerations.
A key benefit of the WhiteHat Inc. hardening exercise is that it is performed with the involvement of host system administrators. This imparts a high degree of understanding of the processes and allows for the long-term preservation of the hardened operation environment, which is vital to the continuing integrity of the host system.
A Server hardening service, including documentation, is typically 2 person-days in duration. Some economies can be had in multiple server projects; all Hardening assignments need to be analyzed prior to the generation of a cost estimate.
NOTE: In addition to on-site professional hardening services, WhiteHat Inc. also provides training classes on the subject. These courses represent an excellent educational tool for new system administrators and also serve as "refresher training" for administrators after on-site hardening services have been performed.