Plan for security (Search Server 2008)
Applies To: Microsoft Search Server 2008
Topic Last Modified: 2009-08-07
Note
Unless otherwise noted, the information in this article applies to both Microsoft Search Server 2008 and Microsoft Search Server 2008 Express.
This article contains a methodical approach to building stronger security into your solution design for Microsoft Search Server 2008. This approach is based on a foundation of the following security guides, which are provided in Microsoft patterns and practices:
These guides explain practical and secure configurations for specific server roles. The guidance for each server role includes recommended security settings for the network, the operating system, and the installed applications. This includes Internet Information Services (IIS), Microsoft ASP.NET Framework, and Microsoft SQL Server.
The information in this article supplements the Microsoft patterns & practices security guidance in several ways:
Provides recommendations for each server role in a server farm.
Identifies additional networking, operating system, and application settings that are appropriate for server roles.
Provides recommendations for securing the specific applications and features that are installed by Search Server 2008.
Targets security recommendations to environments that are common for Search Server 2008 solutions.
Plan for improved security by using the following steps:
Plan the security environment. The security guidance that is recommended for your organization depends on which environment best matches your intended use of Search Server 2008. Use the following article to help plan the security environment:
- Choose the security environment (Search Server 2008) describes the three key security environments: internal team or department, external secure access, and external anonymous access.
Plan server farm security. Plan how to secure individual servers in a server farm. The Microsoft patterns & practices security guides are used as a foundation for securing Search Server 2008 environments. Use the following articles to help plan server farm security:
Review the secure topology design checklists (Search Server 2008) to ensure that the topology and logical architecture meet the criteria for a more secure design.
Plan for secure communication within a server farm (Search Server 2008) to ensure that the methods for achieving more secure communication are most appropriate for your solution.
Plan security hardening for server roles within a server farm (Search Server 2008) to determine the specific hardening settings for each of the server roles in the server farm.
Plan security hardening for an extranet (Search Server 2008) to determine the security settings to allow content to be more securely accessed from the Internet or the corporate network.
Plan secure configurations for features. Plan how to configure Search Server 2008 features in a more secure manner. Use the following article to help plan more secure configurations:
- Plan secure configurations for Search Server 2008 features provides recommendations for more securely configuring Search Server 2008 features. The recommendations in this article are usually configured by using Central Administration, instead of in in the network, operating system, IIS, or .NET Framework.
Plan environment-specific security. Plan security targeted to the specific environment. Use the following articles to help plan environment-specific security:
Plan security for an internal team or department environment (Search Server 2008) provides additional security guidance targeted to the internal team or department environment.
Plan security for an external secure search environment (Search Server 2008) provides additional security guidance targeted to the external secure search environment.
Plan security for an external anonymous access environment (Search Server 2008) provides additional security guidance targeted to the external anonymous access environment.
Plan security roles. Use the following article to plan for and design security roles:
- Plan for security roles (Search Server 2008) describes planning roles for administrators and for users.