Review the secure topology design checklists (Search Server 2008)
Applies To: Microsoft Search Server 2008
Topic Last Modified: 2009-08-04
Note
Unless otherwise noted, the information in this article applies to both Microsoft Search Server 2008 and Microsoft Search Server 2008 Express.
In this article:
Server topology design checklist
Networking topology design checklist
Logical architecture design checklist
Operating system design checklist
In Microsoft Search Server 2008, successful server hardening depends on designing a server topology and logical architecture that target isolation and secure communication.
You can use the following checklists to ensure that your plans meet the criteria for a more secure design.
Use the secure topology design checklists with the following security environments:
External secure access
External anonymous access
Server topology design checklist
Review the following checklist to ensure that your plans meet the criteria for a more secure server topology design.
[ ] |
The topology incorporates dedicated front-end Web servers. |
[ ] |
Servers that host application server roles and the database server role are protected from direct user access. |
[ ] |
The Central Administration site is hosted on a dedicated application server, such as the index server. This is not possible in Search Server 2008 Express. |
Networking topology design checklist
Review the following checklist to ensure that your plans meet the criteria for a more secure networking topology design.
[ ] |
All servers within the farm reside inside a single data center and on the same VLAN. |
[ ] |
Access is allowed through a single point of entry, which is a firewall. |
[ ] |
For a more secure environment, the farm is separated into three tiers (front-end Web, application, and database), which are separated by routers or firewalls at each VLAN boundary. A Search Server 2008 Express farm can only be separated into two tiers (that is, a Web tier and a database tier). |
Logical architecture design checklist
Review the following checklist to ensure that your plans meet the criteria for a more secure logical architecture design.
[ ] |
At least one zone in each Web application uses NTLM authentication. This is required to enable the search account to crawl content within the Web application. For more information, see Plan authentication methods (Search Server 2008). |
[ ] |
Web applications are implemented by using host names instead of the randomly generated port numbers that are automatically assigned. Do not use Internet Information Services (IIS) host header bindings if the Web application will be hosting host-named site collections. |
[ ] |
Consider using separate Web applications for the following circumstances:
|
[ ] |
In a reverse proxy environment, consider using the default port for the public-facing network while you are using a non-default port on your internal network. This can help prevent simple port attacks that assume HTTP will always be on port 80 on your internal network. |
[ ] |
When deploying custom Web Parts, only trustworthy Web Parts are deployed within Search Center sites. This protects the sensitive content against intradomain scripting attacks. |
[ ] |
Separate application pool accounts are used for Central Administration and for each unique Web application. |
Operating system design checklist
Review the following checklist to ensure that your plans meet the criteria for a more secure operating system design.
[ ] |
The server operating system is configured to use the NTFS file system. |
[ ] |
Clocks on all servers within the farm are synchronized. |
See Also
Concepts
Plan server farm security (Search Server 2008)
Plan for secure communication within a server farm (Search Server 2008)
Plan security hardening for server roles within a server farm (Search Server 2008)
Plan security hardening for an extranet (Search Server 2008)