Verifying that all Identified Security Threats are Mitigated

Applies To: Windows Server 2008

You need to verify that all the identified security threats are properly handled in your new Network Load Balancing (NLB) cluster.

To verify that the identified security threats are mitigated

  1. Connect a client computer to the network such that the clients access the cluster by using the same route path that a typical client computer would use to connect to the cluster. For example, when clients connect to the cluster through a series of firewalls and routers to connect to the cluster over the Internet, ensure the client computer used for testing connects to the cluster through the same firewalls and routers.

  2. Log on to the client computer with the user rights identified in your security threats.

  3. For each identified security threat, reproduce the steps that result in the security compromise of the cluster.

  4. Document the results and resolve all security threats before proceeding further in the deployment process.

NLB Denial-of-service Protection

NLB Denial-of-service Protection protects an NLB cluster from denial-of-service attacks such as SYN attacks and timer starvation. If protection is not present, the NLB cluster may not perform optimally and the connections in the cluster may fail. Analyze the threats against the Network Load Balancing (NLB) cluster, including potential denial-of-service attacks, and then take the appropriate measures. For more information about security, see Security and Protection.