0 Service Pack 6a or Later Operating Systems can be checked. This strengthens the
authentication level used for outbound connections, making it less likely that passwords
will be decrypted through the use of brute-force techniques.
In addition, the setting for Clocks That Are Synchronized with the Selected Server??™s Clock
can be checked if there is a clock synchronization scheme in place, such as NTP, or if the
domain controllers in the domain are Windows Server 2003 or greater. Once again, this
affects only outbound attempts to communicate with file servers from the ISA server,
which is often disabled, so many of these options may seem redundant and unnecessary.
As previously mentioned, however, it is ideal to configure as many layers of security as
possible without breaking functionality, and there are very few downsides to configuring
these options, so it is always a good idea to set them.
FIGURE 2.15 Configuring outbound authentication methods.
61
2
Securing the Operating System with the Security Configuration Wizard
Continue with the following steps:
1. Check both boxes on the Outbound Authentication by using the Domain Account
dialog box (if the criteria mentioned earlier has been satisfied) and click Next to
continue.
Pages:
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173