Conclusion: a comprehensive explanation of the definition of server security

Server security can be classified into narrow sense and broad sense. server security refers to the security of the operating system on which the server depends. server security in the broad sense, apart from operating system security, it also includes hardware security, application security, and data security. Indeed, as the core of data storage and processing requirements, server security involves too many steps.

The most helpless Operating System

"The operating system is not absolutely secure." It is said that 80% of server application problems are related to operating system interfaces. "Default installation" is a manifestation. The default installation means all the additional services and open ports of the default Operating System, paving the way for attackers to take over the computer. Generally, the fewer ports the system opens, the fewer ways attackers can intrude into the computer. The application development of many users is based on the "default installation". In this way, an extremely insecure system is built. In view of this fact, you can consider buying server security reinforcement software. If there is no investment, using some free tools or regular patching can also effectively improve the security level of the system.

Most urgent patch/virus

Currently, the most common server security problems for users are divided into two categories: hacker attacks and password leaks; and vulnerabilities. Users often cannot monitor vulnerabilities and download patches in a timely manner, especially for Intranet management. He said that Microsoft's automatic patch upgrade service has reduced the workload of administrators to a certain extent. For users in key industries such as finance and Telecom, the patch is good, but it is definitely not usable-because the patch may conflict with the running business, resulting in service interruption. China Merchants Bank Head Office has a "system security room", which is responsible for testing and managing patches in a unified manner. Each patch must undergo careful demonstration and testing.

Least-ignored Application Development

"When we perform penetration tests for users, we often find that the system is not very problematic, and the applications have problems more or less ". This is because with the emphasis on security, many administrators have adopted security products for protection and are constantly patching. Therefore, the attack has turned to new signs starting from the application process. Security issues must be taken into account in all application development. Many enterprises or software developers only focus on application implementation in the process of application development, while ignoring the security of applications and the security risks of Application Software on some default service calls of the operating system, this has led many users to discover critical security problems after they put them into use in key systems, but they are powerless.

The most important management system

The management system is important because security is a interlocking environment. For example, we can see that the "Shock Wave" and "Shock Wave" attacks are on Windows servers, but they cause network congestion and finally affect hosts and all other devices on the network. For another example, many large enterprises have a large number of internal network devices, but the management is not as strict and powerful as the external network. As a result, this poses a major security risk to the entire system. security should be taken into account at the beginning of information planning. Otherwise, it is difficult to fundamentally ensure security. before buying a product, risk assessment will be conducted first, and then security policies and systems will be developed based on priorities.

The most reliable hardware system

In a broad sense, in addition to operating system and application security, server security also includes host hardware and equipment security, it involves the construction of data centers and physical environments (including air conditioning, temperature, humidity, fire fighting, power supply, rack, and server hardware maintenance ).? We are not talking much about this. confidence comes from the maturity of the server industry. For example, designs such as "redundancy" and "Hot swapping" are widely used in server memory, hard disk, CPU, Nic, power supply, fan, and other components, in addition, the Service and reliability and availability of server vendors are getting more and more reassuring. Server Security in the narrow sense is reliability. Reliability is the primary consideration for users when purchasing products. Each year, CMB generates a fault report for the servers of several major vendors, such as IBM, HP, and Sun, for the procurement reference of the next year. He felt that "hardware is not easy to damage and the vendor's services are in place ."

Server Security Summary

For server system security, a complete server security management system should be established, and the system administrator should take relevant repair measures for security vulnerabilities that are most likely to cause serious security risks. Server-specific security management systems can include the establishment of server security reinforcement mechanisms, strengthening system account and password management, closing unnecessary system ports, filtering incorrect data packets, and establishing system log review systems., remote management using encryption, and timely updating system security patches. It is most important to establish security awareness and formulate information security plans.