Hello. We have quite complex policy that is not possible to summarize on a mailing list. Some important point for me specific for this project (it is a public web site): - The front end on internet need to a have a secure in depth configuration (if one level fail, I don't want to have all site compromised). I am looking both on configuration to be applied to the front end and to the backend. - I want to have a strong auditing level on who does what in changing the content of the site to be able to analise possible compromise/mistake with the change functionality.
Thank you. Mamo On Mon, Dec 20, 2010 at 8:02 AM, Anupam Kumar <[email protected]> wrote: > Hi Mamo, > > There is no definitive guide that can be given as it depends completely on > the security policy of your company. I work for Capital One and almost > everything is disabled due to security. However, I am also aware from past > experiences that some companies hardly follow any hardening procedures. To > answer your question better, please let us know what is your requirement. > What kind of security are you looking at? > > Knowing this is critical before something can be suggested. > > Regards > Anupam Kumar > > On Mon, Dec 20, 2010 at 4:02 AM, mamo <[email protected]> wrote: >> >> Hello. >> >> My company is working on the new internet web site. >> It is going to be based on Sharepoint 2010 on Windows 2008 R2. >> >> They are very new platform (very very new for me :-( ). Do you know of >> any hardening guide for Sharepoint 2010? Can you give me pointers on >> Windows 2008 Hardening or security checklist? >> >> Thank you in advance. >> Mamo > >
