Even if you don't go out and get a third party package focused around environmental monitoring, at least take advantage of the Windows Server 2008 event log subscription features. These things are invaluable in a low cost environment as they are already there as part of the platform.
Also, other references for training your people.... Start with basic functionality monitoring.... http://technet.microsoft.com/en-us/library/ee748636.aspx http://technet.microsoft.com/en-us/library/ee663480.aspx Get some hands on with monitoring features in SharePoint 2010... http://go.microsoft.com/?linkid=9737842 Key basic webcasts: Security http://www.microsoft.com/events/series/sharepointserver.aspx?tab=Videos&seri esid=92&webcastid=13874 Health Monitoring http://www.microsoft.com/events/series/sharepointserver.aspx?tab=Videos&seri esid=92&webcastid=14522 Security Model Part 1 http://www.microsoft.com/events/series/sharepointserver.aspx?tab=Videos&seri esid=92&webcastid=15506 Security Model Part 2 http://www.microsoft.com/events/series/sharepointserver.aspx?tab=Videos&seri esid=92&webcastid=15507 Remember that initial implementation for right this second about locking down your new sharepoint install for use as an extranet portal is only part of the solution. All of your IT folks who will be responsible for elements of the solution need to have the appropriate basic knowledge on how security works and policies need to be in place to ensure that solutions and customizations by users with appropriate rights do not violate the fundamental best practices to compromise your solution's security. Make sure that your sharepoint developers have read and are familiar with at least the Microsoft Patterns and Practices on the subject: http://msdn.microsoft.com/en-us/library/ff770300.aspx -W -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of sarbjit singh gill Sent: Monday, December 20, 2010 6:15 AM To: [email protected]; 'mamo' Subject: RE: Hardening SharePoint 2010 on Win 2008 R2 First you need this: http://www.microsoft.com/windowsserver2008/en/us/security-policy.aspx -> Windows 2008 security guide. http://technet.microsoft.com/en-us/library/cc262849.aspx --> SharePoint hardening guide. Next you need to monitor your environment for security related changes/events which are out of the normal. Something like --> www.stealthbits.com Regards Sarbjit Singh -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of mamo Sent: Monday, December 20, 2010 6:33 AM To: [email protected] Subject: Hardening Sharepoint 2010 on Win 2008 R2 Hello. My company is working on the new internet web site. It is going to be based on Sharepoint 2010 on Windows 2008 R2. They are very new platform (very very new for me :-( ). Do you know of any hardening guide for Sharepoint 2010? Can you give me pointers on Windows 2008 Hardening or security checklist? Thank you in advance. Mamo
