Educause Security Discussion mailing list archives

Re: vista KMS security

From: "Fowler, Steve" <steve.fowler () OREGONSTATE EDU>
Date: Sun, 4 Mar 2007 22:46:56 -0800

Our KMS server is set up on a virtual machine.  We snapshot the machine
once it reached 25 systems to ensure we can have it up and running in a
short amount of time should something happen to the host.  The KMS
server and host both sit behind a firewall that only permits access to
on-campus addresses or address space used by associated units on the
specified port.  We further restrict access to the SRV record using AD
permissions thus requiring the client system to be a domain joined
system.

Regards, 
Steve Fowler
System Manager
Technology Support Services
Oregon State University

-----Original Message-----
From: Robert Riley [mailto:rriley3 () ND EDU] 
Sent: Thursday, February 15, 2007 8:13 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] vista KMS security

What's everyone doing to secure their Vista KMS services? Any special 
network config or other precautions? Are you allowing it to co-mingle 
with anything else or practicing isolation?

Current thread:

vista KMS security Robert Riley (Feb 15)
- <Possible follow-ups>
- Re: vista KMS security Fowler, Steve (Mar 04)
- Re: vista KMS security Valdis Kletnieks (Mar 05)
- Re: vista KMS security Fowler, Steve (Mar 22)