Our environment currently uses QIP for IP management (DNS, DHCP) both internally and externally. We are in the process of designing a new AD infrastructure that will be W2K8R2 and I'm bringing up the possibility of moving from QIP to AD DNS. My primary thought is cost savings. We are a large MS shop, with some UNIX. We've already identified the functions that the QIP DNS implementation provides, and have verified that MS can match those. I think my hardest sell will be for the external DNS. The perception in our environment is that the MS OS is not as secure as other operating systems (*NIX) or an appliance. I am making the case that in a layered environment the MS OS should be just as secure as other options. I'm no security expert, and would like to have some information to bring to this discussion. Some of the things I'm already aware of:
Server core has a much smaller attack surface due to it's reduced footprint Fewer services loaded out of the box Ability to allow only the traffic that is needed using the Windows firewall Any additional information that I can bring to this discussion to make my case? All comments are appreciated. Thank you, Chris Bodnar ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
