NIST Checklist Logo
NIST Security Configuration Checklists Repository
BETA
Browse Repository by
   Product Category
   Vendor
   Submitting
Organization

Our Sponsor
white space white space

Microsoft Windows 2000 Router Configuration Guide

Name Microsoft Windows 2000 Router Configuration Guide
Version v1.02
Status Final
Creation Date 2001-05-01
Revision Date  
Product Category Router
Vendor Microsoft Corporation
Product Microsoft Windows 2000 Server - Router
Product Version Windows 2000 Server
Product Role Enterprise router
Checklist Summary The purpose of this guide is to provide technical guidance to network administrators of small to medium size networks in the configuration and integration of Microsoft Windows 2000 Server Router features. This guide also informs the reader about additional security features that are available in the Microsoft Windows 2000 Server Router environment. This guide is not intended to provide individual security settings for the network devices. Instead, it is designed to provide the reader an idea of what functionality is recommended in the integration of the Windows 2000 router within a TCP/IP network. The Microsoft Windows 2000 Router Configuration Guide presents a general overview of the routing features, recommended routing protocol, and filtering services. This overview is designed to show the recommended functionality in various locations within a network. The author intends for this guide to be used to help the planning phase of a small to medium sized network with typically less than 50 LAN segments. This guide should not be used on its own as an all-encompassing blueprint for router configuration.
Known Issues Do not attempt to implement any of the settings in this guide without first testing in a non-operational environment. This document is only a guide containing recommended security settings. It is not meant to replace well-structured policy or sound judgment. Furthermore, this guide does not address site-specific configuration issues. Care must be taken when implementing this guide to address local operational and policy concerns. The security changes described in this document only apply to Microsoft Windows 2000 Server systems and should not be applied to any other Windows versions or operating systems.
Target Audience This document is intended for Microsoft Windows 2000 network administrators and network designers. However, it should be useful for anyone involved with designing a routable network that includes Microsoft Windows 2000 hosts and/or servers.
Target Operational Environment Enterprise wide distribution.
Checklist Installation Tools  
Rollback Capability Not Available.
Testing Information The security configuration guide has been extensively tested in a lab and operational environment.
NIAP/CMVP Status  
Regulatory Compliance  
Comments, Warnings, Disclaimer, Miscellaneous
 Perform a complete backup of your system before implementing any of the recommendations in this guide.
Disclaimer Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. Security configuration guides are provided for the Department of Defense and other government agencies requiring security configuration guidelines. The guides contain recommended security settings. They are not intended to replace well-structured policy or sound judgment. The guides do not address site-specific configuration issues. Care must be taken when implementing the guides to address local operational and policy concerns. All security changes described in the guides are applicable only to specifically identified operating systems or architecture components and should not be applied to any other operating system or architecture components.
Product Support  
Submitting Organization/Authors National Security Agency
Point of Contact SNAC.Guides@nsa.gov
Sponsor  
Licensing Refer to the legal statement provided found in the download package.
http://www.nsa.gov/notices/notic00004.cfm?
Address=/snac/os/win2k/w2k_router.pdf
Checklist Homepage http://www.nsa.gov/ia/
Download Package w2k_router.pdf
Integrity SHA1 (w2k_router.pdf) =
c871c4d8b33ea7b25e22c4b422326c88947a7329

SHA256 (w2k_router.pdf) =
2536a15534a678e8323051eeacbbc062851909de
9187f4d60ee4f1000f10949e
Change History

v1.0, 2001-08-13

Dependency/Requirement  
References The following references were cited throughout this document:

Black, Ulysses, IP Routing Protocols, Prentice Hall, 2000.

NSA Systems and Network Attack Center, Router Security Configuration Guide, December 2003.

NSA Systems and Network Attack Center, Microsoft Windows 2000 Network Architecture Guide, October 2000.

NIST Identifier 1019


NIST and the checklist submitter do not guarantee or warrant the checklist's accuracy or completeness. NIST is not responsible for loss, damage, or problems that may be caused by using the checklist.

Last updated: May 13, 2005
Page created: October 28, 2004
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to checklists@nist.gov
NIST is an Agency of the U.S. Commerce Department's Technology Administration