Why It's Hard to Harden Clients

by Mitch Tulloch [Published on 1 Nov. 2005 / Last Updated on 1 Nov. 2005]

Servers are usually hardened--why not clients?

Tools like the new Security Configuration Wizard (SCW) included in Windows Server 2003 Service Pack 1 are excellent for hardening servers to protect them from attack. But why hasn't Microsoft released a similar tool for hardening Windows XP client machines?

The simple reason is that hardening clients the same way you harden servers would make them unusable for ordinary users. With servers one generally has a clear idea what they do i.e. what services they provide, so hardening is a fairly straightforward procedure. But with clients, you may have no idea what the user may need to do, what applications they may need to run, what services they may need access to, and so on.

So don't try and harden clients the way you harden your servers or your users are bound to complain loudly!

Mitch Tulloch

The Author — Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .

Latest Contributions

Featured Links