Home \ Evolve \ NSA Guides to Securing your O/S

NSA Guides to Securing your O/S

Operating Systems

NSA has developed and makes online guides to making your O/s secure.  These guides are currently being used throughout the U.S.government and by numerous entities as a security baseline for their systems.





Apple Mac

Apple Mac OS X 10.5 ‘Leopard’

The recommendations in Apple’s Mac OS X Security Configuration For Version 10.5 Leopard Second Edition track closely with the security level historically represented in NSA guidelines. It is our belief that this guide establishes the best practices for securing the product and recommends that traditional customers of our security recommendations use the Apple guide when securing Mac OS X 10.5 systems.

Return to Top

Apple Mac OS X 10.4 ‘Tiger’

As part of a change in our development strategy for security guidance, NSA does not intend to publish separate security guides for the Macintosh OS X operating system beyond that produced by the vendor, beginning with Tiger, OS X version 10.4.x. The recommendations in Apple’s Mac OS X Security Configuration For Version 10.4 or Later and Mac OS X Server Security Configuration For Version 10.4 or Later track closely with the security level historically represented in the NSA guidelines. It is our belief that these guides establish the latest best practices for securing the products and recommend that traditional customers of our security recommendations use the Apple guides when securing Macintosh OS X 10.4.x and Macintosh OS X Server 10.4.x.

Return to Top

Apple Mac OS X 10.3 ‘Panther’

Apple Mac OS X 10.3 “Panther” Mac OS X 10.3 is no longer supported by Apple. It does not receive security updates and is NOT RECOMMENDED for use. The following guides are intended only for historical reference.

Return to Top


Linux

Red Hat Enterprise Linux 5

NSA has developed and distributed configuration guidance for Red Hat Enterprise Linux 5 that is currently being used throughout the government and by numerous entities as a security baseline for their Red Hat Enterprise Linux 5 systems.

Return to Top


Microsoft Windows

Microsoft Windows Vista

As part of a change in our development strategy for security guidance, NSA does not intend to publish a separate guide for Windows Vista beyond what was produced as a cooperative effort between the vendor and the security community. The “Specialized Security – Limited Functionality” (SSLF) security settings in Microsoft’s Windows Vista Security Guide track closely with the security level historically represented in the NSA guidelines. It is our belief that this guide establishes the latest best practices for securing the product and recommend that traditional customers of our security recommendations use the Microsoft guide when securing Windows Vista. Windows Vista FAQs

TitleLast ReviewedFile SizeRevised
Windows Vista Security Guide.msiMar 091650KB13 Nov 06

Return to Top

Microsoft Windows Server 2003

As part of a change in our development strategy for security guidance, NSA does not intend to publish a separate security guide for Windows Server 2003 beyond what was produced as a cooperative effort between the vendor and the security community. The Special Security – Limited Functionality (SSLF) settings in Microsoft’s Windows Server 2003 Security Guide track closely with the security level historically represented in the NSA guidelines. It is our belief that this guide establishes the latest best practices for securing the product and recommend that traditional customers of our security recommendations use the Microsoft guide when securing Windows Server 2003.

TitleLast ReviewedFile SizeRevised
The Windows Server 2003 – Security Guide, v2.1Mar 094526KB26 Apr 06
The Windows Server 2003 – Security Guide – Read Me, v2.1Mar 0920KB26 Apr 06
The Windows Server 2003 – Security Guide – Release Notes, v2.1Mar 0924KB26 Apr 06
NSA Windows Server 2003 Security Guide AddendumMar 0949KB12 Sep 06
The Windows Server 2003 – Security Guide – Tools and Templates, v2.1 (exe file)Mar 09320KB26 Apr 06

Return to Top

Microsoft Windows XP

As part of a change in our development strategy for security guidance, NSA is no longer maintaining and updating security guides for Windows XP Professional beyond what was produced as a cooperative effort between the vendor and the security community. The “Specialized Security – Limited Functionality” (SSLF) security settings in Microsoft’s Windows XP Security Guide track closely with the security level historically represented in the NSA guidelines. It is our belief that this guide establishes the latest best practices for securing the product and recommend that traditional customers of our security recommendations use the Microsoft guide when securing Windows XP.

TitleLast ReviewedFile SizeRevised
NSA Windows XP Security Guide AddendumMar 0950 KB12 Sep 06
Zipped Windows XP Security Configuration Guides** (zip file)Mar 09980 KB12 Sep 06

Return to Top

Microsoft Windows 2000

Windows 2000 is NOT RECOMMENDED for security-critical environments. It lacks important security features that are available in Windows XP and Vista. Microsoft currently provides security patches for Windows 2000, but the product is in its Extended Support Period, and this will end in June 2010. NSA recommends upgrading as soon as possible.
To assist our Windows 2000 user community, NSA has developed security configuration guidance for Windows 2000, with the cooperation of other government agencies and industry partners who provided their expertise and extensive technical review. The configuration guide for Microsoft Windows 2000 is being posted on the NSA web site and is presented in three parts: “.INF” files, configuration guides, and supporting documents..
NOTE: Follow these instructions to ensure that Microsoft Exchange will work with the Windows 2000 Security Configuration Guide.
A description of the files and how to modify the settings is available in the Guide to Securing Microsoft Windows 2000 Group Policy: Security Configuration Tool Set.

TitleLast ReviewedFile SizeRevised
SCERegVl.INFMar 0913KB5 Mar 03
W2kDC.INFMar 0932KB5 Mar 03
W2K DOMAIN POLICY.INFMar 094KB
W2k Server.INFMar 0932KB5 Mar 03
W2k Workstation.INFMar 0931KB5 Mar 03
ISA.INFMar 091KB
Microsoft Windows 2000 Network Architecture GuideMar 09227KB
Guide to Securing Microsoft Windows 2000 Group PolicyMar 09328KB
Guide to Securing Microsoft Windows 2000 Group Policy: Security Configuration Tool Set 1.2.2Mar 09755KB12 Sep 06
Group Policy ReferenceMar 09769KB
Guide to Securing Microsoft Windows 2000 Active DirectoryMar 09611KB
Guide to Securing Microsoft Windows 2000 DNSMar 09372KB
Guide to Securing Microsoft Windows 2000 Encrypting File SystemMar 09218KB
Guide to Securing Microsoft Windows 2000 File and Disk ResourcesMar 09420KB
Guide to Securing Microsoft Windows 2000 SchemaMar 09133KB
Guide to Securing Microsoft Windows NT/9x Clients in a Windows 2000 NetworkMar 09231KB
Guide to Secure Configuration and Administration of Microsoft ISA Server 2000Mar 091,469KB
Guide to Secure Configuration and Administration of Microsoft Windows 2000 Certificate ServicesMar 091,432KB
Guide to Secure Configuration and Administration of Microsoft Windows 2000 Certificate Services (Checklist Format)Mar 091,167KB
Guide to Secure Configuration and Administration of Microsoft Internet Information Services 5.0 version 1.4Mar 092,731KB16 JAN 04
Guide to Using DoD PKI Certificates in Outlook 2000, version 2.0Mar 09800KB
Guide to Windows 2000 Kerberos SettingsMar 09369KB
Microsoft Windows 2000 Router Configuration GuideMar 09688KB
Guide to Securing Microsoft Windows 2000 DHCPMar 09337KB
Guide to Securing Microsoft Windows 2000 Terminal ServicesMar 09662KB
Microsoft Windows 2000 IPsec GuideMar 091,330KB
Guide to Secure Configuration and Administration of Microsoft Exchange 2000Mar 094,200KB15 Dec 04
Zipped Windows 2000 Security Configuration Guides** (zip file)Mar 0916,300KB28 Oct 05

Return to Top


Sun Solaris

Sun Solaris 10

As part of a change in our development strategy for security guidance, NSA does not intend to publish its own security configuration guide for the Solaris 10 operating system. The recommendations in the documents below track closely with the security level historically represented in the NSA guidelines. It is our belief that these guides establish the latest best practices for securing the products and we recommend that traditional customers of our security recommendations use these guides when securing Solaris 10 systems.

TitleLast ReviewedFile SizeRevised
CIS Solaris 10 Benchmark v4.0 *Mar 09409KB24 Sep 07
An Overview of Solaris 10 Operating System Security Controls *Mar 09853KB25 Sep 07

Return to Top


**To download and uncompress zipped files you need to have winzip loaded on your local machine.

Sun Solaris 9

NSA has developed and distributed configuration guidance for Sun Solaris 9 that is currently being used throughout the government and by numerous entities as a security baseline for their Sun Solaris systems.

TitleLast ReviewedFile SizeRevised
Guide to Secure Configuration of Solaris 9Mar 091,200KB

Leave a Reply

Your email address will not be published. Required fields are marked *