The ideal multipurpose network operating system for the everyday needs of
organizations of all sizes The additions to Windows Server 2003 introduced by
Windows Server 2003 SP1 are designed to improve security, reliability, and
productivity. Below is a brief introduction to the new features and enhancements
brought to Windows Server 2003 by Service Pack 1. A more detailed description of
these additions can be found in the Windows Server 2003 SP1 Product Overview.
Enhancements Windows Server 2003 SP1 includes improvements to
functionality that originally shipped with Windows Server 2003. Such
enhancements make a great product better and raise the security, reliability,
and productivity of Windows Server 2003.
• Support for "no ute" hardware. Windows Server
2003 SP1 allows Windows Server 2003 to utilize functionality built in to
computing hardware by companies such as Intel and Advanced Micro Devices to
prevent malicious code from launching attacks from areas of computer memory that
should not run code. This enhancement reduces the likelihood of the broadest and
most exploited avenues of information attack.
• Internet Information
Services (IIS) 6.0 metabase auditing. The metabase is the XML-based,
hierarchical store of configuration information for IIS 6.0. The ability to
audit this store allows network administrators to see which user accessed the
metabase if it becomes corrupted.
• Stronger defaults and privilege
reduction on services. Services such as RPC and DCOM are integral to Windows
Server 2003 and thus make an alluring target for hackers. By requiring greater
authentication for calls of these services, Windows Server 2003 SP1 establishes
a minimum threshold of security for all applications that use these services,
even if they possess little or no security inherently.
• Addition of
Network Access Quarantine Control components. Windows Server 2003 SP1 now
includes the RQS.exe and RQC.exe components to make deployment of Network Access
Quarantine Control easier. For more information, see Network Access Quarantine
Control in Windows Server 2003.
New features
In contrast with
other service pack releases, Microsoft is taking the opportunity afforded by the
release of SP1 to introduce powerful new functionality to Windows Server 2003.
• Windows Firewall. Also released with Windows XP Service Pack 2,
Windows Firewall is the successor to the Internet Connection Firewall. Windows
Firewall is a host (software) firewall, a firewall around each client and server
computer on a customer's network. Windows Server 2003 Service Pack 1 installs
Windows Firewall on the server and allows network-wide control through Group
Policy.
• Post-Setup Security Updates (PSSU). Servers are vulnerable in
the time between being installation and when the latest security upds are
applied. To counter this, Windows Server 2003 with Windows Server 2003 Service
Pack 1 blocks all inbound connections to the server after installation until
Windows Update has run to deliver the latest security upds to the new computer.
This feature also guides administrators through Automatic Update at the time of
first log on.
• Security Configuration Wizard (SCW). SCW asks users
questions about the role their servers fill and then stops all services and
blocks ports not necessary to perform those roles. This new feature of Windows
Server 2003 closes unnecessary avenues of attack.