Chapter 4. Application Security
In this chapter, my goal is to provide you with an option to secure your application server platform using native Microsoft tools and technologies. Since applications run on a Windows Server platform, all baseline security and concepts that are introduced in the previous chapters are applicable to any application server.
On a high level, you can divide application server components into four major parts—server type, operating system, access mechanism, and data. If you apply security in these four major areas, you can protect your servers from security vulnerabilities. The baseline policies can be applied to the server type and operating system. However, the access mechanism and data protection will be based on your application and application data:
- Server type: The foundation of security starts from the selection of the server type. If there are no other business or technical requirements, it is a best practice to start with Windows Server...