Administration Guide for Cisco Media Experience Engine 3500 Release 3.3

Book Title

Chapter Title

Security Best Practices

PDF - Complete Book (9.31 MB) PDF - This Chapter (102.0 KB)
View with Adobe Reader on a variety of devices

Security Best Practices for Cisco MXE 3500

Cisco MXE 3500 ships with ESXi, RHEL4.7, and Windows 2003 Server settings, which ensures a high level of security. We recommend that you follow these security best practices:

Do not install additional software, applications, or firmware on Cisco MXE 3500 unless Cisco recommends that you do so in the product documentation. See also: “Cisco MXE 3500 Microsoft Hot Fix Release Policy” section.

Do not use Cisco MXE 3500 for any purpose other than those we specify in the product documentation.

Do not use Cisco MXE 3500 as a general purpose Windows or Linux device.

Do not browse to any Internet site on Cisco MXE 3500 other than www.cisco.com and www.microsoft.com to download product documentation and patches.

If you need to modify Windows or Linux components from the configured defaults, do so only from the Cisco MXE 3500 web UI or the Cisco MXE Appliance Configuration Menu as specified in the product documentation.

Do not change the Services startup types except for supported changes that are documented in the product documentation.

Back up Cisco MXE 3500 regularly.

Cisco MXE 3500 Microsoft Hot Fix Release Policy

Microsoft releases a list of security hot fixes Every 2nd Tuesday of the month. Every 3rd Tuesday of the month, excluding holidays, Cisco will release a technical bulletin with the Microsoft security bulletin hot fix identifiers that Cisco recommends you install on Cisco MXE 3500, at which time you should compete the following tasks:

Download and read the Cisco technical bulletin for each recommended hot fix.

Download and read the Microsoft security bulletin.

Download each recommended Microsoft hot fix.

Follow the procedures that Microsoft provides to install the hot fixes on Cisco MXE 3500.

If Microsoft releases a security hot fix for a catastrophic problem outside of the monthly cycle, Cisco will release a corresponding technical bulletin.

Windows Services

Table 20-1 lists Cisco MXE 3500 Windows 2003 Server services and startup types.

Table 20-1 Windows 2003 Server Services on the Cisco MXE 3500
Service Name	Startup Type
.NET Runtime Optimization	Manual—Not started
Alerter	Disabled
Application Experience Lookup	Automatic
Application Layer Gateway	Manual—Not started
Application Management	Manual—Not started
ASP.NET State	Manual—Not started
Automatic Updates	Manual
Background Intelligent Transfer Service	Automatic started
ClipBook	Disabled
COM+ Event System	Automatic
COM+ System Application	Manual—Not started
Computer Browser	Automatic
Cryptographic Services	Automatic
DCOM Server Process Launcher	Automatic
Distributed File System	Manual—Not started
Distributed Link Tracking Client	Automatic
Distributed Link Tracking Server	Disabled
Distributed Transaction Coordinator	Automatic
DNS Client	Automatic
Error Reporting Service	Automatic
Event Log	Automatic
File Replication	Manual—Not started
Help and Support	Automatic
HID Input Service	Automatic
HTTP SSL	Manual—Not started
IIS Admin Service	Automatic
IMAPI-CD Burning COM Service	Disabled
Indexing Service	Disabled
Internet Connection Sharing	Disabled
Intersite Messaging	Disabled
IPSEC Services	Automatic
IPSEC Policy Agent	Automatic
Kerberos Key Distribution Center	Disabled
License Logging Service	Disabled
Logical Disk Manager	Automatic
Logical Disk Manager Administrative Service	Manual
Messenger	Disabled
Microsoft Software Shadow Copy Provider	Manual—Not started
MXE CAM	Automatic
MXE ECS	Automatic
MXE Encoder	Automatic
MXE Folder Attendant	Automatic
MXE Log Service	Automatic
Net Logon	Manual
Net.tcp port Sharing	Disabled
Netmeeting Remote Desktop Sharing	Disabled
Network Connections	Manual
Network DDE	Disabled
Network DDE DSDM	Disabled
Network Location Awareness	Manual—Not started
Network Provisioning Service	Manual
NT LM Security Support Provider	Manual
Performance Logs and Alerts	Automatic
Plug and Play	Automatic
Portable Media Serial Number Service	Manual
Print Spooler	Automatic
Protected Storage	Automatic
Remote Access Auto Connection Manager	Manual
Remote Access Connection Manager	Manual
Remote Desktop Help Session Manager	Automatic
Remote Procedure Call (RPC)	Automatic
Remote Procedure Call (RPC) Locator	Disabled
Remote Registry Service	Automatic
Removable Storage	Manual
Resultant Set of Policy Provider	Manual
Routing and Remote Access	Disabled
Secondary Logon	Automatic
Security Accounts Manager	Automatic
Server	Automatic
Shell Hardware Detection	Automatic
Smart Card	Manual
Special Administration Console Helper	Manual
SQL Server (MSSQLSERVER)	Automatic
SQL Server Active Directory Helper	Disabled
SQL Server Browser	Disabled
SQL Server VSS Writer	Automatic
SNMP Service	Automatic
SNMP Trap Service	Manual
System Event Notification	Automatic
Task Scheduler	Automatic
TCP/IP NetBIOS Helper Service	Automatic
Telephony	Manual
Telnet	Disabled
Terminal Services	Manual
Terminal Services Session Directory	Manual
Themes	Disabled
Uninterruptible Power Supply	Manual
Virtual Disk Service	Manual
Virtual Shadow Copy	Manual
WebClient	Disabled
Windows Audio	Automatic
Windows Firewall/Internet Connection Sharing (ICS)	Disabled
Windows Cardspace	Manual
Windows Image Acquisition (WIA)	Disabled
Windows Installer	Manual
Windows Management Instrumentation	Automatic
Windows Management Instrumentation Driver Extensions	Manual
Windows Time	Automatic
Windows Presentation Foundation Font Cache 3.0.0.0	Manual
Windows User mode Driver Framework	Manual
WinHTTP Web Proxy Auto-Discovery Service	Manual
Wireless Configuration	Automatic
World Wide Web Publishing Service	Automatic

Book Title

Chapter Title

Results

Chapter: Security Best Practices

Security Best Practices

Security Best Practices for Cisco MXE 3500

Cisco MXE 3500 Microsoft Hot Fix Release Policy

Windows Services

Was this Document Helpful?

Contact Cisco

Related Cisco Community Discussions