How to Secure Domain Controller/DHCP/DNS Servers

lalajee 1,811 Reputation points
2023-03-20T14:01:37.2533333+00:00

Hi,

I need to secure DC/DHCP/DNS server.

What is the best practice to do this.

E.g. allow RDP session from Jump box

What ports needs to be open for clients?

Should it be lock on Server Subnet?

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,370 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,117 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,847 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426.1K Reputation points MVP
    2023-03-20T14:07:58.2933333+00:00

    Some ideas here.

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/securing-domain-controllers-against-attack

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments