How to Secure Domain Controller/DHCP/DNS Servers

lalajee 1,551 Reputation points
2023-03-20T14:01:37.2533333+00:00

Hi,

I need to secure DC/DHCP/DNS server.

What is the best practice to do this.

E.g. allow RDP session from Jump box

What ports needs to be open for clients?

Should it be lock on Server Subnet?

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,969 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
9,493 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
4,331 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
965 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 353.3K Reputation points MVP
    2023-03-20T14:07:58.2933333+00:00

    Some ideas here.

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/securing-domain-controllers-against-attack

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments