Windows 2000 security: A postmortem analysis

W2K certainly does not lack in the number of new (relative to WNT) security features it offers. Among the most important of these include:

Active Directory

Active Directory provides directory services that allow users and applications to find and access files, folders, applications, services and printers, no matter where they reside within a network. Active Directory serves as a repository for information concerning user and service accounts, groups, Organizational Units (OUs) (Note 1), Group Policy Objects (GPOs-to be covered shortly), domains and trust relationships between them, network properties, services, and many aspects of computer and network operations. Active Directory also distributes this information to users and applications, updating it whenever needed. From a security perspective, Active

Multiple methods of encrypting network traffic

W2K supports two versions of the Point-to-Point Tunneling Protocol (PPTP) as well as Secure Sockets Layer (SSL)/Transport Layer Security (TLS), IPsec and Layer Two Tunneling Protocol (L2TP) encryption of data sent over networks.