Should “Core” be a Core Competency?
I’ve been spending a lot of time lately working on trying to see how to simplify Windows 2008r2 Core. For those of you who have not read about it, the Core edition is Windows without the GUI. What interested me about this is it cuts down significantly on the security vulnerabilities and the amount of system resources necessary to run each instance of the server operating system.
After getting my CEH this summer, my eyes were opened to just how easy it is to completely own a system (notsomuch by me, but by people trained to do so). Knowing that compromising systems is not all that difficult and that stopping ALL attacks would be impossible, I’m just excited about reducing the attack surface. In all honestly, reducing the attack surface and enforcing brilliance in the security basics is all I am currently qualified to do.
My newest duty station is not what typical enterprise IT admins would be used to seeing. Instead of a data center with nearly unlimited power, space and climate control, this new setting is about providing services quickly, securely and with the absolutely smallest footprint possible. Keeping space and power requirements to an absolute minimum is at a premium.
I’ll be testing out just how simple I can make a core deployment and put up a step by step in what I was able to figure out, but I am interested to hear if anyone else has a take on this. The specific questions being:
- Is core half-baked, or actually a refined and useful product?
- Is this something Marines who aren’t full time Microsoft specialists would be able to realistically manage?
- Does anyone out there use this, are there “lessons learned” I should be mindful of?
- Should I continue spending time looking into this, or are these “not the droids I am looking for”?