Simon Johnson wrote:
> qazmlp1209@rediffmail.com wrote:
>> We have a case where all of our machines are homogeneous w.r.t. the
>> security configuration. All of them are part of the VPN network.
>> If an attacker can attack one machine, he can attack the rest of the
>> machines also very easily and quickly, due to the homogeneity among
>> these machines.
>>
>> Are there standard solutions already available to deal such kind of
>> scenarios? Is automatic detection of security breaching and dynamic
>> changing of the security settings recommended in such cases?
>
> No, there are none that I am aware of. The closest thing I can think of
> the NSA hardening guide for Windows XP [1] but this focuses on
> individual computers and not network architecture. It's probably a good
> idea to follow these guidelines anyway.
>
> <snip>
>
> Simon.
>
> [1] - http://nsa2.www.conxion.com/winxp/
>
Get it from the original source:
http://www.nsa.gov/snac/os/winxp/C44-026-02.pdf
![USA NSA SNAC ONED Guide to Securing Microsoft Windows XP [Was: Protectingthe Network with Homogeneous servers]](http://www.wirelessforums.org/iconimages/comp-security-misc/usa-nsa-snac-oned-guide-securing-microsoft-windows-xp-protectingthe-network-homogeneous-servers_ltr.gif)
USA NSA SNAC ONED Guide to Securing Microsoft Windows XP [Was: Protectingthe Network with Homogeneous servers] 
Linear Mode
