A widely-held view in the past was that servers deployed on internal network segments do not require any special attention to their security configuration, and that the only place for 'hardened' servers was on the DMZ.
Whilst it may be the case that the internal network can be considered lower-risk area than a DMZ it is rarely totally risk-free. In fact most organisations are more at risk from internal security breaches than they are from external threats. Although there must be a certain level of internal trust for any business to operate successfully, all too often internal servers are deployed with no thought given to their protection from internal threats.
Unfortunately most applications and network operating systems are extremely complex in terms of the communication protocols that they require to function, and therefore are installed with a default configuration which usually guarantees that everything works as expected. The trade-off, however, is that the default installation is rarely optimised for security, or even performance.
ASC specialise in building server infrastructures that are secure AND fully functional. We can do this by understanding the communications needs of the operating systems, directory services and applications and ensuring that they are unimpeded. We then apply best practice to reduce as far as possible the server's attack surface and implement the concept of 'least privilege'.