|
|
Secure Sockets Layer (SSL) is the recommended security method for running the Windows Media Administration site. SSL provides the highest level of security by encrypting data before it is sent over a network. Authentication is handled using certificates, which are digital authentication documents that allow both servers and clients to authenticate each other. You can create a certificate using Microsoft Certificate Services, or you can obtain one from a mutually trusted, third-party organization called a certification authority (CA). With SSL, a password is not necessary because the certificate handles the authentication.
SSL provides a secure connection for administering the local Windows Media server. However, SSL must be used in conjunction with an authentication method that allows delegation if you want to allow the remote administration of multiple Windows Media servers. Delegation allows a service to act as a user account to access resources throughout the network. Methods that allow delegation, such as Kerberos, Basic, and Digest authentication, require that the user have an authenticated user name and password. If one of these methods is not used with SSL, a user will only be able to remotely administer the local server.
Each of the delegation methods has associated security risks. For more information about authentication methods and SSL, see Internet Information Services Help.