I was wondering what your opinions were on group policy settings to be applied to a Windows 2003 Server running IIS 6.0. In my scenario the computer is in the beneficial position of being completely dedicated to this singular role. The server will be sitting in my DMZ, protected by my firewall with only a couple ports open back to our secure network.
I’ve been told that I could probably run it with out any policy applied at all. I do think this is possible; however, an additional layer never hurts. I have installed via unattend.txt (not installing unnecessary components) and ran SCW to create a pretty restrictive baseline policy.