Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System



Murugiah P. Souppaya, Anthony B. Harris, Mark McLarnon, Nikolaos Selimis


The document is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security features of Win2K Pro, security configuration guidelines for popular applications, and security configuration guidelines for the Win2K Pro operating system. The guide documents the methods that the system administrators can use to implement each security setting recommended. The principal goal of the document is to recommend and explain tested, secure settings for Win2K Pro workstations with the objective of simplifying the administrative burden of improving the security of Win2K Pro systems. This guidance document also includes recommendations for testing and configuring common Windows applications. The application types include electronic mail (e-mail) clients, Web browsers, productivity applications, and antivirus scanners. This list is not intended to be a complete list of applications to install on Windows 2000 Professional, nor does it imply NIST's endorsement of particular commercial off-the-shelf (COTS) products. Many of the configuration recommendations for the tested Windows applications focus on deterring viruses, worms, Trojan horses, and other types of malicious code. The guide presents recommendations to protect the Windows 2000 Professional system from malicious code when the tested applications are being used.
Special Publication (NIST SP) - 800-43
Report Number


e-mail client, hardening, lock-down, Microsoft Windows 2000, operating system, patches, security, virus, web-browser


Souppaya, M. , Harris, A. , McLarnon, M. and Selimis, N. (2002), Systems Administration Guidance for Securing Microsoft Windows 2000 Professional System, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed June 13, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created November 1, 2002, Updated February 19, 2017