Are you running critical network services like DNS and DHCP on your Windows Servers? If so, you might want to reconsider. The recent worldwide outage caused by a bug in CrowdStrike software highlights the importance of not running critical network services on Windows Servers. In this post, we’ll explain why and provide steps to avoid network service outages.

According to Cricket Liu, Chief DNS Architect at Infoblox, the global Windows outage caused by the CrowdStrike incident should serve as a lesson for all organisations. The impact of the outage was massive, disrupting the operations of airlines, retail chains, and many others. Despite the fact that CrowdStrike quickly withdrew the update, the damage had already been done, and recovering from the resulting outage will take those impacted hours, if not days.

The reason for the extended recovery times is that mission-critical network services in many organisations are running on Windows Servers. While most organisations spend millions creating robust network infrastructure that prevents any single networking device’s failure from impacting the company’s operations, the operations of all your company’s network devices are dependent on critical network services, such as DNS and DHCP.

Windows Servers are not the appropriate place to host these network services. Windows Servers should be focused on their critical role supporting identity (Active Directory) services. While the Windows outage caused by the CrowdStrike incident was unusual in its global scale, Windows Server failures are a far-too-common source of network outages. In addition, Windows Servers are a frequent source of vulnerabilities, resulting in a need for constant patching. Their vulnerability makes them a favourite target of attackers, too.

Several recent ransomware incidents involved attacks on Windows Servers and resulted in enterprise-wide disruption of networks, which made incident response much harder and the impact and cost of the incidents much larger. Running critical network services on Windows Servers increases the likelihood of a failure of DNS and DHCP, and such a failure can disable the rest of your infrastructure, the part not already affected by the original vulnerability.

So, what can you do to avoid network service outages? We strongly recommend that organisations run DNS and DHCP on infrastructure separate from their Windows infrastructure and not subject to its vulnerabilities. Dedicated DNS and DHCP servers, running on operating systems other than Windows and hardened against attack, are the best defence against an outage like this occurring again.

With Riskwolf, you can turn real-time data into insurance. Using unique real-time data and dynamic risk modelling, we enable insurers to build and operate parametric insurance at scale. Simple. Reliable. Fast. Get in touch with Riskwolf to develop parametric insurance for your case.

Read the original article by Daniel Shepherd on Tahawul Tech for more insights on the global Windows outage.