Enhanced Internet Security is perhaps one of the most annoying features in Windows.  This feature was introduced in Windows Server 2003 and could be disabled by uninstalling the option via add/remove programs.  Many system administrators, finding the continual pop-up notifications maddening, would immediately remove this feature from the server.  This, of course, left their servers exposed to malware from the internet.

In Windows Server 2008 Microsoft has introduced more granular control for Enhanced Internet Security.  Now, by default, it is enabled for all administrative accounts but disabled for less privileged accounts.  In terms of balancing security against usability this seems to be a very sensible trade-off.  The administrator can log on with a less privileged account, complete their business, and then log back as an administrator to complete any installation or patching activity.



Enabling and disabling enhanced Internet security is done from the new server manager console.  The video above will show a quick demonstration of this.