Impact of data that is stored on RODCs in a perimeter network

RODCs replicate most of the information in the directory. Therefore, organizations may be concerned about this data being replicated to the perimeter network. Figure 8 illustrates this concern.

Figure 8 Data replication in an RODC

In some cases, the placement of a server in the perimeter network with information about your corporate network may not be a good idea. You have to decide how much information on a domain controller can be considered PII and HBI and how to avoid exposing this information.

There are some domain models that avoid placing sensitive information on a domain controller in the perimeter. However, Windows Server 2008 RODC technology adds extra features that reduce the exposure of sensitive information.

After taking security into account and evaluating the new features that Windows Server 2008 offers, you may come to the conclusion that placing domain controllers in the perimeter network is not your best option. Application constraints and the risk of the exposure of sensitive information not being reduced enough to meet corporate compliance standards may prevent your organization from taking advantage of the new technology. For example, if you have an application in the perimeter network that must read the Social Security number (SSN) of an employee that is stored in AD DS and exposing that identification number is too sensitive, you can add the SSN attribute to the FAS, which ensures that this attribute will not be exposed on the RODC.