Remote managment solutions are your friend...

I knew someone would say that.

I do use remote management software on all of my other servers. However, I am painfully aware of the fact that most remote-management packages have security holes of their own, sometimes the holes are big enough to drive a truck through.

One of my basic tenets of security protection is to deliberately reduce the number of services on a given box to the bare minimum. Disable everything that isn't explicitly needed. You should see the bootup event log on this server, there's a bunch of internal Windows services that refuse to run because of some of the Windows 2000 bloat that I've deactivated.

This particular server is the only publicly-exposed web server on our premises, and as such, gets extra-special treatment with regard to security. So, no remote management packages.