80 likes | 122 Views
View executive summary of assessment results: Passed 86% overall. Recommendations for Security and Compliance, Services running under user accounts, Web Server content security, Operations and Monitoring improvements, Performance and Scalability.
E N D
Windows Server Assessment Results Click here to view in Azure Log Analytics
Executive Summary 1. What went well: 86% Passed • Change and Configuration Management 2. What needs Improvement: • Security and Compliance 3. Highest Priority Recommendations: • Services running under user accounts.
Security and Compliance • Highest Priority Recommendations • Services running under user accounts. Web Server Content Security Configure and Enforce the Setting "Windows Firewall: Domain: Firewall state" via GPO Enable and Enforce the Setting "Turn off Autoplay" via GPO Configure and Enforce the Setting "Windows Firewall: Public: Firewall state" via GPO Replace Unsigned Kernel Module Drivers Causing Event ID 3004 Mitigations missing for speculative execution side-channel vulnerabilities Set BootExecute To Default Value Configure the Setting "Network security: LAN Manager authentication level" and Enforce via GPO Enable and Enforce "Microsoft network server: Digitally sign communications (if client agrees)" via GPO 77% Passed
Operations and Monitoring • Highest Priority Recommendations • Configure Auditing for Account Logon: Credential Validation Configure Auditing for Account Management: User Account Management Configure Auditing for Detailed Tracking: Audit PNP Activity Configure Auditing for Detailed Tracking: Audit Process Creation Configure Auditing for Logon-Logoff: Audit Account Lockout Configure Auditing for Logon-Logoff: Audit Group Membership Configure Auditing for Logon-Logoff: Audit Other Logon/Logoff Events Configure Auditing for Object Access: Audit Detailed File Share Configure Auditing for Object Access: Audit File Share Configure Auditing for Object Access: Filtering Platform Connection 71% Passed
Performance and Scalability • Highest Priority Recommendations • Assess handle count and determine leak source Standard Order For Built In Network Provider Is Changed Disable Scheduled Task Microsoft Windows DiskDiagnosticDataCollector on Virtual Machines Disable Scheduled Task AnalyzeSystem on Virtual Machines Disable Scheduled Task BfeOnServiceStartTypeChange on Virtual Machines Disable Scheduled Task Consolidator on Virtual Machines Disable Scheduled Task KernelCeipTask on Virtual Machines Disable Scheduled Task MobilityManager on Virtual Machines Disable Scheduled Task ProgramDataUpdater on Virtual Machines Disable Scheduled Task Proxy on Virtual Machines 90% Passed
Availability and Business Continuity • Highest Priority Recommendations • Disk volumes with non-default Allocation Unit Size causing performance issues. Automatic start service failed to start. Increase Kill Timeout Values to Allow Services to Gracefully End Increase free space on system drives Disable or configure network interfaces using Automatic Private IP Addressing (APIPA). Application Pool - Application Isolation Update Outdated Device Driver Enable NTFS 8.3 Name Creation Disk timeout value is higher than default and it needs to be adjusted. RDP printer redirection can cause driver installation on connect. 91% Passed
Upgrade, Migration and Deployment • Highest Priority Recommendations • IIS - Installed Extensions Update Drivers Detected That Are Older Than the Installed Operating System Server Has A Pending Reboot Setting In The Registry 93% Passed
Change and Configuration Management • Highest Priority Recommendations • Event Log - IIS Configuration Auditing 0% Passed