210 likes | 339 Views
Securing the Infrastructure. IT:Network:Apps. Securing the Infrastructure. Security Options Group Policy AppLocker ACL. Security Options. Defense in depth Physical File level Folder/File permissions Minimalist mentality Object level Object permissions. Security Options. Desktop
E N D
Securing the Infrastructure IT:Network:Apps
Securing the Infrastructure • Security Options • Group Policy • AppLocker • ACL
Security Options • Defense in depth • Physical • File level • Folder/File permissions • Minimalist mentality • Object level • Object permissions
Security Options • Desktop • Physical • Group Policy • Access/Authentication • Server • Physical • Group Policy • Access/Authentication
Security Options • Perimeter • NAT • Firewall • Security Appliances • Mail/Spam Gateway • VPN concentrator • Network Access Protection
Security Options • Antivirus solutions • http://www.windowsitpro.com/article/antivirus/enterprise-antivirus-software.aspx • http://www.av-test.org/ • Network based Antivirus • Centrally managed • Centrally deployed • Engines for both server and client • Agents for server based applications • Exchange filtering • Central point for updates • Engines • Definitions
Security Options • Antivirus solutions • Centralized reporting • Reports on activities, updates and policies
Security Options • Antivirus solutions • Client based Antivirus • Updates done individually at client directly to Internet • Reporting local to client • Typically has engine for desktops and not server
Group Policy • Group Policy Objects (GPO) can be used to secure both server and desktop machines • Security Configuration Wizard (SCW) • http://technet.microsoft.com/en-us/library/cc771492(WS.10).aspx
Group Policy • What does SCW do? • Guides you through the process of creating, editing, applying, or rolling back a security policy. • It provides a way to create or modify a security policy for your server based on its role. • Use Group Policy to apply the security policy to multiple target servers that perform the same role • You can compare a server's security settings with a desired security policy to check for vulnerable configurations in the system.
Group Policy • Security Configuration Wizard • StartProgramsAdministrative Tools
Group Policy • SCW will create/edit or roll back security settings based on your selections • Creates role based policy settings • Detects what roles are installed on server
Group Policies • Controlling applications • Application Control Policies • Software Restriction Policies
Group Policies • Applocker requirements • Works on Windows 7 and newer • Only available on 7 Enterprise and Ultimate…not Pro • Application Identity service must be running. • Add default rules to prevent stepping on “required” services
Group Policies • Applocker • Add default rules • Create new rule
Group Policies • Software Restriction Polices • Similar to Applocker, works on XP and later
ACL • Security can be controlled from the file level to the Active Directory Object level • NTFS permissions • Share permissions • ADO permissions • Out of sight, out of mind approach • Minimalist approach