it:network:apps. security options group policy applocker acl
Post on 22-Dec-2015
218 views
TRANSCRIPT
![Page 1: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/1.jpg)
Securing the Infrastructure
IT:Network:Apps
![Page 2: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/2.jpg)
Security Options Group Policy AppLocker ACL
Securing the Infrastructure
![Page 3: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/3.jpg)
Defense in depth◦ Physical◦ File level
Folder/File permissions Minimalist mentality
◦ Object level Object permissions
Security Options
![Page 4: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/4.jpg)
Desktop◦ Physical◦ Group Policy◦ Access/Authentication
Server◦ Physical◦ Group Policy◦ Access/Authentication
Security Options
![Page 5: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/5.jpg)
Perimeter◦ NAT◦ Firewall◦ Security Appliances
Mail/Spam Gateway VPN concentrator
◦ Network Access Protection
Security Options
![Page 6: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/6.jpg)
Antivirus solutions http://www.windowsitpro.com/article/antivirus/enterp
rise-antivirus-software.aspx http://www.av-test.org/
◦ Network based Antivirus Centrally managed Centrally deployed Engines for both server and client Agents for server based applications
Exchange filtering Central point for updates
Engines Definitions
Security Options
![Page 7: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/7.jpg)
Antivirus solutions Centralized reporting
Reports on activities, updates and policies
Security Options
![Page 8: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/8.jpg)
Antivirus solutions◦ Client based Antivirus
Updates done individually at client directly to Internet
Reporting local to client Typically has engine for desktops and not server
Security Options
![Page 9: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/9.jpg)
Group Policy Objects (GPO) can be used to secure both server and desktop machines
Security Configuration Wizard (SCW)◦ http://technet.microsoft.com/en-us/library/cc7714
92(WS.10).aspx
Group Policy
![Page 10: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/10.jpg)
What does SCW do?◦ Guides you through the process of creating,
editing, applying, or rolling back a security policy. ◦ It provides a way to create or modify a security
policy for your server based on its role. ◦ Use Group Policy to apply the security policy to
multiple target servers that perform the same role◦ You can compare a server's security settings with
a desired security policy to check for vulnerable configurations in the system.
Group Policy
![Page 11: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/11.jpg)
Security Configuration Wizard StartProgramsAdministrative Tools
Group Policy
![Page 12: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/12.jpg)
Group Policy
![Page 13: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/13.jpg)
SCW will create/edit or roll back security settings based on your selections
Creates role based policy settings◦ Detects what roles are installed on server
Group Policy
![Page 14: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/14.jpg)
Group Policies Controlling applications
◦ Application Control Policies
◦ Software Restriction Policies
![Page 15: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/15.jpg)
Group Policies Applocker
requirements◦ Works on Windows 7
and newer◦ Only available on 7
Enterprise and Ultimate…not Pro
◦ Application Identity service must be running.
◦ Add default rules to prevent stepping on “required” services
![Page 16: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/16.jpg)
Group Policies
Applocker◦ Add default
rules◦ Create new
rule
![Page 17: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/17.jpg)
Group Policies
Software Restriction Polices◦ Similar to
Applocker, works on XP and later
![Page 18: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/18.jpg)
Security can be controlled from the file level to the Active Directory Object level
NTFS permissions Share permissions ADO permissions Out of sight, out of mind approach Minimalist approach
ACL
![Page 19: IT:Network:Apps. Security Options Group Policy AppLocker ACL](https://reader030.vdocument.in/reader030/viewer/2022032523/56649d7f5503460f94a62d7c/html5/thumbnails/19.jpg)
Questions?