it:network:apps. security options group policy applocker acl
Post on 22-Dec-2015
218 views
TRANSCRIPT
Securing the Infrastructure
IT:Network:Apps
Security Options Group Policy AppLocker ACL
Securing the Infrastructure
Defense in depth◦ Physical◦ File level
Folder/File permissions Minimalist mentality
◦ Object level Object permissions
Security Options
Desktop◦ Physical◦ Group Policy◦ Access/Authentication
Server◦ Physical◦ Group Policy◦ Access/Authentication
Security Options
Perimeter◦ NAT◦ Firewall◦ Security Appliances
Mail/Spam Gateway VPN concentrator
◦ Network Access Protection
Security Options
Antivirus solutions http://www.windowsitpro.com/article/antivirus/enterp
rise-antivirus-software.aspx http://www.av-test.org/
◦ Network based Antivirus Centrally managed Centrally deployed Engines for both server and client Agents for server based applications
Exchange filtering Central point for updates
Engines Definitions
Security Options
Antivirus solutions Centralized reporting
Reports on activities, updates and policies
Security Options
Antivirus solutions◦ Client based Antivirus
Updates done individually at client directly to Internet
Reporting local to client Typically has engine for desktops and not server
Security Options
Group Policy Objects (GPO) can be used to secure both server and desktop machines
Security Configuration Wizard (SCW)◦ http://technet.microsoft.com/en-us/library/cc7714
92(WS.10).aspx
Group Policy
What does SCW do?◦ Guides you through the process of creating,
editing, applying, or rolling back a security policy. ◦ It provides a way to create or modify a security
policy for your server based on its role. ◦ Use Group Policy to apply the security policy to
multiple target servers that perform the same role◦ You can compare a server's security settings with
a desired security policy to check for vulnerable configurations in the system.
Group Policy
Security Configuration Wizard StartProgramsAdministrative Tools
Group Policy
Group Policy
SCW will create/edit or roll back security settings based on your selections
Creates role based policy settings◦ Detects what roles are installed on server
Group Policy
Group Policies Controlling applications
◦ Application Control Policies
◦ Software Restriction Policies
Group Policies Applocker
requirements◦ Works on Windows 7
and newer◦ Only available on 7
Enterprise and Ultimate…not Pro
◦ Application Identity service must be running.
◦ Add default rules to prevent stepping on “required” services
Group Policies
Applocker◦ Add default
rules◦ Create new
rule
Group Policies
Software Restriction Polices◦ Similar to
Applocker, works on XP and later
Security can be controlled from the file level to the Active Directory Object level
NTFS permissions Share permissions ADO permissions Out of sight, out of mind approach Minimalist approach
ACL
Questions?