Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT:Network:Apps.  Security Options  Group Policy  AppLocker  ACL.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "IT:Network:Apps.  Security Options  Group Policy  AppLocker  ACL."— Presentation transcript:

1 IT:Network:Apps

2  Security Options  Group Policy  AppLocker  ACL

3  Defense in depth ◦ Physical ◦ File level  Folder/File permissions  Minimalist mentality ◦ Object level  Object permissions

4  Desktop ◦ Physical ◦ Group Policy ◦ Access/Authentication  Server ◦ Physical ◦ Group Policy ◦ Access/Authentication

5  Perimeter ◦ NAT ◦ Firewall ◦ Security Appliances  Mail/Spam Gateway  VPN concentrator ◦ Network Access Protection

6  Antivirus solutions  http://www.windowsitpro.com/article/antivirus/enterp rise-antivirus-software.aspx http://www.windowsitpro.com/article/antivirus/enterp rise-antivirus-software.aspx  http://www.av-test.org/ http://www.av-test.org/ ◦ Network based Antivirus  Centrally managed  Centrally deployed  Engines for both server and client  Agents for server based applications  Exchange filtering  Central point for updates  Engines  Definitions

7  Antivirus solutions  Centralized reporting  Reports on activities, updates and policies

8  Antivirus solutions ◦ Client based Antivirus  Updates done individually at client directly to Internet  Reporting local to client  Typically has engine for desktops and not server

9  Group Policy Objects (GPO) can be used to secure both server and desktop machines  Security Configuration Wizard (SCW) ◦ http://technet.microsoft.com/en- us/library/cc771492(WS.10).aspx http://technet.microsoft.com/en- us/library/cc771492(WS.10).aspx

10  What does SCW do? ◦ Guides you through the process of creating, editing, applying, or rolling back a security policy. ◦ It provides a way to create or modify a security policy for your server based on its role. ◦ Use Group Policy to apply the security policy to multiple target servers that perform the same role ◦ You can compare a server's security settings with a desired security policy to check for vulnerable configurations in the system.

11  Security Configuration Wizard  Start  Programs  Administrative Tools 

12

13  SCW will create/edit or roll back security settings based on your selections  Creates role based policy settings ◦ Detects what roles are installed on server

14  Controlling applications ◦ Application Control Policies ◦ Software Restriction Policies

15  Applocker requirements ◦ Works on Windows 7 and newer ◦ Only available on 7 Enterprise and Ultimate…not Pro  ◦ Application Identity service must be running. ◦ Add default rules to prevent stepping on “required” services

16  Applocker ◦ Add default rules ◦ Create new rule

17  Software Restriction Polices ◦ Similar to Applocker, works on XP and later

18  Security can be controlled from the file level to the Active Directory Object level  NTFS permissions  Share permissions  ADO permissions  Out of sight, out of mind approach  Minimalist approach

19

Download ppt "IT:Network:Apps.  Security Options  Group Policy  AppLocker  ACL."

Similar presentations

Planning and Administering Windows Server® 2008 Servers

Planning and Administering Windows Server® 2008 Servers
Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.

Microsoft Server 2008 R2 Group Policies & Network Policy and Access Services.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.

Similar presentations

Ads by Google