Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to implement GPOs and secure a MS Windows Environment with little to NO user awareness!?!?

Published byShawn Elijah Murphy Modified over 9 years ago

Similar presentations

Presentation on theme: "How to implement GPOs and secure a MS Windows Environment with little to NO user awareness!?!?"— Presentation transcript:

1 How to implement GPOs and secure a MS Windows Environment with little to NO user awareness!?!?

2  Most powerful free tool available to the Windows Administrator  If you can imagine locking, it down it can be done with this tool!  Good AD design and organization allows for ease of management

3  Basic GPMC run through  Securing basic workstation features  Using the GPMC to secure IE6 and IE7  Using the GPMC to manage the windows firewall  Custom Group Policy applications

4  Basic Helpful Design and ideas  Control Panel  Basic context menus to remove  Securing certain executables

5 Organization! Organization! Organization! Good AD design and layout of Groups and Users Good GPMC Groups and layout Turn off automatic updates of adm files and Always use local adm files for Group Policy Object Editor policy settings to reduce the size of the Sysvol folder and policy-related replication traffic

6  Easier to secure and patch IE than Firefox  Zone Trusts  Addon and Attachment management  Separates IE from and Big  Allows IE to surpass 3 rd party Advantage browsers in security

7  Helps Secure IE.  Setting up this policy allows you to control file extensions downloaded.  Drawback is other browsers. Cannot control what is downloaded through them.

8  Not easy to configure but once done

9  Built-in Windows Firewall  Traffic  Outgoing not blocked  Incoming is blocked  Vista blocks outgoing  Does not block outgoing traffic “Vista does”

10

11  Duplicates with remote assistance  If you configure the ports for Remote desktop  leave the Allow Remote Desktop Exception to be Not Configured

12 Notice no changes can be made by the User

13 Notice Allow echo request!! Don’t be alarmed

14  ADVANTAGE  Windows Firewall is FREE  Is easily manageable  DISADVANTAGE  CANNOT BLOCK outgoing request

15  A custom Policy can be made for any software that relies on registry key settings.  Must have a copy of the Custom.adm on the local machine if you want to be able to view the settings locally

16  Once your policy has been imported. You can view the settings of the policy only by 1. Selecting view from the menu. 2. Then from the pull down menu selecting Filtering 3. Unchecking “Only show policy settings that can be fully managed."

17

18  Importing your Custom GPO will debug and output syntax errors.  Custom GPs control registry keys. Once a key is set you must set it to something else if want to disable.  IN OTHER WORDWS:  If you set a value for something to be 30. Setting the policy to Not Configured does not remove the value. You must disable or change the value.

19  http://www.microsoft.com/technet/prodtech nol/windowsserver2003/technologies/manag ement/gp/admtgp.mspx#E1PAC http://www.microsoft.com/technet/prodtech nol/windowsserver2003/technologies/manag ement/gp/admtgp.mspx#E1PAC  http://blog.case.edu/djc6/2005/03/09/autom atically_log_off_users http://blog.case.edu/djc6/2005/03/09/autom atically_log_off_users  http://www.energystar.gov/index.cfm?c=po wer_mgt.pr_pm_ez_gpo http://www.energystar.gov/index.cfm?c=po wer_mgt.pr_pm_ez_gpo

Download ppt "How to implement GPOs and secure a MS Windows Environment with little to NO user awareness!?!?"

Similar presentations

MODULE 3: OS & APP LAYERS. Agenda Preparing and importing a gold image Creating and understanding Install Machines Creating basic Application layers Understanding.

MODULE 3: OS & APP LAYERS. Agenda Preparing and importing a gold image Creating and understanding Install Machines Creating basic Application layers Understanding.
Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.

Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.

NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.
Understanding Group Policy on Windows Server 2003.

Understanding Group Policy on Windows Server 2003.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Managing User Settings with Group Policy

Managing User Settings with Group Policy
Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.
Changes in Windows XP Service Pack 2

Changes in Windows XP Service Pack 2
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Performing Software Installation with Group Policy

Performing Software Installation with Group Policy
MS System Setup Securing A System. Use Automatic Updates For a workstation or server, schedule the updates to occur regularly. –Control panel click on.

MS System Setup Securing A System. Use Automatic Updates For a workstation or server, schedule the updates to occur regularly. –Control panel click on.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Active Directory: OU Administration December 17th, 2008 1-4pm Daniels 407.

Active Directory: OU Administration December 17th, pm Daniels 407.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Similar presentations

Ads by Google