Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configuring Windows Firewall with Advanced Security

Published byAndrea Brown Modified over 6 years ago

Similar presentations

Presentation on theme: "Configuring Windows Firewall with Advanced Security"— Presentation transcript:

1 Configuring Windows Firewall with Advanced Security
20410B Week 5 Objectives 12: Securing Windows Servers Using Group Policy Objects Configuring Windows Firewall with Advanced Security

2 Security Risks and Costs
20410B Security Risks and Costs 12: Securing Windows Servers Using Group Policy Objects Malware Malware can be used to steal passwords and other useful information from your organization. Malware can also use your computers to send out spam. The most sophisticated malware could be written specifically to target your organization. Stolen data. Stolen data can be used by a competitor, or used to embarrass your organization. Legal issues. Customer confidential or private data is stolen or made public. Deleted data. lost data can be expensive and time-consuming to recover.

3 Applying Defense-In-Depth to Increase Security
20410B Applying Defense-In-Depth to Increase Security 12: Securing Windows Servers Using Group Policy Objects Defense-in-depth uses a layered approach to security Reduces an attacker’s chance of success Increases an attacker’s risk of detection Policies, procedures, and awareness Security documents, user education Physical security Guards, locks, tracking devices Perimeter Firewalls, network access quarantine control Networks Network segments, IPsec, Forefront TMG 2010 Host Hardening, authentication, update management Application Application hardening, antivirus Data ACLs, EFS, backup/restore procedures

4 Best Practices for Increasing Security
12: Securing Windows Servers Using Group Policy Objects Some best practices for increasing security are: Apply all available security updates quickly Follow the principle of least privilege Restrict console login Restrict physical access

5 Configuring Security Templates
20410B Configuring Security Templates 12: Securing Windows Servers Using Group Policy Objects Security Templates categories: Account Policies Local Policies Event Log Restricted Groups System Services Registry File System How Security Templates are distributed: Secedit.exe Security Template Snap-in Security Configuration Wizard Group Policy Security Compliance Manager

6 Configuring User Rights
20410B Configuring User Rights 12: Securing Windows Servers Using Group Policy Objects User Rights Types: Privileges Logon Rights Examples: Add workstations to a domain Allow log on locally Back up files and directories Change the system time Force shutdown from a remote computer Shut down the system

7 Configuring Security Options
20410B Configuring Security Options 12: Securing Windows Servers Using Group Policy Objects Security options settings: Administrator and Guest account names Access to CD/DVD drives Digital data signatures Driver installation behavior Logon prompts User account control Examples: Prompt user to change password before expiration Do not display last user name Rename administrator account Restrict CD-ROM access to locally logged-on users only

8 Configuring Restricted Groups
20410B Configuring Restricted Groups 12: Securing Windows Servers Using Group Policy Objects Group Policy can control group membership: For any group on a local computer, by applying a GPO to the OU containing the computer account For any group in AD DS, by applying a GPO to the Domain Controller’s OU

9 Configuring Account Policy Settings
20410B Configuring Account Policy Settings 12: Securing Windows Servers Using Group Policy Objects Account policies mitigate the threat of brute force guessing of account passwords Policies Default settings Password Controls complexity and lifetime of passwords Max password age: 42 days Min password age: 1 day Min password length: 7 characters Complex Password: enabled Store password using reversible encryption: disabled Account lockout Controls how many incorrect attempts can be made Lockout duration: not defined Lockout threshold: 0 invalid logon attempts Reset account lockout after: not defined Kerberos Subset of the attributes of domain security policy Can only be applied at the domain level

10 What Are Software Restriction Policies?
20410B What Are Software Restriction Policies? 12: Securing Windows Servers Using Group Policy Objects SRPs allow administrators to identify which applications are allowed to run on client computers SRPs can be based on the following: Hash Certificate Path Zone SRPs are applied through Group Policy

11 20410B What Is AppLocker? 12: Securing Windows Servers Using Group Policy Objects AppLocker applies Application Control Policies in Windows Server 2012 and Windows 8 AppLocker contains capabilities and extensions that: Reduce administrative overhead Helps administrators control how users can access and use files: .exe files scripts Windows Installer files (.msi and .msp files) DLLs Benefits of AppLocker: Controls how users can access and run all types of applications Allows the definition of rules based on a wide variety of variables Provides for importing and exporting entire AppLocker policies

12 20410B AppLocker Rules 12: Securing Windows Servers Using Group Policy Objects AppLocker defines rules based on file attributes such as: Rule actions Publisher name Product name File name File version Allow or Deny conditions Enforce or Audit Only policies

13 What Is Windows Firewall with Advanced Security?
20410B What Is Windows Firewall with Advanced Security? 12: Securing Windows Servers Using Group Policy Objects Windows Firewall is a stateful, host-based firewall that allows or blocks network traffic according to its configuration Supports filtering for both incoming and outgoing traffic Integrates firewall filtering and IPsec protection settings Enables you to configure rules to control network traffic Provides network location-aware profiles Enables you to import or export policies Windows Server 2008 Internet LAN Firewall Firewall rules control inbound and outbound traffic

14 20410B Firewall Profiles 12: Securing Windows Servers Using Group Policy Objects Firewall profiles are a set of configuration settings that apply to a particular network type The firewall profiles are: Domain Public Private Windows Server 2012 includes the ability to have multiple active firewall profiles

15 Connection Security Rules
20410B Connection Security Rules 12: Securing Windows Servers Using Group Policy Objects Connection security rules: Authenticate two computers before they begin communications Secure information being sent between two computers Use key exchange, authentication, data integrity, and data encryption (optionally) How firewall rules and connection rules are related: Firewall rules allow traffic through, but do not secure that traffic Connection security rules can secure the traffic, but only if a firewall rule was previously configured

16 Deploying Firewall Rules
20410B Deploying Firewall Rules 12: Securing Windows Servers Using Group Policy Objects You can deploy Windows Firewall rules: By using Windows Firewall with Advanced Security By using Group Policy By exporting and importing firewall rules

Download ppt "Configuring Windows Firewall with Advanced Security"

Similar presentations

MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Chapter 13 Securing Windows Server 2008

Chapter 13 Securing Windows Server 2008
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Module 7: Implementing Security Using Group Policies.

Module 7: Implementing Security Using Group Policies.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.

70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
Securing Windows Servers Using Group Policy Objects

Securing Windows Servers Using Group Policy Objects
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Hands-On Microsoft Windows Server 2008 Chapter 10 Securing Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 10 Securing Windows Server 2008.
Windows Server 2008 Chapter 10 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 10 Last Update

Similar presentations

Ads by Google