module 14 configuring server security compliance n.
Download
Skip this Video
Download Presentation
Module 14: Configuring Server Security Compliance

Loading in 2 Seconds...

play fullscreen
1 / 35

Module 14: Configuring Server Security Compliance - PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on

Module 14: Configuring Server Security Compliance. Module Overview. Securing a Windows Infrastructure Using Security Templates to Secure Servers Configuring an Audit Policy Overview of Windows Server Update Services Managing WSUS. Lesson 1: Securing a Windows Infrastructure.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Module 14: Configuring Server Security Compliance' - ulric-harrington


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
module overview
Module Overview
  • Securing a Windows Infrastructure
  • Using Security Templates to Secure Servers
  • Configuring an Audit Policy
  • Overview of Windows Server Update Services
  • Managing WSUS
lesson 1 securing a windows infrastructure
Lesson 1: Securing a Windows Infrastructure
  • Challenges of Securing a Windows Infrastructure
  • Applying Defense-in-Depth to Increase Security
  • Core Server Security Practices
  • What Is the Security Configuration Wizard?
  • What Is Windows Firewall?
  • Demonstration: Using the Security Configuration Wizard to Secure Server Roles
challenges of securing a windows infrastructure
Challenges of Securing a Windows Infrastructure

Challenges of securing a Windows infrastructure include:

  • Implementing and managing secure configuration of servers
  • Protecting against malicious software threats and intrusions
  • Implementing effective identity and access control
applying defense in depth to increase security
Applying Defense-in-Depth to Increase Security

Defense-in-depth provides multiple layers of defense to protect a networking environment

Policies, Procedures, & Awareness

Physical Security

Data

ACLs, encryption, EFS

Application

Application hardening, antivirus

Host

OS hardening, authentication

Internal Network

Network segments, IPsec

Perimeter

Firewalls

Guards, locks

Security documents, user education

core server security practices
Core Server Security Practices

Apply the latest service pack and all available security updates

ü

Use the Security Configuration Wizard to scan and implement server security

ü

Use Group Policy and security templates to harden servers

ü

Restrict scope of access for service accounts

ü

Restrict who can log on locally to servers

ü

Restrict physical and network access to servers

ü

what is the security configuration wizard
What Is the Security Configuration Wizard?

SCW provides guided attack-surface reduction

SCW supports:

  • Disables unnecessary services and IIS Web extensions
  • Uses IPsec to block unused ports and secure ports that are left open
  • Reduces protocol exposure
  • Configures audit settings
  • Rollback
  • Analysis
  • Remote configuration
  • Command-line support
  • Active Directory integration
  • Policy editing
what is windows firewall
What Is Windows Firewall?

Windows Firewall is a stateful host-based application that provides the following features:

  • Filters both incoming and outgoing network traffic
  • Integrates both firewall filtering and IPsec protection settings
  • Can be managed by the Control Panel tool or by the more advanced Windows Firewall with Advanced Security MMC console
  • Provides Group Policy support
  • Enabled by default in new installs
demonstration using the security configuration wizard to secure server roles
Demonstration: Using the Security Configuration Wizard to Secure Server Roles

In this demonstration, you will see how to implement security using the Security Configuration Wizard

lesson 2 using security templates to secure servers
Lesson 2: Using Security Templates to Secure Servers
  • What Is a Security Policy?
  • What Are Security Templates?
  • Demonstration: Configuring Security Template Settings
  • What Is the Security Configuration and Analysis Tool?
  • Demonstration: Analyzing Security Policy Using the Security Configuration and Analysis Tool
what is a security policy
What Is a Security Policy?

A Security Policy is a combination of security settings to be applied to a computer

Local Security Policies include:

Active Directory Security Policies include:

  • Account Policies
  • Local Policies
  • Windows Firewall with Advanced Security
  • Public Key Policies
  • Software Restriction Policies
  • IP Security Policies on Local Computer
  • Event Log
  • Restricted Groups
  • System Services
  • Registry
  • File System
  • Wired and Wireless Network Policies
  • Network Access protection
  • IP Security Policies on Active Directory
what are security templates
What Are Security Templates?

A security template is a collection of configured security settings used to apply a security policy

Security Templates:

  • Created and modified using the Security Templates MMC snap-in
  • Default security templates stored in %SystemRoot%\Security\Templates
  • Custom security templates are stored in local user profile folder

Deployment Considerations:

  • Create templates based upon server role
  • Deploy to individual computers using the SECEDIT command
  • Deploy to groups of computers using Group Policy
demonstration configuring security template settings
Demonstration: Configuring Security Template Settings

In this demonstration, you will see how to:

  • Add the Security Templates snap-in and configure a custom security template for the DHCP server role
  • Import a security template into Active Directory
demonstration analyzing security policy using the security configuration and analysis tool
Demonstration: Analyzing Security Policy Using the Security Configuration and Analysis Tool

In this demonstration, you will see how to use the Security Configuration and Analysis Tool to analyze and configure local security policy settings

lesson 3 configuring an audit policy
Lesson 3: Configuring an Audit Policy
  • What Is Auditing?
  • What Is an Audit Policy?
  • Types of Events to Audit
  • Demonstration: How to Configure Auditing
what is auditing
What Is Auditing?
  • Auditing tracks user and operating system activities, and records selected events in security logs, such as:
    • What occurred?
    • Who did it?
    • When?
    • What was the result?
  • Enable auditing to:
    • Create a baseline
    • Detect threats and attacks
    • Determine damages
    • Prevent further damage
  • Audit access to objects, management of accounts, and users logging on and off
what is an audit policy
What Is an Audit Policy?
  • An audit policy determines the security events that will be reported to the network administrator
  • Set up an audit policy to:
    • Track success or failure of events
    • Minimize unauthorized use of resources
    • Maintain a record of activity
  • Security events are stored in security logs
types of events to audit
Types of Events to Audit
  • Account Logon
  • Account Management
  • Directory Service Access
    • Directory Service Changes
    • Directory Service Replication
    • Detailed Directory Service Replication
  • Logon
  • Object Access
  • Policy Change
  • Privilege Use
  • Process Tracking
  • System
demonstration how to configure auditing
Demonstration: How to Configure Auditing

In this demonstration, you will see how to:

  • Enable auditing for various events
  • Enable object access auditing
lesson 4 overview of windows server update services
Lesson 4: Overview of Windows Server Update Services
  • What Is Windows Server Update Services?
  • Windows Server Update Services Process
  • Server Requirements for WSUS
  • Automatic Updates Configuration
  • Demonstration: Installing and Configuring WSUS
what is windows server update services
What Is Windows Server Update Services?

Microsoft Update Web site

Automatic Updates

Server running

Windows Server Update Services

Test Clients

LAN

Internet

Automatic Updates

windows server update services process
Windows Server Update Services Process

Assess

Deploy

Identify

Update Management

Evaluate and Plan

server requirements for wsus
Server Requirements for WSUS

Software requirements:

  • Windows Server 2003 SP1 or Windows Server 2008
  • IIS 6.0 or later
  • Windows Installer 3.1 or later
  • Microsoft .NET Framework 2.0
  • SQL Server 2005 SP1 or later (optional)
  • Microsoft Report Viewer Redistributable 2005
automatic updates configuration
Automatic Updates Configuration
  • Configure Automatic Updates by using Group PolicyComputer Configuration/Administrative Templates/Windows Components/Windows Update
  • Requires updated wuau.adm administrative template
  • Requires:
    • Windows Vista
    • Windows Server 2008
    • Windows Server 2003
    • Windows XP Professional SP2
    • Windows 2000 Professional SP4, Windows 2000 Server/Advanced Server SP3 or SP4
demonstration installing and configuring wsus
Demonstration: Installing and Configuring WSUS

In this demonstration, you will see how to:

  • Install WSUS
  • Configure Automatic Update client settings using Group Policy
lesson 5 managing wsus
Lesson 5: Managing WSUS
  • WSUS Administration
  • Managing Computer Groups
  • Approving Updates
  • Demonstration: Managing WSUS
managing computer groups
Managing Computer Groups
  • Computers are automatically added
  • Default computer groups
    • All Computers
    • Unassigned Computers
  • Client-side targeting
approving updates
Approving Updates
  • Approval options include:
    • Install
    • Decline
    • Unapprove
    • Removal
  • Automate approval is also supported
demonstration managing wsus
Demonstration: Managing WSUS

In this demonstration, you will see how to:

  • Add a computer to WSUS
  • Approve an update
lab configuring server security compliance
Lab: Configuring Server Security Compliance
  • Exercise 1: Configuring and Analyzing Security
  • Exercise 2: Analyzing Security Templates
  • Exercise 3: Configuring Windows Software Update Services

Logon information

Estimated time: 90 minutes

lab review
Lab Review
  • What recourse do you have if the desired result is not met when applying changes using the Security Configuration Wizard to secure server infrastructure?
  • How can you verify compatibility with existing settings before you apply a template to a GPO for deployment or apply the template to a local computer?
  • After installing the WSUS server software, a wizard appears to help you with the configuration of WSUS properties. How can you change any incorrectly assigned properties after the wizard has been completed?
module review and takeaways
Module Review and Takeaways
  • Review Questions
  • Best Practices
ad