Windows 7 / Server 2008 R2 Configuration Overview. By: Robert Huth Dated: March 2014
|
|
- Nicholas Patterson
- 8 years ago
- Views:
Transcription
1
2 Windows 7 / Server 2008 R2 Configuration Overview By: Robert Huth Dated: March 2014
3 Expectations This Windows 7 / Server 2008 R2 (Win7-2K8) presentation is a general overview of the technical security settings that must be addressed when configuring a Win7-2K8 Information System (IS) for Defense Security Service (DSS) Office of Designated Approving Authority (ODAA) accreditation. The information in this presentation was derived from the Office of the Designated Approving Authority (ODAA) Baseline Technical Security Configuration for Microsoft Windows 7 and Windows Server 2008 R2, dated July A copy of the baseline standard can be requested by sending to odaa@dss.mil. Note: There are some inconsistencies with the Win7-2K8 baseline standard. For example, there is no mention of the requirement that an IS must have Anti-Virus software. This requirement is outlined in the National Industry Security Program Operating Manual (NISPOM) and is identified in the Known Issues which has been publish by DSS. If you have questions about the settings defined in the Win7-2K8 baseline standard, contact your local DSS Information System Security Professional (ISSP) for clarification.
4 Overview Many companies use Microsoft operating systems (OS) Windows XP Service Pack (SP) 3 will reach end of life (EOL) April 8, 2014 Windows 7 SP1 EOL ~ *January 2015/ **January 2020 Windows Server 2008 R2 SP1 EOL ~ *January 2015/ **January 2020 * Mainstream Support End Date ** Extended Support End Date *** Support ends 24 months after the next service pack release or at the end of the product s support lifecyle, whichever comes first Support ends 24 months after the next service pack releases or at the end of the
5 New Win7-2K8 Baseline Standard DSS released the baseline standard for Windows 7 and Windows Server 2008 R2 (Version 1, dated July 2013) The baseline standard provides technical configuration settings for securing Win7-2K8 The configuration settings are based on NISPOM standards and settings recommended by the following organizations:
6 Baseline Highlights There are 9 sections in the Win7-2K8 baseline standard Each section covers a range of topics dealing with general information to required settings for securing the OS Sections 1, 2, & 3 describe general information and guidelines that should be considered Sections 4, 5, & 6 define Group Policy settings Settings are defined based on system type MUSA (Multi-user Standalone) P2P (Peer-to-Peer) Client/Server Section 7 defines file permission /audit requirements for Security Relevant Objects (SROs) and lists the SROs for Windows 7 Section 8 defines additional requirements for autorun, programs and features, and services Section 9 explains vulnerabilities
7 Security Settings Use Group Policy Editor to manage local computer policy Group Policy (Local) click Start, click Run, type gpedit.msc in the Open box Computer Configuration and User Configuration (Tree Structure) Left Pane lists the group policy items/sub-items Right Pane double-click item to configure setting
8 Group Policy Editor (Local)
9 Password and Account Lockout Policies Account Policies Path: Computer> Windows Setting> Security Settings> Account Policies Password Enforce password history 24 Maximum password age 60 Minimum password age 1 Minimum password length 14 Password must meet complexity requirements Enable Store passwords using reversible encryption Disable Account Lockout Account lockout duration 0 Account lockout threshold 3 invalid logon attempt(s) Reset account lockout counter after 60 minute(s)
10 Kerberos Policy The Kerberos authentication protocol provides the default mechanism for domain authentication services and the authorization data that is necessary for a user to access a resource and perform a task on that resource. In most environments, the Kerberos policy settings should not need to be changed. These policy settings are applied at the domain level, and the default values are configured in the Default Domain Policy in a default installation of a Windows Server Active Directory (AD) domain.
11 Advanced Audit Policies Advanced Audit Policies Path: Computer> Windows Setting> Security Settings> Advanced Audit Policy Configuration> System Audit Policies Advanced Auditing replaces the standard audit policies There are 54 audit settings to Review
12 Advanced Audit Policies (Continued) Account Logon Audit Credential Validation Audit Kerberos Authentication Service Audit Kerberos Service Ticket Operations Audit Other Account Logon Events Success and Failure No Auditing No Auditing No Auditing Account Management Audit Application Group Management Audit Computer Account Management Distribution Group Management Other Account Management Events Security Group Management User Account Management No Auditing Success and Failure No Auditing Success and Failure Success and Failure Success and Failure
13 Advanced Audit Policies (Continued) Detailed Tracking DPAPI Activity Process Creation Process Termination RPC Events Success DS Access Detailed Directory Service Replication Directory Service Access Directory Service Changes Directory Service Replication No Auditing Failure No Auditing No Auditing
14 Advanced Audit Policies (Continued) Logon/Logoff Account Lockout IPsec Extended Mode IPsec Main Mode IPsec Quick Mode Logoff Logon Network Policy Server Other Logon/Logoff Events Special Logon Success Success and Failure Success
15 Advanced Audit Policies (Continued) Object Access Application Generated Certification Services Detailed File Share File Share File System Filtering Platform Connection Filtering Platform Packet Drop Handle Manipulation Kernel Object Other Object Access Events Registry SAM Failure Failure Success and Failure
16 Advanced Audit Policies (Continued) Policy Change Audit Policy Change Authentication Policy Change Authorization Policy Change Filtering Platform Policy Change MPSSVC Rule-Level Policy Change Other Policy Change Events Success and Failure Success Privilege Use Non Sensitive Privilege Use Other Privilege Use Events Sensitive Privilege Use Success and Failure
17 Advanced Audit (Continued) / Log Policies System IPsec Driver Other System Events Security State Change Security System Extension System Integrity Success and Failure Success and Failure Success and Failure Success and Failure Application, Security, System Log File Path Maximum Log Size (KB) Maximum Log Size (KB) Backup log automatically when full Log Access Retain old events Not Configured Kb* Disable
18 Log Policies (Continued)
19 User Rights Assignments User Rights Assignments Path: Computer> Windows Setting> Security Setting> Local Policies> User Rights Assignment Most items are configured the same for MUSA, P2P, or Client/Server No surprises in the configuration settings An estimated 42 settings to review/configure Refer to baseline standard for complete list of settings
20 Security Options Security Options Path: Computer> Windows Setting> Security Setting> Local Policies> Security Options 3 types of IS MUSA P2P Client / Server An estimated 87 security settings Configurable options: digital data signatures, Administrator and Guest account names, access to floppy disk, CD- ROM USB drives, driver installation behavior, and logon prompts Refer to baseline standard for complete list of settings
21 Windows Firewall Windows Firewall Path: Computer> Windows Setting> Windows Firewall with Advance Security> - Local Group Policy Object Software controlled Enable/Disable communication traffic Protect the IS from unwanted attacks Denial of Service (DoS) Malware, Spyware, other Virus Printing Downloading Right click to access/configure communication traffic 3 Firewall Profiles (Domain, Private, Public) Firewall Properties Connection Security Rules Inbound/Outbound Rules Firewall settings should be not configured for MUSA
22 Windows Firewall (Continued)
23 Windows Firewall (Continued) Firewall State On, Off, Not configured Configure inbound / outbound connections Additional settings to consider include Notifications, Unicast, and Rule Merging - (Group Policies ) Each item has Yes No Not Configured Logging events Identifying a Log Name Drop Packets Successful Connections Log Size Consider SRO
24 Windows Firewall (Continued) Create and configure custom security rules
25 Windows Firewall (Continued) Create and configure Inbound/Outbound rules for a Program, Port, or Predefined connections
26 Group Policy Processing Path: Computer Configuration> Administrative Templates> System> Group Policy Group Policy - Registry policy processing Not Defined Client / Server Do not apply during periodic background processing False Process even if the Group Policy objects have not changed True
27 Internet Communication Policies Path: Computer Configuration > Administrative Templates > System >Internet Communication Setting Turn off downloading of print drivers over HTTP Turn off Internet download for Web publishing and online ordering wizards Turn off printing over HTTP Turn off Search Companion content file updates Turn off the "Publish to Web" task for files and folders Turn off the Windows Messenger Customer Experience Improvement Program Turn off Windows Update device driver searching
28 Additional Settings Run at Login Path: Computer Configuration> Administrative Templates> System> Logon Do not process the legacy run list Not Defined Do not process the run once list Not Defined Power Management Path: Computer Configuration> Administrative Templates> System> Power Management> Sleep Setting Require a Password When a Computer Wakes (On Battery) Require a Password When a Computer Wakes (Plugged In) Remote Assistance Path: Computer Configuration> Administrative Templates> System> Remote Assistance Offer Remote Assistance Disabled Solicited Remote Assistance Disabled Not Defined
29 Additional Settings (Continued) Remote Procedure Call Path: Computer Configuration> Administrative Templates> System> Remote Procedure Call Restrictions for Unauthenticated RPC clients Not Defined RPC Runtime Unauthenticated Client Restriction to Apply (applies above) Authenticated RPC Endpoint Mapper Client Authentication AutoPlay Policies Path: Computer Configuration> Administrative Templates> Windows Components> AutoPlay Policies Turn off Autoplay Default behavior for AutoRun Turn off Autoplay for non-volume devices -- All drives --
30 Additional Settings (Continued) Credential User Interface Path: Computer Configuration> Administrative Templates> Windows Components> Credential User Interface Enumerate administrator accounts on elevation Disabled Require trusted path for credential entry. RSS Feeds Path: Computer Configuration> Administrative Templates> Windows Components> RSS Feeds Turn off downloading of enclosures HomeGroup Path: Computer Configuration> Administrative Templates> Windows Components> HomeGroup Prevent the computer from joining a homegroup
31 Additional Settings (Continued) Windows Explorer Path: Computer Configuration> Administrative Templates> Windows Components> Windows Explorer Turn off Data Execution Prevention for Explorer Disabled Windows Remote Shell Path: Computer Configuration> Administrative Templates> Windows Components> Windows Remote Shell Allow Remote Shell Access Disabled Windows Update Path: Computer Configuration> Administrative Templates> Windows Components> Windows Update Configure Automatic Updates Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box Disabled Disabled
32 Additional Settings (Continued) Windows Update Continued Do not display Install Updates and Shut Down option in Shut Down Windows dialog box No auto-restart with logged on users for scheduled automatic updates installations Reschedule Automatic Updates scheduled installations Startup (minutes) Specify intranet Microsoft update service location Disabled Disabled 1 Minute Not configured
33 Additional Settings (Continued) Personalization Path: User Configuration> Administrative Templates> Control Panel> Personalization Enable screen saver Force specific screen saver Screen saver executable name scrnsave.scr Password protect the screen saver Screen saver timeout Seconds 900 = 15 Minutes
34 Additional Settings (Continued) System Path: User Configuration> Administrative Templates> System Prevent access to registry editing tools Disable regedit from running silently? Yes
35 Additional Settings (Continued) Attachment Manager Path: User Configuration> Administrative Templates> Windows Components> Attachment Manager Do not preserve zone information in file attachments Hide mechanisms to remove zone information Notify antivirus programs when opening attachments Disabled
36 Additional Settings (Continued) Section 6 defines additional configurations, some of the items have already been covered in the previous sections. Examples of some of the additional controls Networking Printer Driver installation Internet Communication Logon Sleep Setting Troubleshooting and Diagnostics Remote Assistance Windows Time Server Application Compatibilities Desktop Gadgets Event Log Service Game Explorer (updating or downloading) HomeGroup Remote Desktop Service Etc
37 File Permissions and File Auditing for SROs Section 7 identifies Security Relevant Objects (SRO) and defines file auditing requirements Monitor access to sensitive files including SROs SRO Examples Audits records (local and backup copies) Windows\System32 Windows\SysWOW64 Anti-Virus program folder / updates System recovery files Program or Financial Data Additional SRO files/ folders (device drivers) To access the appropriate file or folder, open Windows Explorer and follow the steps outlined below. 1. Right-click on the file/folder, then select Properties 2. Select the Security tab and click on Advanced 3. Select the Auditing tab and click on Add, then specify a user or group (e.g., Everyone) 4. Configurations: For PL1 systems configure the file permission access attributes as shown on next slide. Special Note: For PL 2 systems configure the following file permission access attributes: Select Full Control Failed to capture all failed check boxes.
38 File Permission Access Attributes for PL1 SROs Folder File
39 Vulnerabilities Defined as any object or resource that may cause a possible threat to the operation of the accredited IS. A vulnerability may be caused by an outsider or insider threat. Vulnerabilities should be identified and a risk assessment be performed to determine the overall health of the IS. Examples Accounts Password User Rights Services Files and Permissions Software / Hardware Networking User and Group Accounts Source code
40 Known Issues Section 5.4 Windows Explorer Settings: Remove Security Tab is set to. Recommendation: Apply the policy to Users and not Administrators until this is resolved. Section 5.2 Registry Editing Options: Prevent access to registry editing tools is set to enabled. Recommendation: Apply the policy to Users and not Administrators until this is resolved. Section 4.9 Windows Firewall Starting Page 22: This section has you completely configure the Windows Firewall section. Recommendations: You cannot turn on windows firewall on the domain controller. If you do you will stop Domain controlled activity communications. There is no baseline for configuring the DC for ports that need to be active on the DC firewall. Section 8.3 Services, the standard says to Disable Windows Firewall/Internet Connection Sharing (which is the Windows XP Service name for the firewall). The Windows 7 /2008 name for the firewall is "Windows Firewall".
41 Known Issues Page 21: of Baseline settings, User Account Control: Admin Approval Mode for the Built-in Administrator & Behavior of the elevation prompt for administrators in Admin approval Mode is set to for MUSA / P2P / Client/Server. The behavior after this setting is implemented is to enter you Userid and Password for every Security Relevant action. Recommendation: This should remain Disabled or and you can disable this setting while performing security activity Page 10: Object Access SAM, No Auditing. Recommend setting to success and failure. Redundant for local audit setting if tampered with. Page12: Application - Backup Log Automatically when Full is enabled. This inherits the requirement to audit the Backup Log also as a SRO. Page 24: Log File for Windows Firewall is set to a file path that is not the standard windows events path. This inherits the requirement to audit the Backup Log also as a SRO.
42 Known Issues Anti-Virus Software Not addressed in this manual. Anti-Virus software is security relevant and is required to be audited as a SRO. Common File locations: C:\Program Files\{AV-Software Folder} C:\Program Files\Common Files\{AV-Software Folder} C:\ProgramData\{AV-Software Folder} C:\Program Files(x86)\{AV-Software Folder C:\Program Files(x86)\Common Files\{AV-Software Folder} Note: Program Data folder is hidden, must unhide folder to view in Explorer view options. Event Log Reader and DOMAIN\Event Log Reader account has default permissions for the %WINDOWS%\System32\Winevt\Logs folder. If you have not added "EVENT LOG READER" account /w FULL CONTROL to the permissions you will not be able to start the EVENT LOG SERVICE or if it does start there will be total chaos trying to read logs and save them. The error will be ACCESS DENIED. Finally, the service will stop and error "Windows could not start the Windows Event Log Service on Local Computer. Error 5: Access is Denied.
43 Validation Verify the system security settings Have others review the setting Validate the Configuration Windows\System32 \ - (~ 150 files permissions 32bit OS) Windows\SysWOW64 \ - (~ 132 files permissions 64bit OS) Windows\WINSXS\ (~ files permissions 64bit OS) File and Folder Permissions Event logs User account Local and Domain policies Use a Software Tools - SRO NISP tool works on older Windows OS - Retired Gold Disk Retired Retina Scan GPResult tool Security Content Automation Protocol - (SCAP) Northern Gunmen develop a PL-1 content benchmark DSS has not approved the PL-1 content from NG
44 Warp Up Software - Know what is and is not a SRO Hardware - Know what is does Patches Know what software updates are done and why Software Activation Do you have a way to activate software (Activation code) once the system is installed No internet connection. IS support Do you have support when you need it for the Accredited IS? Verify Technical & Non-Technical Controls Do the configurations match? Know the Program Requirements Work with the Program before you start purchasing equipment. Setup / Test / Validate the IS Verify the equipment, software, security measures are in place and working as defined
45 References DSS ODAA Windows 7 / Server 2008 R2 baseline standard DSS ISSP and RDAA throughout the United States Dayton ISSM Working Group (DISSMWG) Microsoft Lockheed Martin Aero (Fort Worth, TX; Palmdale, CA ; Marietta, GA) National Information System Security Committee (ISSC) Local NCMS Dallas / Fort Worth Chapter and ISSIG.
46 Questions? Questions Robert Huth, ISSM Elbit Systems of America office robert.huth.elbitsystems-us.com
Defense Security Service Office of the Designated Approving Authority
Defense Security Service Office of the Designated Approving Authority Baseline Technical Security Configuration of Microsoft Windows 7 and Microsoft Server 2008 R2 Version 1.0 Title Page Document Name:
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationCIS Microsoft Windows 7 Benchmark. v2.1.0-12-03-2013. http://benchmarks.cisecurity.org
CIS Microsoft Windows 7 Benchmark v2.1.0-12-03-2013 http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics,
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationAudit Policy Subcategories
668 CHAPTER 20 Windows Server 2008 R2 Management and Maintenance Practices These recommended settings are sufficient for the majority of organizations. However, they can generate a heavy volume of events
More informationSECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)
WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term
More informationAIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE. Microsoft Windows Security. www.uscyberpatriot.
AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION PROGRAM UNIT FIVE Microsoft Windows Security www.uscyberpatriot.org AIR FORCE ASSOCIATION S CYBERPATRIOT NATIONAL YOUTH CYBER EDUCATION
More informationms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...
Page 1 of 16 Security How to Configure Windows Firewall in a Small Business Environment using Group Policy Introduction This document explains how to configure the features of Windows Firewall on computers
More informationStep-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses
Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses 2004 Microsoft Corporation. All rights reserved. This document is for informational purposes only.
More informationSetting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010
Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install
More informationObjectives. At the end of this chapter students should be able to:
NTFS PERMISSIONS AND SECURITY SETTING.1 Introduction to NTFS Permissions.1.1 File Permissions and Folder Permission.2 Assigning NTFS Permissions and Special Permission.2.1 Planning NTFS Permissions.2.2
More informationStep-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab
Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide describes how to create
More informationNetWrix Account Lockout Examiner Version 4.0 Administrator Guide
NetWrix Account Lockout Examiner Version 4.0 Administrator Guide Table of Contents Concepts... 1 Product Architecture... 1 Product Settings... 2 List of Managed Domains and Domain Controllers... 2 Email
More informationLesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment
Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4
More informationWindows Server 2008/2012 Server Hardening
Account Policies Enforce password history 24 Maximum Password Age - 42 days Minimum Password Age 2 days Minimum password length - 8 characters Password Complexity - Enable Store Password using Reversible
More informationMicrosoft Windows 7. Administration. Instant Reference. William Panek WILEY. Wiley Publishing, Inc.
Microsoft Windows 7 Administration Instant Reference William Panek WILEY Wiley Publishing, Inc. Introduction xix PART I: Installation 1 Chapter 1: Installing Windows 7 3 Understand Windows 7's New Features
More informationDefense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations
Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations March 2009 Version 2.2 This page intentionally left blank. 2 1. Introduction...4
More informationInstallation Guide for Pulse on Windows Server 2008R2
MadCap Software Installation Guide for Pulse on Windows Server 2008R2 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software
More informationהמרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב ע"ש ספיר
מודולות הלימוד של מייקרוסופט הקורס מחולק ל 4 מודולות כמפורט:.1Configuring Microsoft Windows Vista Client 70-620 Installing and upgrading Windows Vista Identify hardware requirements. Perform a clean installation.
More informationVERITAS Backup Exec TM 10.0 for Windows Servers
VERITAS Backup Exec TM 10.0 for Windows Servers Quick Installation Guide N134418 July 2004 Disclaimer The information contained in this publication is subject to change without notice. VERITAS Software
More informationInstallation Guide for Pulse on Windows Server 2012
MadCap Software Installation Guide for Pulse on Windows Server 2012 Pulse Copyright 2014 MadCap Software. All rights reserved. Information in this document is subject to change without notice. The software
More informationInstallation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.
. All right reserved. For more information about Specops Deploy and other Specops products, visit www.specopssoft.com Copyright and Trademarks Specops Deploy is a trademark owned by Specops Software. All
More informationGFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.
GFI LANguard 9.0 ReportPack Manual By GFI Software Ltd. http://www.gfi.com E-mail: info@gfi.com Information in this document is subject to change without notice. Companies, names, and data used in examples
More informationBest Practice Configurations for OfficeScan (OSCE) 10.6
Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan
More informationDefense Security Service Industrial Security Field Operations NISP Authorization Office. Technical Assessment Guide for Windows 7 Operating System
Defense Security Service Industrial Security Field Operations NISP Authorization Office Technical Assessment Guide for Windows 7 Operating System February 2016 Revision Log Date Revision Description of
More informationFortKnox Personal Firewall
FortKnox Personal Firewall User Manual Document version 1.4 EN ( 15. 9. 2009 ) Copyright (c) 2007-2009 NETGATE Technologies s.r.o. All rights reserved. This product uses compression library zlib Copyright
More informationWhatsUp Gold v16.3 Installation and Configuration Guide
WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard
More informationNNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37
NNT PCI DSS Microsoft Windows Server 2012 R2 Benchmark 12/17/2015 12:37 Compliance Score : 89.81% 370 of 412 rules passed 0 of 412 rules partially passed 42 of 412 rules failed Detailed PCI DSS v3.1 Requirements
More informationNetWrix USB Blocker. Version 3.6 Administrator Guide
NetWrix USB Blocker Version 3.6 Administrator Guide Table of Contents 1. Introduction...3 1.1. What is NetWrix USB Blocker?...3 1.2. Product Architecture...3 2. Licensing...4 3. Operation Guide...5 3.1.
More informationMalware Protection II White Paper Windows 7
Malware Protection II White Paper Windows 7 Rohde & Schwarz recognizes the potential risk of computer virus infection when connecting Windows -based test instrumentation to other computers via local area
More informationFreshservice Discovery Probe User Guide
Freshservice Discovery Probe User Guide 1. What is Freshservice Discovery Probe? 1.1 What details does Probe fetch? 1.2 How does Probe fetch the information? 2. What are the minimum system requirements
More informationManageEngine Desktop Central Training
ManageEngine Desktop Central Training Course Objectives Who Should Attend Course Agenda Course Objectives Desktop Central training helps you IT staff learn the features offered by Desktop Central and to
More informationPearl Echo Installation Checklist
Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions
More informationInstalling OneStop Reporting Products
Installing OneStop Reporting Products Contents 1 Introduction 2 Product Overview 3 System Requirements 4 Deployment 5 Installation 6 Appendix 2010 OneStop Reporting http://www.onestopreporting.com support@onestopreporting.com
More informationMigrating MSDE to Microsoft SQL 2008 R2 Express
How To Updated: 11/11/2011 2011 Shelby Systems, Inc. All Rights Reserved Other brand and product names are trademarks or registered trademarks of the respective holders. If you are still on MSDE 2000,
More informationDefault Domain Policy Data collected on: 10/12/2012 5:28:08 PM General
Default Domain Default Domain Data collected on: 10/12/2012 5:28:08 PM General Details Domain Owner Created Modified User Revisions Computer Revisions Unique ID GPO Status webrecon.local WEBRECON\Domain
More informationILTA HANDS ON Securing Windows 7
Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding
More informationkurt.dillard.c@g2-inc.com kurtdillard@msn.com
kurt.dillard.c@g2-inc.com kurtdillard@msn.com What Changed Since Alpha What Hasn t Changed How do the USGCB and FDCC Relate? Building Your Test Lab Resources Core Networking - Dynamic Host Configuration
More informationK7 Business Lite User Manual
K7 Business Lite User Manual About the Admin Console The Admin Console is a centralized web-based management console. The web console is accessible through any modern web browser from any computer on the
More informationActivity 1: Scanning with Windows Defender
Activity 1: Scanning with Windows Defender 1. Click on Start > All Programs > Windows Defender 2. Click on the arrow next to Scan 3. Choose Custom Scan Page 1 4. Choose Scan selected drives and folders
More informationKaseya Server Instal ation User Guide June 6, 2008
Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's
More informationGetting Started. Symantec Client Security. About Symantec Client Security. How to get started
Getting Started Symantec Client Security About Security Security provides scalable, cross-platform firewall, intrusion prevention, and antivirus protection for workstations and antivirus protection for
More informationTestElite - Troubleshooting
TestElite - Troubleshooting Revision Sheet 1.0 Balázs Mayer 2014 TestElite. All Rights Reserved. Troubleshooting This document is a collection of the frequented asked questions (FAQ) for solving the general,
More informationWindows 2000/XP DSS Auditing Written by: Darren Bennett - CISSP Originally Written 08/04/04 Last Updated 08/07/04
Windows 2000/XP DSS Auditing Written by: Darren Bennett - CISSP Originally Written 08/04/04 Last Updated 08/07/04 Intro: The NISPOM Chapter 8 establishes requirements for auditing and securing information
More informationAgency Pre Migration Tasks
Agency Pre Migration Tasks This document is to be provided to the agency and will be reviewed during the Migration Technical Kickoff meeting between the ICS Technical Team and the agency. Network: Required
More informationBelarc Advisor Security Benchmark Summary
Page 1 of 5 The license associated with the Belarc Advisor product allows for free personal use only. Use on multiple computers in a corporate, educational, military or government installation is prohibited.
More informationSophos Anti-Virus for NetApp Storage Systems startup guide
Sophos Anti-Virus for NetApp Storage Systems startup guide Runs on Windows 2000 and later Product version: 1 Document date: April 2012 Contents 1 About this guide...3 2 About Sophos Anti-Virus for NetApp
More informationPortions of this product were created using LEADTOOLS 1991-2009 LEAD Technologies, Inc. ALL RIGHTS RESERVED.
Installation Guide Lenel OnGuard 2009 Installation Guide, product version 6.3. This guide is item number DOC-110, revision 1.038, May 2009 Copyright 1992-2009 Lenel Systems International, Inc. Information
More informationBefore deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.
SiteAudit Knowledge Base Deployment Check List June 2012 In This Article: Platform Requirements Windows Settings Discovery Configuration Before deploying SiteAudit it is recommended to review the information
More informationTable of Contents. CHAPTER 1 About This Guide... 9. CHAPTER 2 Introduction... 11. CHAPTER 3 Database Backup and Restoration... 15
Table of Contents CHAPTER 1 About This Guide......................... 9 The Installation Guides....................................... 10 CHAPTER 2 Introduction............................ 11 Required
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationCitrix Access Gateway Plug-in for Windows User Guide
Citrix Access Gateway Plug-in for Windows User Guide Access Gateway 9.2, Enterprise Edition Copyright and Trademark Notice Use of the product documented in this guide is subject to your prior acceptance
More informationInstalling and Configuring WhatsUp Gold
Installing and Configuring WhatsUp Gold This guide provides information about installing and configuring WhatsUp Gold v14.2, including instructions on how to run the WhatsUp web interface through an Internet
More informationDC Agent Troubleshooting
DC Agent Troubleshooting Topic 50320 DC Agent Troubleshooting Web Security Solutions v7.7.x, 7.8.x 27-Mar-2013 This collection includes the following articles to help you troubleshoot DC Agent installation
More informationMalware Protection White Paper
Malware Protection White Paper Rohde & Schwarz recognizes the potential risk of computer virus infection when connecting Windows -based test instrumentation to other computers via local area networks (LANs),
More informationServer Manager Performance Monitor. Server Manager Diagnostics Page. . Information. . Audit Success. . Audit Failure
Server Manager Diagnostics Page 653. Information. Audit Success. Audit Failure The view shows the total number of events in the last hour, 24 hours, 7 days, and the total. Each of these nodes can be expanded
More informationNETASQ SSO Agent Installation and deployment
NETASQ SSO Agent Installation and deployment Document version: 1.3 Reference: naentno_sso_agent Page 1 / 20 Copyright NETASQ 2013 General information 3 Principle 3 Requirements 3 Active Directory user
More informationNetWrix Password Manager. Quick Start Guide
NetWrix Password Manager Quick Start Guide Contents Overview... 3 Setup... 3 Deploying the Core Components... 3 System Requirements... 3 Installation... 4 Windows Server 2008 Notes... 4 Upgrade Path...
More informationThe SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.
WatchGuard SSL v3.2 Release Notes Supported Devices SSL 100 and 560 WatchGuard SSL OS Build 355419 Revision Date January 28, 2013 Introduction WatchGuard is pleased to announce the release of WatchGuard
More information70-685: Enterprise Desktop Support Technician
70-685: Enterprise Desktop Support Technician Course Introduction Course Introduction Chapter 01 - Identifying Cause and Resolving Desktop Application Issues Identifying Cause and Resolving Desktop Application
More informationStep-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab
Página 1 de 54 Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab This guide provides detailed information about how you can use five computers to create a test lab with which to configure
More informationRSA SecurID Ready Implementation Guide
RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 18, 2006 Product Information Partner Name Microsoft Web Site http://www.microsoft.com/isaserver Product Name Internet
More informationWindows Server 2003 default services
Windows Server 2003 default services To view a description for a particular service, hover the mouse pointer over the service in the Name column. The descriptions included here are based on Microsoft documentation.
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 Domain Controllers Version: 3.0.0 Symantec Enterprise Security Manager Baseline Policy Manual for
More informationSymantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)
Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark For Windows Server 2008 (Domain Member Servers and Domain Controllers) Symantec Enterprise Security Manager Baseline Policy
More informationConfiguring SonicWALL TSA on Citrix and Terminal Services Servers
Configuring on Citrix and Terminal Services Servers Document Scope This solutions document describes how to install, configure, and use the SonicWALL Terminal Services Agent (TSA) on a multi-user server,
More informationUsing WMI Scripts with BitDefender Client Security
Using WMI Scripts with BitDefender Client Security Whitepaper Copyright 2009 BitDefender; Table of Contents 1. Introduction... 3 2. Key Benefits... 4 3. Available WMI Script Templates... 5 4. Operation...
More informationNETWRIX WINDOWS SERVER CHANGE REPORTER
NETWRIX WINDOWS SERVER CHANGE REPORTER INSTALLATION AND CONFIGURATION GUIDE Product Version: 4.0 March 2013. Legal Notice The information in this publication is furnished for information use only, and
More informationStep-by-Step Guide for Setting Up Network Quarantine and Remote Access Certificate Provisioning in a Test Lab
Step-by-Step Guide for Setting Up Network Quarantine and Remote Access Certificate Provisioning in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationDell Recovery Manager for Active Directory 8.6. Quick Start Guide
Dell Recovery Manager for Active Directory 8.6 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationGlobalSCAPE DMZ Gateway, v1. User Guide
GlobalSCAPE DMZ Gateway, v1 User Guide GlobalSCAPE, Inc. (GSB) Address: 4500 Lockhill-Selma Road, Suite 150 San Antonio, TX (USA) 78249 Sales: (210) 308-8267 Sales (Toll Free): (800) 290-5054 Technical
More informationSymantec Endpoint Protection Getting Started Guide
Symantec Endpoint Protection Getting Started Guide 12167130 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used
More informationWindows 7, Enterprise Desktop Support Technician
Windows 7, Enterprise Desktop Support Technician Course Number: 70-685 Certification Exam This course is preparation for the Microsoft Certified IT Professional (MCITP) Exam, Exam 70-685: Pro: Windows
More informationSymantec AntiVirus Corporate Edition Patch Update
Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationCore Protection for Virtual Machines 1
Core Protection for Virtual Machines 1 Comprehensive Threat Protection for Virtual Environments. Installation Guide e Endpoint Security Trend Micro Incorporated reserves the right to make changes to this
More informationXcalibur. Foundation. Administrator Guide. Software Version 3.0
Xcalibur Foundation Administrator Guide Software Version 3.0 XCALI-97520 Revision A May 2013 2013 Thermo Fisher Scientific Inc. All rights reserved. LCquan, Watson LIMS, and Web Access are trademarks,
More informationRelease Notes for Websense Email Security v7.2
Release Notes for Websense Email Security v7.2 Websense Email Security version 7.2 is a feature release that includes support for Windows Server 2008 as well as support for Microsoft SQL Server 2008. Version
More informationSophos for Microsoft SharePoint startup guide
Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning
More information4cast Client Specification and Installation
4cast Client Specification and Installation Version 2015.00 10 November 2014 Innovative Solutions for Education Management www.drakelane.co.uk System requirements The client requires Administrative rights
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows
: Managing, Maintaining, and Troubleshooting, 5e Chapter 3 Installing Windows Objectives How to plan a Windows installation How to install Windows Vista How to install Windows XP How to install Windows
More informationBasic Setup Guide. Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition
Basic Setup Guide Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition Contents Getting started...1 Software components...1 Section 1: Purchasing and downloading
More informationsafend a w a v e s y s t e m s c o m p a n y
safend a w a v e s y s t e m s c o m p a n y SAFEND Data Protection Suite Installation Guide Version 3.4.5 Important Notice This guide is delivered subject to the following conditions and restrictions:
More informationSetting Up, Managing, and Troubleshooting Security Accounts and Policies
3 Setting Up, Managing, and Troubleshooting Security Accounts and Policies............................................... Terms you ll need to understand: Local user account Local group Complex password
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationHosting Users Guide 2011
Hosting Users Guide 2011 eofficemgr technology support for small business Celebrating a decade of providing innovative cloud computing services to small business. Table of Contents Overview... 3 Configure
More informationImage Assistant. User Guide. Image Assistant. Laplink Software, Inc. User Guide. The ONLY Way to Restore an Old Image to a New PC!
1 Image Assistant Laplink Software, Inc. Customer Service/Technical Support: Web: http://www.laplink.com/help E-mail: CustomerService@laplink.com Laplink Software, Inc. 14335 NE 24th Street, Suite 201
More informationUsrig Microsoft User Account Cards
usrig microsoft noows J. Peter Bruzzese Nick Saccomanno cue* 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents v Table of Contents 1 Navigating Your Windows 7 Environment 5 The Windows
More informationComodo Cloud Drive Software Version 1.0
2 Comodo Cloud Drive Software Version 1.0 User Guide Guide Version 1.0 080613 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Table of Contents 1. Introduction to Comodo Cloud Drive...
More informationPC Security and Maintenance
PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-
More informationSophos Enterprise Console Help. Product version: 5.1 Document date: June 2012
Sophos Enterprise Console Help Product version: 5.1 Document date: June 2012 Contents 1 About Enterprise Console...3 2 Guide to the Enterprise Console interface...4 3 Getting started with Sophos Enterprise
More information4.0 SP1 (4.0.1.0) November 2014 702P03296. Xerox FreeFlow Core Installation Guide: Windows Server 2008 R2
4.0 SP1 (4.0.1.0) November 2014 702P03296 Installation Guide: Windows Server 2008 R2 2014 Xerox Corporation. All rights reserved. Xerox, Xerox and Design, FreeFlow, and VIPP are trademarks of Xerox Corporation
More informationEnterprise Manager. Version 6.2. Installation Guide
Enterprise Manager Version 6.2 Installation Guide Enterprise Manager 6.2 Installation Guide Document Number 680-028-014 Revision Date Description A August 2012 Initial release to support version 6.2.1
More informationThinPoint Quick Start Guide
ThinPoint Quick Start Guide 2 ThinPoint Quick Start Guide Table of Contents Part 1 Introduction 3 Part 2 ThinPoint Windows Host Installation 3 1 Compatibility... list 3 2 Pre-requisites... 3 3 Installation...
More informationSMART Vantage. Installation guide
SMART Vantage Installation guide Product registration If you register your SMART product, we ll notify you of new features and software upgrades. Register online at smarttech.com/registration. Keep the
More informationPassword Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2
Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2 Last revised: November 12, 2014 Table of Contents Table of Contents... 2 I. Introduction... 4 A. ASP.NET Website... 4 B.
More informationInstallation Troubleshooting Guide
Installation Troubleshooting Guide Firebird Database Connection Errors DBA Next Generation uses the Firebird Database server for connections to the database. If you have a connection error when launching
More informationQUANTIFY INSTALLATION GUIDE
QUANTIFY INSTALLATION GUIDE Thank you for putting your trust in Avontus! This guide reviews the process of installing Quantify software. For Quantify system requirement information, please refer to the
More informationNETWRIX PASSWORD MANAGER
NETWRIX PASSWORD MANAGER ADMINISTRATOR S GUIDE Product Version: 6.1 February/2012 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationSharp Remote Device Manager (SRDM) Server Software Setup Guide
Sharp Remote Device Manager (SRDM) Server Software Setup Guide This Guide explains how to install the software which is required in order to use Sharp Remote Device Manager (SRDM). SRDM is a web-based
More information