Saturday, January 28, 2012

Microsoft Security Compliance Manager V2 - Part 2

security compliance manager

Introduction
As on my previous post, I have cover the installation of the security tools that known as Microsoft Security compliance Manager.If you would like to revisit the article again, you can click on this link at Microsoft Security compliance Manager V2 : Part 1. On this article I will show you how to perform a security baseline in the domain environment. I will also show you how to backup the group policy object.


Requirement
You need to have a backup of your current group policy object before you can start using the tools.

Backup Group Policy Object step by step
  • This is a very easy task, what you need to do is login to the active directory server and launch the group policy management console as shown as below. You can find the tools under administrative tools in control panel.
group policy management console

  • Right click the group policy object that you will like to backup.
group policy backup

  • Select the location where you want to backup the files and have a proper labeling on the description.
group policy backup

  • This is what you will see after the backup is successful.
group policy backup

  • This would be the files that you have backup and we are ready for the 2nd stage to import into the Microsoft security compliance tools
group policy backup

Microsoft Security Compliance tool step by step
  • You can start the security tools by clicking on the security compliance manager icon
start the security compliance manager tool

  • On your left hand click the GPO Backup(Folder) to start import the policy into the tool.
import group policy object into security compliance manager tool

  • Select the path where you have store the GPO and press OK
locate the path where you have store your group policy object that you have backup earlier

  • For the GPO Name you can label any name that you like, but of course the name must be a meaningful name
You can lable any name that you like

  • If there is no corruption or wrong format on the group policy, you should be able to import the policy.
Now you have successfully import the group policy object into the security compliance tool

  • Screenshot of the GPO that you have imported
You can see the group policy object that you have imported

  • Now we would like to check on what is missing in our current security baseline with the industry standard.You can find the button at the right hand side of the tools.

  • Since we use the default domain controller policy as our sample. In this article I will use the baseline that provided by Security Compliance Manager.You will need to select the correct operating system.
Depending on the roles of the server, at this example I am using the domain controller security template

  • Select the Domain Controller Security Compliance 1.0 and click OK
what you need to do now is select the right baseline and start to compare on what is missing

  • You will see the list of the comparison and what need to improve. You have the option to export the files into excel format and slowly understand what needs to be implemented. However I will suggest you test this on your lab and validate whether this fits into your organization before you implement it.
A summary page showing what is missing and what needs to improve


Summary
This tools provide a good benchmark in term of validating compliance issue in the organization and also to mistake in wrong configuration or non standard.I hope this article does give you an idea on improving your security defense.Stay tune to my next article on the local security policy.


Your feedback is much appreciated. Let us know what you think about the blog and what you will like to see more. I am looking forward to read your suggestion.


No comments:

Post a Comment