General discussion


OS hardening

By low_yu ·
I got more than 20 new Win2k PCs required OS hardening. I would like to know besides do it one by one do I have alternative ?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by mark.parker In reply to OS hardening

It depends on what you mean by OS hardening.

Do you mean
A) to lock down the PC so that users can not alter the workstation setup, or
B)do you mean secure the workstations from malicious attacks.

If A, then if the workstations are in a Active Directory domain you can use Group Policies to lock down their configuration, and limit what users are able to do.

if B) then grab then get yourself a copy of Ghost (or similar copying product), grab the CIS security benchmark for your operating system from, prepare a single machine to a Standard Operating Environment you are satisfied with and use ghost to replicate this across the other 19 workstations.

Hope this helps.

Collapse -

by p.j.hutchison In reply to OS hardening

You can also use the Security Templates MMC and apply the hisecws template to your PCs to secure them.

Collapse -

by low_yu In reply to

Poster rated this answer.
Please elaborate more in detail

Collapse -

by p.j.hutchison In reply to OS hardening

Using the Security Templates you can apply restrictions using the Local Security Policy to lockdown the workstation. Basically apply a predefined security policy to your workstation.

Of course, you can use Group Policy (if in a domain) to lockdown workstations instead.

Related Discussions

Related Forums