Les équipes sécurité et compliance de MS sortent plusieurs outils/nouveautés pour sécuriser vos environnements:
Les Baselines de sécurité pour Windows 10 sont passées en version FINAL, vous trouverez là toutes les préconisations MS sur la sécurité de Windows10 et comment l’implémenter.
These are the updates we have made since the draft release in November, following continuing discussions with security experts in Microsoft, the Center for Internet Security, and customers:
- Enabled « Turn off Microsoft consumer experiences, » which is a new setting as of version 1511.
- Removed configuration of « Allow unicast response » from all three Windows Firewall profiles, as disallowing unicast response regularly causes DHCP address acquisition to fail. The threat it is supposed to protect against is miniscule.
- Removed the restrictions on the number of cached logons. Cached logon verifiers are difficult to break, particularly on Windows Vista and newer. (The DISA STIG has also removed this restriction.)
- Removed the screen saver timeout from User configuration, as the computer-wide « Interactive logon: Machine inactivity limit » setting removes that need.
- Removed all EMET settings from the baseline for the time being. Configuration settings in the upcoming version of EMET will be in a different format from that of the existing EMET 5.5 beta.
- Removed the configuration setting for « Recovery console: Allow automatic administrative logon. » This setting has been obsolete since Windows XP and its removal just got missed until now.
LGPO Utility permet de gérer les LGPOs sur les postes…
Features:
- Import settings into local group policy from GPO backups or from individual policy component files, including Registry Policy (registry.pol), security templates, and advanced auditing CSV files.
- Export local policy to a GPO backup.
- Parse a Registry Policy (registry.pol) file to readable « LGPO text » directly to the console or redirected to a file which can edited and imported into local policy.
- Build a new Registry Policy (registry.pol) file from « LGPO text ».
- Enable group policy client side extensions for local policy processing.
Policy Analyser, est un petit nouveau qui va bien me servir! il permet de comparer des GPOS et de faire de le boulot dans de bonnes conditions, fini l’export par Power Shell et l’import dans Excel avec ses erreurs inévitables…
Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). It can highlight when a set of Group Policies has redundant settings or internal inconsistencies, and can highlight the differences between versions or sets of Group Policies. It can also compare GPOs against current local policy settings and against local registry settings. And you can export its findings to a Microsoft Excel spreadsheet.
Policy Analyzer lets you treat a set of GPOs as a single unit. This makes it easy to determine whether particular settings are duplicated across the GPOs or are set to conflicting values. It also lets you capture a baseline and then compare it to a snapshot taken at a later time to identify changes anywhere across the set.
Ci dessous quelques Screenshots!
Cool non?
Alors direction le blog de l’équipe pour le télécharger
http://blogs.technet.com/b/secguide/
Bonne sécurisation à tous
PierrE
redkaffe 