A Do-it-Yourself SWMI? No sweat!

Ok, let’s be honest.  We all know that we need to secure our Active Directory infrastructures, but many of us are not entirely sure how.  You may even know that Group Policy is a great tool to do it centrally, but with literally thousands of Group Policy settings available in Windows Server 2008 R2, where should we start?  You may even be advanced enough to realize that you should probably secure different OUs differently… but what policies should we apply to our Domain Controllers? to our Virtualization Hosts? to our Clients? and so on…

If you have the time (and the money) I strongly suggest taking Jeremy Moskowitz’s course on Group Policy… a one week deep-dive into Group Policy, and you will likely be an expert.  For the rest of us, Microsoft has created the Security Compliance Manager tool which will actually create the appropriate Group Policy Objects (GPOs) for you, list the settings for you in an easy-to-manage Microsoft Office Excel spreadsheet, and then allow you to apply them to the appropriate Organizational Units.

Don’t get me wrong… you should probably dedicate a day or two to getting to know this tool, but once you do, you’ll be done Smile  Check it out at http://technet.microsoft.com/en-us/library/cc514539.aspx and take the first step toward a Secure, Well-Managed Infrastructure!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: