Group Policy as a Security Mechanism

Group Policy can and should be used inside any Active Directory domain environment for many different duties. While certainly useful for deploying settings and applications, and for making life easier on your users, in my opinion, those things are far from the most important focus area for Group Policy.

To me, security is the single most important aspect of the capabilities provided to us inside the Group Policy engine. Password policies, firewall rules, application blockers, the list goes on and on. Since Group Policy is basically all-powerful and able to manipulate almost anything on any workstation joined to your domain, it makes all kinds of sense to utilize this platform as your primary mechanism for securing the entire Windows infrastructure. 

The following topics will be covered in this chapter:

  • Password rules and regulations
  • A plethora of security settings
  • Windows Firewall with Advanced Security
  • Manipulating Local Users and Groups
  • Denying access to Command Prompt
  • Prohibiting user software installation
  • Disabling IPv6 via Group Policy
  • User Account Control (UAC)
  • Blocking USB drives

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.218.21.96