Custom network security policy checklist

To perform a security audit:
1. From the start menu, select "run". Type "mmc", then click "ok".
2. Select "file", then "add/remove snap-in".
3. Click "add".
4. Select "security configuration and analysis", then click "add".
5. Click "close", then "ok".
6. Right click on "security configuration and analysis" in the left window.
7. Select "open database".
8. Type the name that you would like the database to be called. The name has no effect on the analysis.
9. Select the template that you would like to compare the system against. This may be a custom template or one of the default Windows templates. The default templates are:
10. Right-click on "security configuration and analysis" in the left window.
11. Select "analyze computer now" to display discrepancies between the template and the current policy. Or, select "configure computer now" to enforce the selected template.
12. Specify the location of the log, click "ok".
13. The left window will display the category, the right window will display the results.

To create a custom security template:
1. From the start menu, select "run". Type "mmc" and click "ok".
2. Select "file", then "add/remove snap-in".
3. Select "add".
4. Select "security con

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Rogue access points: Preventing, detecting and handling best practices The TPM chip: An unexploited resource for network security Shifting defenses and dynamic perimeters challenge network security Compliance in a virtualized world: Server virtualization and NAC security Securing the new network architecture: Security for distributed, dynamic networks How to configure Windows Server 2008 advanced firewall MMC snap-in USB storage devices: Two ways to stop the threat to network security Network security: Using unified threat management (UTM) Network security: Empower users without endangering IT Network analysis -- Enhancing security assessments Network Security Monitoring and Analysis Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Hospital gains network visibility by convincing vendors to collaborate What software monitors and locks users from accessing my router? Data leak prevention starts with trusting your users NagVis -- 'Nagios: System and Network Monitoring, Second Edition,' Chapter 18 What is a genetic algorithm and where can I learn more about them online? Network Security Best Practices and Products Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices Network security threats solved by risk management: John Pironti explains How to evaluate and manage UTM for network security Profiling -- and protecting against -- network problem users: The Internet Novice How does a firewall work? Physical network security key to fighting low-tech threats Why are TCP/IP networks considered unsecured? Troubleshooting networks: Can vendor software self-install firewalls?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

figuration and analysis", click "add".
5. Click "close".
6. Click "ok" to close the add/remove snap-in window.
7. Right-click on "security configuration and analysis" in the left window.
8. Select "open database" and type the name that you would like the database to be called. The name has no effect on the policy. Click "open".
9. Select any template to modify.
10. Right-click on "security configuration and analysis" in the left window.
11. Select "analyze computer now".
12. Specify the location of the log, click "ok". This may take a few minutes.
13. The left window will display the category, and the right window will display the specific settings. You can modify the settings for the template here.
14. After all the desired settings have been modified, right-click on "security configuration and analysis", then select "save".
15. Right-click on "security configuration and analysis", then select "export template".
16. Name the template as desired, then click "save".
17. Now you may close the console. You do not need to save the console when prompted.
18. The new template will be located in the Windows directory under Security/Templates.

A security policy is only a portion of an effective security solution, but it should still be carefully considered and aggressively implemented. Following these steps will help you, the administrator, to enforce policies on client machines with no cost and minimal effort.

Chris Cox is a network administrator for the United States Army, based in Fort Irwin, California.

Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.