General Group policy security question

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am just sounding some info to see what responses I will receive. My
company is creating a separate secure network for a project. With an
emphasis on secure it’s my task to create the ad infrastructure. I know the
basics to lock down an ad environment (have been doing this for a few years)
What I wanted to know is there anyone out there that has something similar
and can share some experiences, especially working with group policy. The
server will be 2003 and the workstations will be xp. Is there anything you
guys think I should consider or just pay special attention to?
 
One important thing to note is that if the network has to be really secure
it has to be a separate forest and not just a separate domain within the
same forest.

From the Group Policy side, some good reading for you will be the Threats &
Countermeasures guide which include a bunch of extra GPO settings from MSS
that can tighten your DC builds.

Also be sure to configure the 'wait for network' settings so policy can't be
bypassed by pulling out the network cable just after logon!

http://www.microsoft.com/downloads/...93-147A-4481-9346-F93A4081EEA8&displaylang=en
 
Back
Top