The concept of the Security Baseline is to provide Microsoft guidance for IT administrators on how to secure the operating system, by using GPOs, in the following areas :This article in our series on Microsoft’s free security tools is focused on a tool called the Microsoft Baseline Security Analyzer (MBSA). Windows 10 is no exception to this, except now there’s a new release of security baseline following each major build of Windows 10. Microsoft has been releasing Security baseline since the Windows XP days. It includes a graphical and command line interface that can perform local or remote. With Microsoft Baseline Security Analyzer (64-Bit), assess the security state of Windows machine. Microsoft Baseline Security Analyzer (MBSA) is a discontinued software tool which is no longer available from Microsoft that determines security state by assessing missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IIS web server, and products Microsoft SQL Server.
![]() Microsoft Baseline Security Analyzer Replacement How To Secure TheThe idea here is to have a better understanding of what is going on. Key points that provide challengesHere are some configurations that are part of the baseline that should be looked at up front as they might provide issues with your environment. Click the Settings tab to see all the configuration importedOnce the GPOs are imported, testing is key!No magic trick here, start with test computers and then IT users/pilot users prior to applying this to production. Select Copying them identically from the source and click next Select the GPO to be imported, based on the name and click Next Browse to the GPOs folder and click Next ![]() Update ADMX in the Central store with the ones from the latest Windows 10 build prior to adding new settings Most of the new settings in the baseline will be in line with new features as part of the Windows 10 release Start by reviewing the Excel file to see what’s new to the baseline It has been proven to be one of the most critical security hole as of late with malware like WannaCry.On the other hand, sometimes we don’t have much choice to go against security.So to leave SMB v1 enabled as part of the security baseline GPO, we suggest reading the following blog post by Aaron MargosisThe GPO settings for SMB v1 are under Computer/Administrative Templates/MS Security GuideThe MSFT Windows 10 RS3 – BitLocker GPO contains a setting to Disable new DMA devices, that broke some computer.See the following blog post by Aaron Margosis for details on the issue.The setting Computer/Administrative Templates/Windows Components/BitLocker Drive Encryption/Disable new DMA devices when this computer is locked, should be reviewed prior to being applied.What to do when a new version of Security baseline is available?A new version of Security baseline usually come out at the same time as a Windows 10 build goes RTM.Microsoft has always released them as a DRAFT version that goes on for a couple months and then release the FINAL version.Here’s a checklist for what to do when the new version is available : Atari jaguar emulator for macBonus TipThe Policy Analyzer is a great tool to compare current GPOs against the ones from the Security Baseline.
0 Comments
Leave a Reply. |
AuthorAnurag ArchivesCategories |