Link to home
Start Free TrialLog in
Avatar of peblin
peblinFlag for United States of America

asked on

NISPOM Chapter 8 guidance for Windows Server 2008 and Windows 7

Does anyone have any experience securing a Windows Server 2008 domain with Windows 7 workstations to NISPOM chapter 8 requirements?  I am looking for maybe a .inf file to import into a GPO, or something similar to the NISP Tool.  Any help is greatly appreciated.
ASKER CERTIFIED SOLUTION
Avatar of Adam Brown
Adam Brown
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of peblin

ASKER

Thanks for the links although I can't seem to access them, I have a DoD PKI cert but it still won't authenticate me, maybe I will just ask my ISSP to get them for me.  Perhaps I'll ask for the gold disc as well, I know the baseline standards document was about 150 pages so a preconfigured system might be the best route.  In your experience how time consuming was it to create the .infs from scratch
Avatar of peblin

ASKER

Oops, my bad.  The PKI is only required for the FOUO version.  Thanks, and just in case you didn't know it does come with the .inf files.  PERFECT!
My usual tactic was to run a Gold Disk Scan and build up an INF to address the findings that popped up. The infs that come with it are for scanning and comparing existing configurations only. They actually direct you to *not* apply them because doing so can destroy your network in many situations, so use those with caution.
Avatar of peblin

ASKER

Hmmm, ok, I guess I will still need that gold disk.  Thanks for the advice.
Yeah. Gold Disk is very important for hardening your servers for accreditation. It's what the auditors use for determining compliance to NISPOM guidance (I used to be one of those guys) so it will help you a lot.