windows 7 security setting that cannot be dispensed
Hello Experts
I have a question about the settings that must be to do by expert after the installation of Windows I mean here the recommended settings for security such as firewall settings shouldn't be missed, antivirus settings, network settings, registry, and programs that can not be dispensed with "for Security"
Generally as an expert how to secure a pc in your network to be ready for employees to use.
thanks
I have a question about the settings that must be to do by expert after the installation of Windows I mean here the recommended settings for security such as firewall settings shouldn't be missed, antivirus settings, network settings, registry, and programs that can not be dispensed with "for Security"
Generally as an expert how to secure a pc in your network to be ready for employees to use.
thanks
ASKER
Thank you for reply
i am already do every steps mentioned on you comment thanks
but i am talking about more advanced settings not the regular
the setting for experts
i am already do every steps mentioned on you comment thanks
but i am talking about more advanced settings not the regular
the setting for experts
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@David Johnson thank you for answer
can i use it for standalone windows 7 or must be AD environment
can i use it for standalone windows 7 or must be AD environment
doesn't matter domain or standalone
ASKER
@David Johnson very nice programs really
But is there are any other tricks on the windows like registry or system settings
But is there are any other tricks on the windows like registry or system settings
Must have's for high security:
-Fully encrypted OS, encryption in use must know a user hierarchy, so that only admins can mount the drive offline.
-only trusted software should be used, if possible, use applocker to enforce this
-let users use and admins administer, no exceptions.
-use remoteapp browsers only, else no internet access
-Fully encrypted OS, encryption in use must know a user hierarchy, so that only admins can mount the drive offline.
-only trusted software should be used, if possible, use applocker to enforce this
-let users use and admins administer, no exceptions.
-use remoteapp browsers only, else no internet access
ASKER
yes i need a high security system
that's what i am talking about but i am not looking usually security steps like antivirus
@McKnife you are right i am already applied all this but also i found an attacked computer in the network
i am looking for some specially app like suggested Mr David Johnson
that's what i am talking about but i am not looking usually security steps like antivirus
@McKnife you are right i am already applied all this but also i found an attacked computer in the network
i am looking for some specially app like suggested Mr David Johnson
You applied all four measures? What encryption do you use, what remoteapp system? Applocker or srp?
ASKER
Microsoft CRM work as remoteapp i am using citrix xenapp 6.5
other app only office group and antivirus no multimedia and sound disabled ;)
all user Drivers work with BitLocker encryption all C drive Hidden
TMG firewall only pop3, imap, and ica allowed for users no internet at all
Very tough GPO applied for all user even background and right click prohibited
other app only office group and antivirus no multimedia and sound disabled ;)
all user Drivers work with BitLocker encryption all C drive Hidden
TMG firewall only pop3, imap, and ica allowed for users no internet at all
Very tough GPO applied for all user even background and right click prohibited
And you say you used applocker as well? Then I wonder how that PC got infected. Did you analyze it?
ASKER
Did you analyze it
yes
i found in the anti virus log that an infected file the path back to email "outlook"
but the anti virus already quarantined this file
after a couple day i found unusual hdd traffic for this computer and the employee complain that his computer is very slow
and i found that anti virus still found virus on the pc with high memory and processes usage
so i format that pc and recover the windows image it work fine
so i decided to search for any way to improve my network security
yes
i found in the anti virus log that an infected file the path back to email "outlook"
but the anti virus already quarantined this file
after a couple day i found unusual hdd traffic for this computer and the employee complain that his computer is very slow
and i found that anti virus still found virus on the pc with high memory and processes usage
so i format that pc and recover the windows image it work fine
so i decided to search for any way to improve my network security
ASKER
other thing i forgot to say
after i check the mail with virus i found that mail look like one of our customer mail
so if the customer mail like this name@xycompany.com it sent from name@xycompony.come with O not with A
after i check the mail with virus i found that mail look like one of our customer mail
so if the customer mail like this name@xycompany.com it sent from name@xycompony.come with O not with A
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
What proactive applocker you Suggest
Applocker is built into windows in enterprise edition.
so if you need the GPO setting please inform
But on the Computer level there are steps that must be followed even before joining this computer to the domain
1. Windows must be up to date
2. any antivirus program suffice as long as up to date
3. Antispyware programs are also necessary up to date
4- Make sure that all local users deleted except your local admin with complex password