The document discusses system hardening and outlines several challenges and approaches to implementing hardening. It begins with examples of real-world cyberattacks to illustrate the importance of hardening. It then discusses common hardening techniques like reducing attack surfaces and managing user rights assignments. The document also provides recommendations for how to plan and roll out hardening projects through a phased approach and highlights some potential pitfalls to avoid.
5. Real life examples
HARDENING – THE WHY
5 TEAL Technology Consulting GmbH
19.04.2023
Cyber-Angriff auf IT-Dienstleister Materna | heise online
Lürssen-Werft wurde zum Ziel von Ransomware-Attacke (handelsblatt.com) NZZ: Schweizer Zeitungen durch Cyberangriff massiv
beeinträchtigt | heise online
6. Real life examples
HARDENING – THE WHY
6 TEAL Technology Consulting GmbH
19.04.2023
Bericht des "Handelsblatt": Gehackte Daten von Continental im Darknet |
tagesschau.de
Nach Cyberangriff auf Continental: Hacker veröffentlichen Liste mit erbeuteten Daten
(handelsblatt.com)
Medibank hack: Email reveals staff details compromised by data
breach | news.com.au — Australia’s leading news site
7. Real life examples
HARDENING – THE WHY
7 TEAL Technology Consulting GmbH
19.04.2023
Investigation Regarding Misconfigured Microsoft Storage Location – Microsoft Security Response Center
8. Real life examples
HARDENING – THE WHY
8 TEAL Technology Consulting GmbH
19.04.2023
Amazon Web Services (AWS) Data Breaches: Full Timeline Through 2022 (firewalltimes.com)
9. Real life examples
HARDENING – THE WHY
9 TEAL Technology Consulting GmbH
19.04.2023
PrintNightmare: Schon wieder eine Drucker-Lücke in Windows ohne Patch | heise online
10. Real life examples
HARDENING – THE WHY
10 TEAL Technology Consulting GmbH
19.04.2023
Top 5 AWS Misconfigurations That Led to Data Leaks in 2021 | Spiceworks It Security
Clear statement
99% of cloud breaches is “misconfiguration”
Missing secure configuration
Missing “hardening”
No control
No process / no checks
12. 12 TEAL Technology Consulting GmbH
19.04.2023
“Measures in detection and response area need
to be enriched as they are no longer sufficient
to ensure adequate information security!"
“Shifting responsibility of IT security and protection
of assets to backoffice, accounting and non IT
people seems to be a very strange approach.”
14. Definition
HARDENING – THE WHAT
14 TEAL Technology Consulting GmbH
19.04.2023
In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when
a system performs more functions
Hardening
…considers information security as well as
data protection
…is one of several technical measures organizations
may adopt
Legal requirements are in place
…GDPR enforce “state of technology” (Art. 32
“security of processing”)
“State of the art” is defined (see Teletrust e.V.)
Several industry specific requirements enforce more detailed
configuration (e. g. VAIT for insurances, IT-Sicherheitsgesetz for
KRITIS relevant organizations, ISO 27001:2022 and many
more…)
15. It is necessary
HARDENING – THE WHAT
15 TEAL Technology Consulting GmbH
19.04.2023
Product law in America
Designed to make “everything” work to avoid legal impacts
“Dry the guinea in a microwave oven”
…other stories
Vendors recommend hardening
Microsoft: “We recommend that you implement an industry-
standard configuration that is broadly known and well-tested,
such as Microsoft security baselines, as opposed to creating
a baseline yourself. This helps increase flexibility and reduce
costs.”
How critical is secure configuration?
A running print spooler service was considered uncritical
until printer nightmare end of 2021.
Using SMBv1 was uncritical until WannaCry Ransomware
used EternalBlue exploit in 2017
Using Kerberos tickets based on RC4 encryption is
outdated since 2015 – why is it still activated?
A “non configured” Office installation is again target of an
attack - so is “non configuration” of Office uncritical?
…an open door in your house is uncritical until somebody
walks in who is not allowed to do so?
Security baselines guide - Windows security | Microsoft Docs
16. It is necessary
HARDENING – THE WHAT
16 TEAL Technology Consulting GmbH
19.04.2023
The NIST Cyber Security Framework covers five critical functions
where the marked ones are most relevant for securing (known)
endpoints.
PROTECT
DETECT
RESPOND
RECOVE
R
IDENTIFY
Technology PROTECT DETECT RESPOND
Anti-Malware solutions X X
Threat-Intel solutions X X
EDR/XDR solutions X X
MDR solutions X X
Vulnerability scanner X
SIEM solutions X
X
(SOC, IM
process)
Compromise Assessment X X
Hardening X
Enforce Administrator X X IM process
What does make more sense? Have a 24/7 team monitoring the door or just close the door and lock it?
17. Frameworks and legal:
System hardening is widely mentioned (some examples)
HARDENING – THE WHAT
17 TEAL Technology Consulting GmbH
19.04.2023
https://www.cisecurity.org/controls/
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kom
pendium/IT_Grundschutz_Kompendium_Edition2020.pdf?__blob=publication
File&v=6
https://www.teletrust.de/publikationen/broschueren/stand-der-
technik/?tx_reintdownloadmanager_reintdlm%5Bdownloaduid%5D=10505&
cHash=f39d74868a8b38e98e6cc09b0ab16f6f
18. HARDENING – THE WHAT
18 TEAL Technology Consulting GmbH
19.04.2023
Frameworks and legal
Extract from SWIFT questionnaire (end 2021)
BAFIN for banking and insurance sector (03/2022)
Cyber risk insurance questionaire (2022)
Questions for companies starting with 50.000.000 €
revenue up to 150.000.000 €. “Hardening” is first
questions in sector “basic”.
19. HARDENING – THE WHAT
19 TEAL Technology Consulting GmbH
19.04.2023
Frameworks and legal:
System hardening (“secure configuration”) in ISO 27001(2):2022
ISO 27001:2022
is updated and published!
20. System hardening - strategical part
HARDENING – THE WHAT
20 TEAL Technology Consulting GmbH
19.04.2023
NIST defines it as…
“The management and control of configurations
for an information system to enable security and
facilitate the management of risk.”
NIST also published a…
Guide for Security-Focused Configuration
Management of Information Systems | NIST
SecCM consists of four phases:
Security Configuration Management (SecCM) - Glossary | CSRC (nist.gov)
Guide for Security-Focused Configuration Management of Information Systems (nist.gov)
Planning
Identifying and
Implementing
Configurations
Controlling
Configuration
Changes
Monitoring
Figure 2-1 – Security-focused Configuration Management Phases
21. Hardening in context of a security landscape
HARDENING – THE WHAT
21 TEAL Technology Consulting GmbH
19.04.2023
Infrastructure Security Endpoint Security Application Security
Managed Security Service Provider Messaging Security Web Security
IoT Security Security Operations & Incident Response Threat Intelligence Mobile Security Data Security
Cloud Security
Identity & Access Management
Risk & Compliance
Specialized Threat Analysis & Protection
Transaction Security
22. Hardening in context of a security landscape
HARDENING – THE WHAT
22 TEAL Technology Consulting GmbH
19.04.2023
Infrastructure Security Endpoint Security Application Security
Messaging Security Web Security
IoT Security Security Operations & Incident Response Threat Intelligence
Risk & Compliance
Specialized Threat Analysis & Protection
Transaction Security
Mobile Security Data Security
Cloud Security
Identity & Access Management
Managed Security Service Provider
24. HARDENING – TOOL BASED
24 TEAL Technology Consulting GmbH
19.04.2023
Hardening is not only „scripting“ and technology
There are different approaches to
“harden” systems
Several technological approaches exist in the wild:
Several Computer news papers deliver “security tools” |
Who wants to use this in a professional area?
Github repositories with thousands of lines of code |
Who wants to take the risk to deploy it to a SME company?
Consulting providers deliver “hardening” on time & material base |
What happens if provider leaves, but something is not working as
expected?
Your advantages of a tool based approach
Automated optimization of your system configuration
Continuous monitoring of your security
Comprehensive and up-to-date system curing packages
Reduced operating costs through auto-optimization
Professional operation via “Managed services”
Technology based approach
Integrated approach
Just search for „hardening tools“ in
your favorite search engine
25. Why not via “Group Policy objects”?
25 TEAL Technology Consulting GmbH
19.04.2023
1) How quickly are several hundred hardening settings implemented? We are ready to use after installation.
2) How is it controlled that all settings arrive on the target systems?
3) How is a "restore" of settings performed when an application is no longer functional due to hardening
configurations?
4) How is the IT team notified if IT systems are suddenly no longer "compliant" with the specified settings?
5) How does meaningful process integration (incident management, ConfigMgmt) take place?
HARDENING – TOOL BASED
26. 26 TEAL Technology Consulting GmbH
19.04.2023
System hardening – the benefits
Security
Configuration
Management
Raise efficiency and save
(internal) resources
Raise protection
level
Be compliant and
transparent
Security of investment
A new insight?
Detected mistakes fixed early in a chain reduce
overhead and save money in the end.
Conclusion: Hardening is cost effective!
§
€
HARDENING – TOOL BASED
27. 27 TEAL Technology Consulting GmbH
19.04.2023
HARDENING – HOW TO ROLLOUT
28. Useful approaches
28 TEAL Technology Consulting GmbH
19.04.2023
HARDENING – HOW TO ROLLOUT
Hardening should be a continuously iterative process. Do not try to
achieve too much at once!
Based on our experience we recommend the following approach:
Identify critical systems (Tier0). Harden those service with a
strict hardening configuration to achieve high security.
Create a solid benchmark for new Client and Server
installations. Every new system or system which will be
reinstalled should comply with this benchmark.
Create a basic benchmark for existing Servers and Clients
to accelerate the rollout and to achieve a good hardening
status quickly.
The benefits of this approach is:
Critical systems are secured very strict
Much quicker basis hardening on almost all clients and
servers
Hardening is integrated in provisioning / reinstallation
processes
Overall, the attack surface decreases significantly
29. Examples of rollout approaches
29 TEAL Technology Consulting GmbH
19.04.2023
Rollout approach depends on customers infrastructure and could be controlled via several dimensions, for example:
Role oriented
Technology oriented (operating system, e.g.)
Location oriented
Rollout approach targeting newly deployed systems
Wave 1
• Domain
Controllers
Wave 2
• Member
Servers (file,
application)
Wave 3
• Web, DB
Servers
Wave 4
• Clients of IT
team
• Clients org
oriented
Wave 1
• (New) Windows
Server 2022
systems
Wave 2
• Installed systems
risk oriented
Wave 3
• Client world
starting with
Windows 10 (not
7,8)
HARDENING – TOOL BASED
30. Common “pit falls” in hardening projects
30 TEAL Technology Consulting GmbH
19.04.2023
Hardening projects really support in creating a better cyber hygiene! Possible exploited attack vectors are deactivated.
Some things can be automated, some things need to be tested/evaluated. So, in most cases hardening projects support in getting to
know the own infrastructure better as before:
Which services are activated but never used
Which server (or business critical application) is still running on old operating system
Are administrators still using one account / one machine for internet surfing and administering?
Are “built in accounts” still active and/or even more critical still in use?
And many more…
HARDENING – TOOL BASED
So, most common pit falls are amongst others the following ones:
Missing knowledge of own infrastructure
Missing documentation and overview of systems
Missing documentation and overview of application
Missing knowledge of how for example administrators maintain systems
“Old fashioned” (aka insecure) ways to maintain/administer IT systems
31. 31 TEAL Technology Consulting GmbH
19.04.2023
HARDENING –
HOW HARD CAN IT BE
33. 33 TEAL Technology Consulting GmbH
19.04.2023
SMBv1 NTLM v1
Client
challenges
Attack surface
reduction rules
User rights
assignment
LDAP signing /
channel binding
CHALLENGE
SMB v1 is outdated - still being used in customer environments example: A board member used an unmanaged tablet to access an
old NAS to view presentations stored there.
KNOWN ATTACKS
https://www.golem.de/news/wannacry-nsa-exploits-legen-weltweit-windows-rechner-lahm-1705-127801.html
HOW TO SOLVE
Either the systems can be configured for SMB v2 or v3, or they need to be replaced.
HOW TO VERIFY
whether SMB v1 is still in use. To do this, you can enable auditing in smaller environments via PowerShell (Set-
SmbServerConfiguration -AuditSmb1Access $true) or distribute the following registry key via GPO in larger environments.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLanmanServerParameter s
“AuditSmb1Access”=dword:00000001
Auditing should be performed at least on all domain controllers and file servers. The logs can either be collected via PowerShell or
forwarded to a log collector via event log forwarding.
34. 34 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE
NTLM v1 is outdated - still being used in customer environments
KNOWN ATTACKS
ProxyLogon (CVE-2021-28655 , CVE-2021-27065) and ProxyShell (CVE-2021-34473, CVE-2021-
34523, CVE-2021-31207) from Orange Tsai, PetitPotam (VDB-179650), topotam,
Active Directory Certificate Services (ADCS) from Will Schroeder and Lee Christensen
HOW TO SOLVE
Turn NTLM authentication off or enforce ntlm v2 only.
If a system needs to be reconfigured anyway, this is a good time to move directly to Kerberos if the application
supports it.
HOW TO VERIFY
Audit ntlm v1 usage via a gpo setting
Collect event:
$Events = Get-WinEvent -Logname Security -FilterXPath “Event[System[(EventID=4624)]]and
Event[EventData[Data[@Name=’LmPackageName’]=’NTLM V1′]]” | Select-Object `
@{Label=’Time’;Expression={$_.TimeCreated.ToString(‘g’)}},
@{Label=’UserName’;Expression={$_.Properties[5].Value}},
@{Label=’WorkstationName’;Expression={$_.Properties[11].Value}},
@{Label=’LogonType’;Expression={$_.properties[8].value}},
@{Label=’ImpersonationLevel’;Expression={$_.properties[20].value}}
SMBv1 NTLM v1
Client
challenges
Attack surface
reduction rules
User rights
assignment
LDAP signing /
channel binding
35. 35 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE
Microsoft already tried 3 years ago to force LDAP signing (ADV190023).
This is essentially a universal no-fix local privilege escalation in windows domain environments where LDAP signing
is not enforced (the default settings).
KNOWN ATTACKS
https://github.com/Dec0ne/KrbRelayUp
HOW TO SOLVE
After the list of servers which establishes an LDAP connection is generated, configure the application to use LDAPS. We had cases
where the OpenSSL package used in the OS didn’t support LDAPS. Thus, the server had to be reinstalled with a newer version of the
operating system.
HOW TO VERIFY
Enable logging via registry key on the DCs:
Reg Add HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDSDiagnostics /v “16 LDAP Interface
Events” /t REG_DWORD /d 2
Log CBT signing event 3041 by configuring “Domain controller: LDAP server channel binding token requirements” to
“When supported”
SMBv1
NTLM v1
Client
challenges
Attack surface
reduction rules
User rights
assignment
LDAP signing /
channel binding
36. 36 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE
Sometimes there are problems with the User Right Assignments.
For example, both CIS and MS Baseline configure “Ensure ‘Access this computer from the network’ is set to ‘Administrators,
Authenticated Users'”. However, when using Defender for Identity, it is necessary that the service account used has just this right.
HOW TO SOLVE
You need to verify the user rights assignments with the respective application owner and, if not not documented properly, test it in a
test environment upfront rolling it out completely.
HOW TO VERIFY
User Rights Assignments can be configured via GPO as well as locally, making it difficult to conclusively check the issue
up front. If one uses the Enforce Administrator for hardening, then one can match the settings with GPOs when creating
the hardening and at least check this way conclusively. To check locally configured settings, one could run a script
like this on all systems and check the output.
SMBv1
NTLM v1
Client
challenges
Attack surface
reduction rules
LDAP signing /
channel binding
User rights
assignment
37. 37 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE
Attack Surface Reduction is a fairly new feature of Windows Defender. It is supposed to help prevent cyber attacks.
HOW TO SOLVE
To be on the safe side, it is advisable to first configure the rules in audit mode, check the messages in the event viewer and only
when all problems have been solved, switch the rules to block mode.
The common curing standards do not call for all ASR Rules to be turned on, however, we think it is a good idea, even if it is a
little more work.
SMBv1
NTLM v1
Client
challenges
LDAP signing /
channel binding
User rights
assignment
Attack surface
reduction rules
38. 38 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE 1 - APPLICATIONS AND UNC PATHS
Applications are often placed on network shares and launched from there
via a UNC path to simplify application updates. After applying the Security
Baseline for Windows in such cases, you may receive a popup with the
security warning: “The publisher could not be verified. Are you sure you
want to run the software”. By clicking Run, the user can still launch the
application.
SMBv1 NTLM v1
LDAP signing /
channel binding
User rights
assignment
Attack surface
reduction rules
Client
challenges
39. 39 TEAL Technology Consulting GmbH
19.04.2023
HOW TO SOLVE
This error message is annoying for the user but can be disabled by adding the UNC path
to the Intranet Zone file. For this purpose, there is a so-called Site to Zone Mapping which
is stored in the registry (the mapping can be set for the whole system or for the user):
• HKLMSOFTWAREPoliciesMicrosoftWindowsCurrentVersionInternet
SettingsZoneMap
• HKCUSOFTWAREPoliciesMicrosoftWindowsCurrentVersionInternet
SettingsZoneMapKey
Both settings can also be configured via Group Policy configure:
• Computer Configuration > Administrative Templates > Windows Components >
Internet Explorer > Internet Control Panel > Security Page
• User Configuration > Administrative Templates > Windows Components >
Internet Explorer > Internet Control Panel > Security Page
The name of the server is entered there, e.g., file://myserver1 with a value of 2, which
stands for the intranet zone.
SMBv1 NTLM v1
LDAP signing /
channel binding
User rights
assignment
Attack surface
reduction rules
Client
challenges
40. 40 TEAL Technology Consulting GmbH
19.04.2023
CHALLENGE 2 – OFFICE FILE FORMAT
A recurring theme in client hardening is the handling of older Office formats.
The Microsoft 365 Apps for Enterprise Baseline and the CIS Microsoft Office
Excel Benchmark are quite restrictive and disable all older Office formats.
This affects all old binary formats of the Office version older than 2007,
before Office had introduced modern file formats based on XML. Most
companies still use older Office formats at least in some areas and therefore
have to soften the Microsoft baseline again in this area.
SMBv1 NTLM v1
LDAP signing /
channel binding
User rights
assignment
Attack surface
reduction rules
Client
challenges
41. 41 TEAL Technology Consulting GmbH
19.04.2023
HOW TO SOLVE
Verify which old office templates exists which cannot be renewed….
Unblock excel version via GPO
User Configuration > Administrative Templates > Microsoft Excel 2016 > Excel Options > Security
> Trust Center > File Block Settings > Excel 97-2003 workbooks and templates.
We provide here a small script that searches a certain directory incl. subdirectories for files with the
extension . xls and determines the exact version. However, the script must open the file, so it must
only be applied to trusted files, because macro code may be executed when the file is opened, and
macros that start automatically and display a dialog box, for example, must be clicked away
manually.
After knowing which file formats are available, it should first be checked to what extent the older file
formats can be converted into the current XML-based file formats of Office. Here, it should be
checked whether there are applications that process these documents automatically (e.g.
automated scanning and / or OCR software) and only support the old format.
SMBv1 NTLM v1
LDAP signing /
channel binding
User rights
assignment
Attack surface
reduction rules
Client
challenges
43. Contact us for more information
FB Pro and TEAL
43 TEAL Technology Consulting GmbH
19.04.2023
INFO PAGE
https://aktionen.teal-consulting.de/
enforce-suite/
CONTACT US
E-Mail: info@teal-consulting.de
Phone: 0211/93675225
Vorgefertigte für Fragen & Antworten:
* Wir haben schon Hardening. Windows Update und die Firewall sind aktiviert und auch der PrintSpooler ist ausgeschaltet. Was bringt ihr noch mehr?
-> Hardening ist nicht unbedingt Hardening
-> Bei vielen Kunden beschränkt sich Hardening auf das Setzen von 20 oder 30 Einstellungen
-> Wir reden über mehrere hundert Einstellungen, angelehnt an industrieerprobte Frameworks und regelmäßig kontrolliert
-> In Ausnahmefällen (und nach mehreren Iterationen) erreichen wir bei Kunden auch über 1000 Einstellungen
-> Für den Einstieg bieten wir aber auch Standard-Pakete, die ohne viel Impact direkt anwendbar sind
* Warum macht ihr Hardening über ein Tool? Es geht doch auch per GPO!
-> Stimmt. Aber aus unserer fehlen wichtige Features für das Magagemtn, die Kontrolle und die Prozessintegration von Sicherheitsrelevanten Einstellungen. Folgend ein paar Beispiele:
-> Kein Monitoring - wenn jemand (bewusst/unbewusst) Einstellungen ändert, kriegt das doch keiner mit.
-> Keine Prozess-Integration. Falls ein Rechnern "non-Compliant" wird, wird per GPO kein Ticket erstellt oder die IT-/der Systemverantworltiche informiert.
-> Kein Backup-/Restore. Werden x hundert Einstellungen auf einem System per GPO falsch gesetzt fehlt ein Restore-Mechanismus. Handarbeit ist angesagt. Im Zeitalter von Fachkräftemangel kann jeder selbst entscheiden, ob man wertvolle Ressourcen hierfür einsetzen will.
* Warum überhaupt ein Hardening-Tool? Jedes Configuration Management kann das doch technisch?
-> Korrekt. Man kann technisch alles über Tools verteilen.
-> Wir konzentrieren uns sehr klar auf Hardening und bieten hier diverse Funktionalitäten, um schneller ans Ziel zu kommen. Standard-Pakete, die Möglichkeit zum Verschmelzen von Hardening-Vorgaben, individuelle Web-basierte Konfigurationsoptionen, etc.
* Bietet ihr auch „Managed Services“?
-> Klar, bieten wir auch. Unsere Kunden nutzen uns als verlängerte Werkbank vollständig integriert in eigene Prozesse.
-> SLAs regeln Verfügbarkeiten und wir kümmern uns um alle Fragen rund um das Thema Systemhärtung.
Wofür brauchen wir Hardening, wir haben doch schon SIEM / SOC / Antivirus / EDR / IPS / IDS / Firewall / Zonentrennung / Vulnerability Scanner / Quarantänenetze
Bezüglich Detection and Response: Hardening setzt eine, bzw. zwei Stufen früher an und sorgt dafür, Angreifern eine möglichst geringe Angriffsfläche zu bieten. Dadurch werden gängige Angriffsmethoden bereits im Vorfeld unmöglich gemacht, oder stark erschwert. Dies vereinfacht im Umkehrschluss das Aufkommen möglcher Security-Incidents und Schwachstellen und entlastet damit Einheiten wie SOC, CDC und Vulnerability Scanning teams und letztendlich auch der Betriebseinheiten, die dadurch weniger manuelle Konfigurationstätigkeiten zur Absicherung der eigenen Systeme haben.
Dann gibt es noch die Compliance-Sicht, die in Richtung geltender Regularien abzielt (ISO 27001:2022; BAIT, VAIT, etc. Pp); Notwendigkeit für eine Risikokalkulation auf deren Basis z.B. Cyber-Risk-Versicherungen abgeschlossen werden können, bzw. Bestehende Versicherungen erhalten werden können, da die Gefahr besteht, dass der Versicherer aufgrund nicht kalkulierbarer Risiken die Versicherung kündigt, oder im Schadenfall nicht oder nur teilweise auszahlt.
Wir haben bereits erste Erfahrungen mit Systemhärtung gemacht (entweder manuell oder mit existierenden Frameworks), diese waren eher negativer Natur. Nach der Härtung funktionierte Service X nicht mehr, Funktion Y lief anders als bisher oder gar nicht mehr.
Härtung muss nach Maß und unter Berücksichtigung der Zielsysteme, Infrastruktur und Business-Services durchgeführt werden. Hierfür ist tiefes technisches Know-How und viel Zeit nötig.
Um dies zu vereinfachen haben wir Templates erarbeitet, die eine Härtung über drei Stufen ermöglicht. So kann über mehrere Iterationen ein immer höherer Sicherheitsstandard erriecht werden. Zusätzlich gibt es die Möglichkeit für eine individualisierte Härtung im Consulting-Ansatz. Das Endergebnis bei letzterem ist ein maßgeschneidertes Paket inklusive Dokumentation.
Wir haben eine IT Abteilung, die kann das Thema Härtung umsetzen
Härtung ist ein Prozess in dem ein großen Spektrum an Einstellungen aktiviert oder deaktiviert werden. Dieses können z.B. Registry Einträge oder Windows-Features sowie „Bitte ergänzen„ sein.
Teilweise beeinflussen sich die Einstellungen gegenseitig oder es existieren Abhängigkeiten, die nur gemeinsam das gewünschte Ergebnis ergeben.
Durch unsere geprüften und langjährig ausgebarbeiteten Härtungskonfigurationen in denen diese Abhängigkeiten inkludiert sind, ist es erst möglich die gewünschten Ergebnisse schnell umzusetzen und ein funktionierendes gehärtetes System bereitstellen zu können.
Eine IT-Abteilung ohne langjähriges Wissen im Bereich Hardening wird nicht erfolgreich sein. Das Projekt Hardening wird aus unserer Erfahrung aus Recourchen gründen und nach einigen Fehlschlägen wieder eingestampft.
Durch den EA ist eine einfache und sicher Härtung nach Standards zur Erfüllung unterschiedlichster Normen möglich.