Network Security Templates
This article will guide you through the steps required to create, customize, and apply Windows Network Security Templates to your servers or client computers. Windows Security Templates are predefined by Microsoft and are start point for securing your network.
We will create the Security Templates snap-in. using Microsoft Management Console (MMC) and customize some of the security options.
Define Microsoft Manangemnt Consle MMC for Security templates:
1. Click the Start -> Run.
2. Type MMC into the text box and click the OK. MMC console opens up.
3. Select File from the menu and click on Add-Remove snap-in menu option.
4. Click the Add button.
5. Select Security Templates from the Snap-ins list, then click the Add button.
6. Click the Close button, then click OK.
7. Expand the Security Templates, then expand the C:WindowsSecurityTemplates to see the list of security templates available. (Assuming C: is your system drive letter).
8. To view the description of each template, select the template and right click then click Set Description.
Create and customize template from predefined windows security template
You can create a new customized windows security template from the defined windows security template.
To do this, follow these steps:
1. Right click the preffered template and click Save as.
2. Type a new name for this template and click on Save.
3. Go through each section of the new template and customize the security options as required.
Compare the computer security settings to prefined template.
You can compare your security settings to predefined templates using Security Configration and Anaysis Snap-in.
To compare the a computer security settings to a Windows Secruty Template, follow these steps,
1. In the MMC console that was already opened, select File from the menu and click on Add-Remove snap-in.
2. Click the Add button.
3. Select Security Configuration and Analysis from the Snap-ins list, then click the Add button.
4. Click the Close button, then click OK.
5. Right click “Security Configration and Analysis” and then click on Open Database.
6. Type a file name for the database and click Open. List of templates will pop up.
7. Select the template to compare with your computer security settings, select the “Clear this database before importing” and click Open.
8. In the MMC console, right click “Security Configration and Analysis” and click on “Analyze Computer Now”.
9. Select the log location and click Ok.
10. Expand “Security Configration and Analysis” tree and view the settings that do not match. Each security object that do no match will have red X mark. Undefined security settings will show question mark or say “Not Analyzed”.
Configure the computer for the analyzed template
To configure and apply the settings of the template. Right click “Security Configration and Analysis” and then click on Configure Now.
Create a New Windows Security Template
You can create a new windows security template with no settings defined and customize it as desired.
To do this, follow these steps:
1. Right click C:WindowsSecurityTemplates and then click New Template. (Assuming C: is your system drive letter).
2. Type the name and the description of the template and then click Ok. (Creates empty security settings).
3. Go through each section of the new template and define the preffered security options.
Deploy Security Template through Group Policy Object (GPO)
Once you configure and define all the security options for your template, the next step is to deploy to all computers that you need to apply to this new policy settings.
To do this, follow these steps;
1. Create a shared folder that contain the defined template.
2. On your network management computer, click Start -> All Programs -> Administrative Tools -> Active Directory Users & Computers.
3. Create an Organizational Unit (OU) for computers that you need to assign the GPO.
4. Right click the OU and click on Properties.
5. Click on the Group Policy tab click New to create new group policy object.
6. Name the group policy and click the Edit button.
7. Expand Windows Settings and select and right click Security Settings.
8. Click Import.
9. Browse and select the security template.
10. Exit out the Active Directory.Publisher: abdirahman isse