My blog has moved and can now be found at http://blog.aniljohn.com

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

Wednesday, March 24, 2004
« Implications of Fully Trusted Code | Main | Secure Remote Access »

Courtesy of the SBS Diva (Susan Bradley) :-)

--CIS BENCHMARK (v1.1.3) FOR WINDOWS XP PROFESSIONAL--

The Benchmark contains four levels of technical control settings for Windows XP Professional, enabling users to choose the consensus security configurations most appropriate for their particular environments.

The four levels are: 

LEGACY: Designed for XP systems that need to operate with older systems such as Windows NT, or in environments where older third party applications are required. The settings will not affect the function or performance of the OS, or the applications running on it.

ENTERPRISE STANDALONE: Designed for XP Professional systems operating in a managed environment where interoperability with legacy systems is not required. It assumes that all operating systems within the enterprise are Windows 2000 or later, therefore able to use all possible security features available within those systems.  In such environments, these Enterprise settings are not likely to affect the function or performance of the OS.  However, one should carefully consider the possible impact to software applications when applying
these recommended XP technical controls. 

ENTERPRISE LAPTOP: Nearly identical to the Enterprise Standalone settings, but with modifications appropriate for mobile users whose systems must operate both on and away from the corporate network. In environments where all systems are Windows 2000 or later, these Enterprise settings are not likely to affect the function or performance of the OS.  However, one should carefully consider the possible impact to software applications
when applying these recommended XP Professional technical controls. 

HIGH: Designed for XP Professional systems where security and integrity are the highest priority, even at the expense of functionality, performance, and interoperability. Therefore, each setting should be considered carefully and only applied by an experienced administrator who has a thorough understanding of the potential impact of each setting or action in a particular environment.

The XP Professional Benchmark was developed via consensus among CIS members, with participation by Microsoft.  The names assigned to the four security levels are consistent with the names assigned to security configuration guidance distributed by Microsoft. 

The Center for Internet Security (CIS) is a non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls.

Download and more Info @  http://www.cisecurity.org/

Tags:: Security
3/24/2004 5:25 PM Eastern Standard Time  |  Comments [0]  |  Disclaimer  |  Permalink   
Comments are closed.