Basic IIS lockdown using scripts and group policy
Microsoft Active Directory and Group Policy have a feature-rich set of tools and processes to help save an administrator time and energy in maintaining security within the domain. Locking down a server requires many steps to complete, and depending on the extent to which the server is locked down, it can take up to several hours. This paper is primarily written for system administrators who want to make their life managing IIS easier using scripts with Active Directory and Group Policy.
Suppose your company needs you to set up an IIS server, possibly in a DMZ. Being security conscious, you want to implement all of the recommended procedures set forth by Microsoft. Oh and by the way, you also need that server built yesterday. As with anything else, business moves at blistering speeds. Often no thought is given to security because no time is allotted for it. This is where Active Directory and a little ingenuity can come in handy.
[ Read more ]