It seems that most of the Windows enhancement suggestions will help you ensure Windows security in the NT domain name or Active Directory. How can we ensure the security of P2P Windows networks? There are many networks that use Windows workstations without central servers. This type of network is common in Small departments of small enterprises or large enterprises. This configuration may be somewhat different, but it does not mean that there is no unified security vulnerability, nor does it mean that the data stored here is not as important as the data stored in large settings.
I used to manage P2P Windows networks for 10 years. The following describes how to ensure the security of the system in the network:
1. A Local Security Policy is required.
It is important to enhance the system security of each individual. Because there is no group policy in this setting, you must rely on the Windows Local Security Policy. You can access your Local Security Policy settings through the Window Control Panel or by running secpol. msc or secpol. msc.
Remember, the key settings you need to do include: to enable audit failure events, you must use Ctrl + Alt + Del to log on, create a password policy, and enable text messages for users who attempt to log on, when a user logs on, he/she informs the user of acceptable usage policies and does not display the name of the last user.
2. Share approval required
In a P2P environment, you also need to notify everyone on the network about sharing. If this is not done, remember the minimum rules and set up a shared license so that users can browse and see what they are allowed to see.
3. File license is very important
In accordance with the same principle of shared approval, file licenses must be established in each local system to ensure that only authorized persons can open, modify, and delete files.
4. Encrypt offline files
In P2P environments, Windows offline file encryption is common, especially for mobile users. If you use this feature, make sure to use these Windows guide to encrypt your files. It is best to use the PGP Desktop Professional edition or SecureStar DriveCrypt encryption software to partially or fully encrypt the hard disk to ensure the security of your mobile data.
5. Evaluate your network security
Regular assessment of your P2P network security is also very important. Make sure to keep the following in mind during the evaluation:
· Implements Local Security Policy consistency check for each system. This check can be completed with free and commercial software tools. These tools include Foundstone's SuperScan and GFI's network security scanner.
· Check that the account does not belong to all the local user accounts of each system.
· Confirm that your sharing and file license settings for various systems are appropriate.
· Search for folders and hard disks that should not be shared or folders and hard disks that should not exist. This is especially common in P2P networks. In a P2P network, hard disks and folders are shared normally.
· No matter what tool you use, during the test, make sure that you perform an authenticated scan (Log On As a standard user, Administrator, or both) and unauthenticated scans (only using zero-Session connections without logon ). This helps you understand the real status of the network, where the configuration is wrong, and what the undisciplined internal staff or external hackers can see in your system.
Implementing security policies in a P2P environment is very difficult. However, this task still needs to be done. Use the Windows Control Method as much as possible to reject hackers and maintain user connection. Regular Tests based on basic and effective security tests will help ensure the security of your organization's P2P network.
Skynet