Use MMC to enhance Windows Desktop Security

Source: Internet
Author: User
Tags microsoft website

Desktop Security does not only mean that anti-virus software and firewall are installed, but also needs to be continuously strengthened. Desktop Security is an important part of the multi-layer defense system and is indispensable. However, it is not easy to implement security enhancement tasks. Employees in many organizations have great freedom to install their favorite software on their computers. Furthermore, in some large enterprises, users in different business departments can install various applications not supported by the organization. This application environment has become part of the business process, although these applications have never been part of the design cycle. In this case, how to enhance Desktop Security becomes one of the most difficult problems in the defense system. Of course, we still have a lot of options. For example, we can purchase commercial products to manage desktops, use the group policies of active directories, or simply use local security policies to protect hosts.

1. Manual Operation settings

The requirements of the Organization restrict or affect the security methods used. However, most enterprises need a centralized management solution to complete this task. So, we should start from manually locking and protecting a workstation. 1.

498) this. style. width = 498; "border = 0>
Figure 1
We can see that when defining a local security policy, we need to set the following aspects: account policy, local policy, Event Log, restricted group, system service, registry, and file system. With a runable enhancement image, we can deploy it across the entire enterprise. However, we must ensure that the basic images cannot conflict with the applications supported by the enterprise. Next, let's go to the MMC (Microsoft console. Click Start/run, type MMC in the run box, and press Enter. Obtain the blank MMC template 2.
498) this. style. width = 498; "border = 0>
Figure 2
Click the "Add/delete snap-in" command under the "file" menu, as shown in 3.
498) this. style. width = 498; "border = 0>
Figure 3

Open the window shown in the following 4:

498) this. style. width = 498; "border = 0>
Figure 4
Click "add" in this window. The window shown in 5 is displayed.

498) this. style. width = 498; "border = 0>
Figure 5
Find the "Security Configuration and analysis" option from the available independent units, click the "add" button, click the "close" button, and then click the "OK" button. The window shown in the next 6 is displayed.
498) this. style. width = 498; "border = 0>
Figure 6
Next we need to create a database. Right-click "Security Configuration and analysis" on the left of the window shown, and select "Open Database ". 7.
498) this. style. width = 498; "border = 0>
Figure 7
In the "Open Database window" shown in the following 8, enter the Database Name and click "open ":
498) this. style. width = 498; "border = 0>
Figure 8

Ii. templated operations

You will notice some templates. The Microsoft website has some information about the content provided by these templates. However, you must select a workstation template instead of a server template. The workstation template file name ends with "ws" (not an extension ). 9.

498) this. style. width = 498; "border = 0>
Figure 9
Users can also get pre-defined templates from the Internet Security Center, or from other organizations. However, it is best to strictly review things of others, before using each template, you must be clear about its security settings. Click the "operations" menu and select the "analyze computer now" command, as shown in 10.
498) this. style. width = 498; "border = 0>
Figure 10
To modify a setting, double-click the item in the right pane. The "properties" window is displayed, as shown in Figure 11.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.