Allgemein

How to update Security Baselines to new versions?

  1. Import the Baselines into your AD by using the contained script.
  2. Open two Group Policy Management Consoles
  3. Open on the old version on the left
  4. Open the new version on the right
  5. Set the same WMI-filter, if used, to the new GPO (important to avoid wrong linkages)
  6. Link new GPOs to the same locations like the old
  7. Delete link to old GPOs
  8. Monitor your environment for changes / Read Security Baseline for changes in settings (they are documented)

Exceptions

  • Do NOT in production environments:
    • Change BLOCK for MS Edge in Application Control Policies – exception policy doesn’t work because WDAC applies deny first and allow will not help

Eine Antwort schreiben

Ihre E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

eins × zwei =