Manualshelf

HP Survivable Branch Communication zl Module powered by Microsoft Lync Planning and Design Guide 2011-02

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
81828384858687888990
2-47
Design Considerations
Planning Security
Table 2-23 displays settings that might cause problems if they are imple-
mented. You should carefully consider whether to implement these policies
or not.
HKLM\System\CurrentControlSet\Control\Lsa\DisableD
omainCreds
Policy setting:
Network access: Do not allow storage of passwords and
credentials for network authentication
Enabled
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgor
ithmPolicy
Policy setting:
System cryptography: Use FIPS compliant algorithms for
encryption, hashing, and signing
Enabled
HKLM\System\CurrentControlSet\Control\Lsa\SCENoAp
plyLegacyAuditPolicy
Policy setting:
Audit: Force audit policy subcategory settings (Windows
Vista or later) to override audit policy category settings
Enabled
HKLM\System\CurrentControlSet\Services\LanManSer
ver\Parameters\SMBServerNameHardeningLevel
Policy setting:
Microsoft network server: Server SPN target name
validation level
Accept if provided by client
HKLM\SOFTWARE\Policies\Microsoft\Windows
NT\Terminal Services\DenyTSConnections
Disabled
Setting’s Registry Path or Policy Path Windows 7 USGCB
Recommended Setting