Manualshelf

SBM powered by Microsoft Lync™ Administrator's Guide 2011-11

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
231232233234235236237238239240
B-7
HP SBM Security Hardening
Security Hardening at the SBM Factory Default Settings
Policy path (no registry setting):
Computer Configuration\Windows Settings\Security
Settings\Account Policies\Account Lockout Policy
Account lockout duration
= 15 minutes
Account lockout
threshold = 5 invalid
attempts
Reset lockout counter
after = 15 minutes
Policy path (no registry setting):
Computer Configuration\Windows Settings\Security
Settings\Account Policies\Password Policy
Enforce password
history = 24 passwords
remembered
Maximum password age
= 60 days
Policy path (no registry setting):
Computer Configuration\Windows Settings\Security
Settings\Local Policies\Security Options
Account
Rename administrator
account = SBMAdmin
Rename guest
account =
Renamed_Guest
Policy path (no registry setting):
Computer Configuration\Windows Settings\Security
Settings\Local Policies\Security Options
Network security
Force logoff when logon
hours expire = Enabled
Policy path (no registry setting):
Computer Configuration\Windows Settings\Security
Settings\Local Policies\User Rights Assignment
Deny access to this
computer from the
network = Guests
Deny log on as a batch
job = Guests
Deny log on locally =
Guests
Deny log on through
Remote Desktop
Services = Guests
Increase a process
working set =
Administrators, Local
Services
The remaining settings have a related registry path but are generally configured in this local
security policy: Computer Configuration\Windows Settings\Security Settings\Local
Policies\Security Options.
In addition to the registry setting, the left column also displays the related parameter in this
policy.
HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\AllocateCDRoms
Policy setting:
Devices: Restrict CD-ROM access to locally logged-on user only
Disabled