Versions Compared

Old Version 7

changes.mady.by.user Terrence S Miller

Saved on

compared with

New Version Current

changes.mady.by.user Liz Reagan Jones

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The baseline security settings are implemented by Active Directory Group Policies. Settings are implemented in the following Group Policy Objects (GPO):

Windows 10

  • EUC PaaS Workstation Admins
  • EUC PaaS Windows - NTFS Enable Last Access Time10 - Core Security Settings Base
  • EUC Windows 10 - Core Security Settings 1607 Base- Firewall Settings - Prod
  • EUC Windows Legacy LAPS Configurations
  • EUC Windows MBAM 2.5 SP1 Client Settings

Windows 11

  • EUC PaaS Workstation Admins
  • EUC Windows 11 - Baseline Computer Security
  • EUC Windows 10 - Firewall Settings 1607- Prod
  • EUC Windows Legacy LAPS Configurations
  • EUC Windows MBAM 2.5 SP1 Client Settings

Virtual Private Network (VPN)

The Windows PaaS product provides provides secure network capabilities via two different VPN technologies, Microsoft DirectAccess and Cisco AnyConnect VPN.Microsoft DirectAccess the Cisco Management Tunnel.

The Cisco Management Tunnel is an always-on VPN that provides connectivity to organization network resources without the need for traditional Virtual Private Network (VPN) connections. More information about the DirectAccess Cisco Management Tunnel implementation in Windows PaaS is available in the MiWorkspace DirectAccess MiWorkspace Cisco Management Tunnel Overview document.

The Cisco AnyConnect VPN Client is available for deployment to also available on Windows PaaS computers. The client provides connection to thethe ITS Cisco VPN Service. More information about the Cisco AnyConnect VPN Client implememation implementation in Windows PaaS is available in the MiWorkspace Cisco AnyConnect Overview document.

BitLocker Drive Encryption

The hard drives of all laptop computers using the Windows PaaS solution are automatically encrypted using BitLocker. Hard drives on desktop computers may be opted-in to BitLocker drive encryption. Bitlocker BitLocker drive encryption is deployed and managed using the Microsoft BitLocker Administration and Monitoring (MBAM) product. The MBAM product provides automated deployment of encryption policies and provides simplified management of recovery keys. More information about the BitLocker implementation is Windows PaaS is available in the MiWorkspace BitLocker Overview document.

...