Building the Ultimate Active Directory Domain Controller Security Environment

Webinar Registration

We recently discussed the Red Forest concept as one of the latest trends in Active Directory security thinking which addresses some of the leading risks to infosec today. But what if you could start from scratch and build out a perfect domain controller hosting environment based on

up-to-date understanding of Windows security and Active Directory risks including

SID filtering flaw and its impact on domain security boundaries
Pass-the-hash and golden tickets

latest hardware and platform security technology like

Secure boot
TPM
Secure virtualization

Best practices such as

Privileged Access Workstations
2-Factor authentication
Clean source
Secure admin enclave (aka Red Forest)
Read-only domain controllers (or compensating controls)

What would it look like? And how close can you migrate your current environment to that golden standard?

In this real training for free ™ webinar we will discuss the ultimate up-to-date hardened Active Directory environment. And we mean a modern environment – one that leverages virtualization but does it securely. How do you securely host domain controllers as virtual machines? We will discuss risks that are often swept under the rug. In a virtual or physical DC situation you have a lot of people who can compromise AD. Besides Domain Admins, we’re talking about anyone with access to

	Physical DCs	Virtual DCs
vCenter or whatever virtualization management solution you use. Includes not just the vCenter application but all the other layers in the stack · Operating system · Database		?
Virtual console access and virtual removable media/usb		?
IPMI/ILO	?	?
Backups of the domain controller	?	?
Physical access to server hardware	?	?
Anyone who · Can exploit a remote vulnerability on the server or admin workstation · Can send an email that is opened on the admin workstation · Owns or can hack a website that downloads content on the admin workstation	?	?

Let's see what it takes to deal with all of that. You can basically break the necessary steps into 4 areas:

Active Directory hygiene
Secure admin environment
Protect domain controllers
Secure admin forest (related to "red forest")

Helping me with this real training for free ™ event is Russell Rice from our sponsor, Skyport Systems and Allen Brokken from Ascent Solutions, who will briefly show you their hyper-secure infrastructure and discuss Skyport System's free Active Directory security assessment service.

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Country:	Required
State:	Required
Employees:	Required
Company Name :	RequiredRequired
Job Title:	RequiredRequired
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.