Microsoft Systems Security

Enterprise infrastructure heavily relies on Microsoft systems - ranging from Active Directory, IIS Web Services, Exchange, SQL Database Server to Sharepoint. These critical systems run on Microsoft Windows Server Operating System of different flavours and versions which often have a plethora of applications installed. Managing systems security at not only the Operating System level but also application level is paramount to ensure security threats are minimized and vulnerabilities are locked down.

Ensuring secure authentication and authorization, logging privileged account and monitoring their activity, ensuring operating systems are patched to fix potential vulnerabilities and exploits whilst ensuring Microsoft systems are meeting the minimum security baseline compliance are all important aspects to consider when planning on building a secure Microsoft systems security eco-system.

DTS Professional Services can provide advance consulting services to develop a security framework for Microsoft Systems that integrates into Configuration Configuration, Configuration Management, Vulnerability Management and SIEM solution domains.

Security Considerations....

DTS Solution assist organizations to build a complete security framework to manage their Microsoft infrastructure asset. It is important the following security elements are taken into consideration when designing and developing such a framework;

  • Microsoft Security Baseline Analyzer
  • Microsoft Systems Security Audit Log Management
  • Microsoft System Change Management
  • Microsoft Systems OS Patch and Vulnerability Management
  • Microsoft System Authentication and Authorization
  • Microsoft System Anti-Virus, Application Whitelisting and Reflective Memory Analysis
  • Microsoft System Software;
    • Active Directory
      • Monitoring GPO change
      • Privileged Account Monitoring
      • User Login and Logout Activity Monitoring
      • DHCP and DNS Logs
      • Audit Logging
    • Exchange
      • Admin Audit Logging
      • Mailbox Audit Logging
  • Microsoft System Security Compliance and Continuous Monitoring

Microsoft Security Compliance Manager

Microsoft Security Compliance Manager Dubai AbuDhabi UAE Saudi Qatar

Microsoft Security Baseline Analyzer (MSBA)

Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IIS web server, and products Microsoft SQL Server, and Microsoft Office macro settings. Security updates are determined by the current version of MBSA using the Windows Update Agent present on Windows computers since Windows 2000 Service Pack 3. The less-secure settings, often called Vulnerability Assessment (VA) checks, are assessed based on a hard-coded set of registry and file checks. An example of a VA might be that permissions for one of the directories in the /www/root folder of IIS could be set at too low a level, allowing unwanted modification of files from outsiders.