Set Event Viewer History; Remove Any File Shares - Cisco TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0 Configuration Manual

Policy
System cryptography: Force strong key
protection for user keys stored on the computer
System cryptography: Use FIPS compliant
algorithms for encryption, hashing, and signing
System objects: Default owner for objects
created by members of the Administrators group
System objects: Require case insensitivity for
non-Windows subsystems
System objects: Strengthen default permissions
of internal system objects (e.g. Symbolic Links)
System settings: Optional subsystems
System settings: Use Certificate Rules on
Windows Executables for Software Restriction
Policies

Set event viewer history

The Event Viewer is logging events on the server, such as login attempts and changes to policies. The
Event Viewer is found under Start > Control Panel > Administrative Tools > Event Viewer. Specific
events related to Cisco TMS are found under the TANDBERG folder. For each of the event types, the
log files should be set to retain informative amounts of data, but they must be limited to prevent
attacks from filling up the disk.
1. To set the size of the log file, right-click each event type.
2. Select Properties.
3. Set the Maximum log size to 131072 KB.
4. Select Overwrite events as needed.

Remove any file shares

1. Go to Windows Start > Control Panel > Administrative Tools > Computer Management.
2. Expand System Tools and Shared Folders and select Shares. Under Shares several hidden
shares are set up by default.
3. Remove all except the IPC$ share. If you have
no shares will be available.
Windows Server creates, by default, administrative shares of your local drives during startup. As soon
as the Server service is started these shares are activated, so in order to remove the shares a registry
key must be created. To do this, create the following key in the Registry Editor:
1. Go to Start > Run and type 'regedit'. This will open the Registry Editor.
2. Browse to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
3. Right-click in the left-hand side of the window
4. Select New>DWORD value.
5
You may enable this setting. The consequence of enabling it is that you need version 5.2 of the
Remote Desktop client (XP comes with 5.1) to remotely administrate the server, and you need to
enable TLS 1.0 in your browser for SSL access.
Cisco TMS Secure Server Configuration Guide 13.0
Securing Windows Server 2003 tasks
Security Setting
User must enter a password each time they use a
key
Disabled
5
Object creator
Enabled
Enabled
Enabled
disabled the Server service in the previous steps,
Page 27 of 34