Table of Contents
Advertisement
5 Configuration
5.11 System Administration
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated
routes
MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name
release requests except from WINS servers
Network access: Allow anonymous SID/Name translation
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and
shares
Network access: Do not allow storage of passwords and credentials for network
authentication
Network access: Let Everyone permissions apply to anonymous users
Network access: Restrict anonymous access to Named Pipes and Shares
Network access: Sharing and security model for local accounts
Network security: Allow Local System to use computer identity for NTLM
Network security: Allow LocalSystem NULL session fallback
Network Security: Allow PKU2U authentication requests to this computer to use
online identities
Network Security: Configure encryption types allowed for Kerberos
Network security: LAN Manager authentication level
Network security: Do not store LAN Manager hash value on next password
change
Network security: Force logoff when logon hours expire
Network security: LDAP client signing requirements
Network security: Minimum session security for NTLM SSP based (including
secure RPC) clients
92 / 192
Policy
Instructions for Use
CLARUS® 500
Setting
Disabled
Enabled
Disabled
Enabled
Enabled
Enabled
Disabled
Enabled
Classic - local
users authen-
ticate as
themselves
Enabled
Disabled
Disabled
RC4\AES128\AES25
6\Future types
Send NTLMv2
response only.
Refuse LM & NTLM
Enabled
Disabled
Negotiate
signing
Require NTLMv2
session
security,
Require 128-bit
encryption
2660021171806 Rev. A 2019-01
Advertisement
Table of Contents
Troubleshooting
