Table of Contents
Advertisement
McAfee® Network Security Platform 6.0
Disabling non-required Services
Disable the following services.
Setting System Policies
Ensure to set the following system policies:
Setting User Policies
Ensure to set the following user policies:
Setting a Desktop Firewall
It is recommended that a desktop firewall operates on the Manager server. The following
ports are required for Manager-Sensor communication.
Note:
Vulnerability Manager.
DHCP Client
FTP
Print spooler
Remote access auto connection manager
Remote procedure call locator
Remote registry
Server
TCP/IP NetBIOS helper service
Telephony service.
Note:
Enable these services only if it is absolutely required.
Implement the System key and strong encryption of the password database by
running SYSKEY.EXE
Use Microsoft security compliance toolkit or set local security policy
Display legal notice at during interactive logon window.
Do not display username that was earlier used to login.
Disable Posix
Clear virtual memory page file during shutdown
Disable autorun
Disable LMHOSTS lookup while setting the advanced TCP/IP settings.
Rename the administrator account.
Disable guest account .
Passwords should be at least 8 ASCII characters.
Enable locking of screensaver.
Ensure that there are no other open ports using a scanning tool such as
Hardening the Manager Server for Windows 2008
11
Advertisement
Table of Contents
Troubleshooting
