Identified new local policy settings to meet the 2016 CIS benchmarks.
Created new a hardening process with new local policies and new FIM rules.
Added ability for Windows Defender to be installed and configured from BeyondTrust Updater as well as receive updates from BeyondTrust Updater.
Set Windows Event Logs retention policy and archiving.
Updated protection to be provided by Windows Defender and PowerBroker for Windows.
Configured PowerBroker for Windows events data from the Notifications page to be sent to BeyondInsight.
Modified PowerBroker for Windows policies to allow SQL Server service shutdowns.
Updated PowerBroker for Windows to push updates to the default policy for all UVM appliances.
Updated the firewall listing and included the list as a part of the hardening process.
Edited the Windows Firewall configuration to allow inbound port 2383 on UVM’s with SQL Server.
New appliances will ship with this image starting May 2019.
BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering companies to secure and manage their entire universe of privileges. The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance.