Identified new local policy settings to meet the 2016 CIS benchmarks.
Created new a hardening process with new local policies and new FIM rules.
Added ability for Windows Defender to be installed and configured from BeyondTrust Updater as well as receive updates from BeyondTrust Updater.
Set Windows Event Logs retention policy and archiving.
Updated protection to be provided by Windows Defender and PowerBroker for Windows.
Configured PowerBroker for Windows events data from the Notifications page to be sent to BeyondInsight.
Modified PowerBroker for Windows policies to allow SQL Server service shutdowns.
Updated PowerBroker for Windows to push updates to the default policy for all UVM appliances.
Updated the firewall listing and included the list as a part of the hardening process.
Edited the Windows Firewall configuration to allow inbound port 2383 on UVM’s with SQL Server.
New appliances will ship with this image starting May 2019.
BeyondTrust is the worldwide leader in intelligent identity and access security, enabling organizations to protect identities, stop threats, and deliver dynamic access. We offer the only platform with both intelligent identity threat detection and a privilege control plane that delivers zero-trust based least privilege to shrink your attack surface and eliminate security blind spots.