IT Infrastructure health checkup
-
@coliver Thanks. That one looks pretty slick.
-
-
Lets assume this is a one time job for a client, I would assume the tools would be:
BPA for the corresponding MS product
Lynis for Linux security Audit
For exchange, points mentioned by @Breffni-Potter
AD- tools suggested by @thecreativeone91
OpenVAS or Nexpose or Nessus or GFI Languard
MBSA
Sydi for network documentationNot sure on a one time audit, if we can use some sort of log management
-
Yes you have to check logs for a one time audit, otherwise what's the point?
If the DC is screaming about an easily preventable group policy conflict, how will you pick that up apart from logs?
-
@Breffni-Potter said:
Yes you have to check logs for a one time audit, otherwise what's the point?
If the DC is screaming about an easily preventable group policy conflict, how will you pick that up apart from logs?
Automation can still be done on the logs so it's not a manual process of looking through everything. It will also centralize it.
Also a DC is not going to tell you about a GP conflict, that's client side. RoSP or GPresult on the client machine will tell you about those. However, the are avoided by using enforced GPOs where needed. However aside from the setting not being applied there's no actual harm to GP conflicts.
-
@thecreativeone91 said:
However aside from the setting not being applied there's no actual harm to GP conflicts.
Speaking broadly, with a badly setup GP you can get delayed logins and other strange issues.
-
@Breffni-Potter said:
@thecreativeone91 said:
However aside from the setting not being applied there's no actual harm to GP conflicts.
Speaking broadly, with a badly setup GP you can get delayed logins and other strange issues.
Not from conflicting settings you won't get delayed logins. Conflicting settings will just allow one to override the other.
Delayed logins come from permissions issues, trying to do to much, bad settings or corrupt Sysvol and too much WMI filtering.
