Security Configuration Guidance
NSA develops and distributes configuration guidance for a wide variety of software, both open source and proprietary. We strive to provide NSA customers and the software development community the best possible security options for the most widely used products. NSA does not favor or promote any specific software product or business model. Rather, we promote enhanced security.
-
From section:
Industrial Control Systems
Securing Assets Within a Closed Industrial Control System (ICS) Network
The second in a series, this document focuses on system security within a "closed" ICS perimeter. It provides a systematic approach for implementing the access control concept of Least Privilege.
01 October 2015 17 page(s) pdf
-
From section:
Industrial Control Systems
Securely Managing Industrial Control System (ICS) Networks
The fourth in a series, this document focuses on implementing a secure ICS network management program through comprehensive network management policies and procedures. An effective network management program is an essential element of maintaining the security posture of critical ICS networks.
01 October 2015 16 page(s) pdf
-
From section:
Applications
Spotting the Adversary with Windows Event Log Monitoring (version 2)
This paper focuses on using the built-in tools already available in the Microsoft Windows operating system (OS). Central event log collection requires a Windows Server operating system version 2003 R2 or above. Many commercially available tools exist for central event log collection. Using a Windows Server 2008 R2 or above server version is recommended. There are no additional licensing costs...
07 August 2015 54 page(s) pdf
-
From section:
Operating Systems
Microsoft's Enhanced Mitigation Experience Toolkit: A Rationale for Enabling Modern Anti-Exploritation Mitigations in Windows
Microsoft®’s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows® operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation mitigations that prevent the successful exploitation of memory corruption vulnerabilities in software, including many zero-day and bu er over ow attacks.
01 October 2014 12 page(s) pdf
-
From section:
Operating Systems
Understanding the Enhanced Mitigation Experience Toolkit Frequently Asked Questions
This document contains Frequently Asked Questions regarding EMET
01 October 2014 8 page(s) pdf
-
From section:
Operating Systems
Microsoft's Enhanced Mitigation Experience Toolkit: A Rationale for Enabling Modern Anti-Exploritation Mitigations in Windows
Microsoft®’s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows® operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation mitigations that prevent the successful exploitation of memory corruption vulnerabilities in software, including many zero-day and bu er over ow attacks.
01 October 2014 12 page(s) pdf
-
From section:
Networks
Cisco ASA Out-of the Box Security Configuration Guide (version 1)
This document provides security guidance for network administrator to assist in the initial out-of-the-box configuration of Cisco Adaptive Security Appliance (ASA) 5500 Next Generation Firewalls (software version 9.1). The guidance provided is based on a basic and simplistic security policy for common network architectures; however, the concepts discussed may be applied to complex policies and networks. It is the responsibility...
10 September 2014 22 page(s) pdf
-
From section:
Applications
Reducing the Effectiveness of Pass-the-Hash (version 1)
This document discusses mitigations administrators can deploy, in the interim, to reduce PtH’s effectiveness by addressing some of the properties it depends upon.
19 November 2013 17 page(s) pdf
-
From section:
Applications
Recommendations for Configuring Adobe Acrobat Reader XI in a Windows Environment (version 1)
This document includes information for using Adobe’s Customization Wizard (CW) or Microsoft’s PowerShell to configure the necessary settings for uniform distribution of the software throughout an enterprise or on a standalone system. Appendix A lists all of the ARXI security-related settings with recommendations for the environments that should configure those settings.
12 July 2013 20 page(s) pdf
-
From section:
Applications
Deploying Signed BIOSes to Enterprise Client Systems (version 1)
This guide is meant to assist United States government and Department of Defense Windows system administrators deploy BIOSes to their enterprise client systems that support signed BIOSes and signed BIOS update mechanisms but do not have signed BIOSes installed by default due to these systems predating the NIST SP 800-147 standard. Vendors that implement signed BIOses currently ship systems with...
16 November 2012 32 page(s) pdf
Top