Well as we all know most every network is built and based around some version of Microsoft Windows. Securing these networks is the usual assortment of firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), content checkers and so on. What though in your opinion is the most underrated element of security in a Windows network? For my two cents worth I would say the judicious use of group policy objects(GPO). Much like using egress filtering on routers the use of GPO’s can be most beneficial. Much like egress filtering though GPO’s are often misunderstood or poorly applied. Your thoughts on this?
Technorati Tags: Group policy, Egress filtering, IDS, IPS