The Microsoft Security Configuration Toolkit enables enterprise security administrators to effectively manage their enterprise’s Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them via a domain controller or inject them directly into testbed hosts to test their effects. For more information, see Windows Security Baselines.
Baseline security policies for Windows Server 2022.
But what’s new in Microsoft Windows Server 2022?
Here we have some new Windows Server 2022 security features :
Virtualization-based security (VBS)
Transport: HTTPS and TLS 1.3 enabled by default on Windows Server 2022
Secure DNS: Encrypted DNS name resolution requests with DNS-over-HTTPS
Server Message Block (SMB): SMB AES-256 encryption for the most security conscious
SMB: East-West SMB encryption controls for internal cluster communications
Windows Server 2022 security features
In the following steps you will see some of the security features of Microsoft Windows Server 2022.
When your Windows Server 2022 is running on a Hypervisor like Hyper-V, you can set Memory integrity under Windows Security to ON.
This prevents attacks from inserting malicious code into high security processes. When you set this security feature on, the Server needs a reboot to activate.
Memory Integrity needs a reboot.
Windows Security Notifications.
By default Virus & Threat protection notification is active, when you want notifications about Microsoft defender firewall blocking a new application, you have to turn this feature on and select the firewalls.
In Windows security we have also ransomware protection.
Protect your files against threats like ransomware, and see how to restore files in case of an attack.
You can do this by Controlled folder access.
Protect files, folders and memory on your Server from unauthorized changes by software.
New in Windows Server 2022 is Tamper protection in Windows Security.
This Prevents others from tampering with important security features.
This was all Microsoft Windows Server 2022 security in the VM, but how about your Windows Server 2022 Hyper-V Hypervisors?
Hypervisor-protected Code Integrity (HVCI) is a virtualization based security (VBS) feature available in Windows. In the Windows Device Security settings, HVCI is referred to as Memory Integrity.
HVCI and VBS improve the threat model of Windows and provide stronger protections against malware trying to exploit the Windows Kernel. VBS leverages the Windows Hypervisor to create an isolated virtual environment that becomes the root of trust of the OS that assumes the kernel can be compromised. HVCI is a critical component that protects and hardens this virtual environment by running kernel mode code integrity within it and restricting kernel memory allocations that could be used to compromise the system.
See Virtualization Based Security System Resource Protections for more details on these protections.
Here you find a great video with a session of Jeff Woolsey Principal Program Manager at Microsoft. It’s all about What’s new in Windows Server 2022.
Start with Microsoft Windows Server 2022 today and make your test environment to play with Windows Server 2022 and Security.
Make your core business application solution more secure then ever, and let a ethical hacker do pen tests on your solution.
When you have security by default in your architectural designs, and test your Windows Server 2022 for production workloads it makes a big different to keep your environment and solution safe. And when you monitor your Windows Server 2022 solution pro-active with Azure Monitor, Azure Security Center, Azure Defender like this with Azure Arc enabled Servers
This keeps you in Control on Security by design for your business.