This policy setting allows you to specify whether to require user authentication for remote connections to the RD Session Host server by using Network Level Authentication (NLA). This policy setting enhances security by requiring that user authentication occur earlier in the remote connection process. If you enable this policy setting, only client computers that support Network Level Authentication can connect to the RD Session Host server.

LAN Manager (LM) is a family of early Microsoft client/server software that allows users to link personal computers together on a single network. Network capabilities include transparent file and print sharing, user security features, and network administration tools. In Active Directory if the Kerberos protocol is not negotiated for some reason, Active Directory will use LM, NTLM, or NTLMv2.

This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services session. By default, Remote Desktop Services allows redirection of supported Plug and Play devices.

IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. An attacker could use source routed packets to obscure their identity and location. Source routing allows a computer that sends a packet to specify the route that the packet takes.

Maximum log size should be set to any kind of event logs, as part of your security policy. This configuration’s value is highly important for detecting attacks and investigating their source. Allocating insufficient storage space will lead to information loss of what happened in the network, therefore breaches could remain undetected.

Security versus production functionality is always an issue that put stress between security teams and IT Ops. Learn how CalCom CHS can solve this conflict, and keep all sides satisfied.

Four basic tips that will help you start your hardening project.

CalCom Hardening Solution (CHS) is a server hardening automation solution (for Windown & Linux servers) designed to reduce operational costs and increase the server's security and compliance posture. CHS eliminates outages and reduces hardening costs by indicating the impact of a security hardening change on the production services. It ensures a resilient, constantly hardened and monitored server environment.

4 main challenges you'll need to confront when approaching server hardening.