/Microsoft-Blue-Forest

Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers

Primary LanguagePowerShell

Microsoft-Blue-Forest

What is a Blue Forest?

A Blue Forest is centered around Blue Team operational security in domain networks. This repository serves as a living documentation on securing Windows domain networks running modern Microsoft operating systems.

What Operating Systems are included in this repository of documentation?

  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Windows 10 Enterprise (1903)

What type of information can I find in this repository?

  • Setting up domain controllers
  • Securing Domain Controllers with practical security baselines from Microsoft and CIS Controls
  • Setting up Windows 10 RS5 1809 and applying security baselines from Microsoft and CIS Controls
  • Setting up Active Directory Certificate Services
  • Deploying Virtual Smart Cards and moving to a passwordless environment (Virtual Smart Cards is in the process of being depreciated from Microsoft but documenting this will provide a cost effective solution to securing accounts in a lab environment)
  • Encrypting Workstations, Servers and Domain controllers with Microsoft Bitlocker
  • Scripts to easily facilitate securing vulnerabilities or setting up various configurations
  • Secure a non domain joined Microsoft OS
  • Sanboxing Windows Defender Antivirus
  • Learn how to deploy Windows Defender settings, Windows Defender Exploit Guard, attack surface reduction, block at first site, and Application Guard through Group Policy
  • Securing Microsoft Office 365
  • Deploying Windows Firewall Settings through Group Policy

What non Microsoft Information can I find in this repository?

  • Setting up PFSense Firewall
  • Setting up a Nessus Vulnerability Scanner using Cent OS 7.
  • Learn how to scan your network for vulnerabilities that may exist in your lab environment and remediating those issues

Plus More to be added over time!

Table of Contents

  1. Installing a PFSENSE Firewall (Documentation Incomplete)

  2. Installing a nessus scanner (Documentation Incomplete)

  3. Installing Your First Domain Controller

  4. Deploying Microsoft LAPS in Enterprise Environments

  5. Deploying Security Baselines in a Active Directory Environment (Documentation Incomplete)

  6. Windows 10 Non Domain Joined Security Hardening

  7. Just Enough Administration and Deployment