deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md
Paolo Matarazzo c97fbd8ea8 resolved conflicts
2023-05-24 16:42:58 -04:00

3.1 KiB
Raw Blame History

title, description, ms.prod, ms.topic, ms.date
title description ms.prod ms.topic ms.date
Checklist Implementing a Standalone Server Isolation Policy Design Use these tasks to create a server isolation policy design that isn't part of an isolated domain. See references to concepts and links to other checklists. windows-client conceptual 09/07/2021

Checklist: Implementing a Standalone Server Isolation Policy Design

This checklist contains procedures for creating a server isolation policy design that isn't part of an isolated domain. For information on the steps required to create an isolated server zone within an isolated domain, see Checklist: Configuring Rules for an Isolated Server Zone.

This parent checklist includes cross-reference links to important concepts about the domain isolation policy design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.

Checklist: Implementing a standalone server isolation policy design

Task Reference
Review important concepts and examples for the server isolation policy design to determine if this design meets your implementation goals and the needs of your organization. Identifying Your Windows Defender Firewall with Advanced Security Deployment Goals
Server Isolation Policy Design
Server Isolation Policy Design Example
Planning Server Isolation Zones
Create the GPOs and connection security rules for isolated servers. Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone
Create the GPOs and connection security rules for the client devices that must connect to the isolated servers. Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone
Verify that the connection security rules are protecting network traffic on your test devices. Verify That Network Traffic Is Authenticated
After you confirm that network traffic is authenticated by IPsec as expected, you can change authentication rules for the isolated server zone to require authentication instead of requesting it. Change Rules from Request to Require Mode
According to the testing and roll-out schedule in your design plan, add device accounts for the client devices to the membership group so that you can deploy the settings. Add Production Devices to the Membership Group for a Zone