samedi 31 janvier 2015

Prevent windows users from logging into, pinging, or browsing other workstations



Bluecoat security did an analysis if the Sony attack and says the following


"This particular sample highlights the value of a network architecture where workstations cannot talk to each. While host-to-host file sharing, and communication can be convenient, it makes lateral movement for an attacker far easier." http://ift.tt/12q7G3y


Does anyone know how this would be accomplished? I want to understand a real world / realistic way this would be done on a medium to very large network?


Scripting some type of powershell script for active directory or via a cisco switch?





Aucun commentaire:

Enregistrer un commentaire