This article is a part of a series. The previous article can be found here:
All the Guards – Part 9 Control Flow Guard
In this article I’m going to summarise all the previously articles which included:
All the Guards – Part 9 Control Flow Guard
All the Guards – Part 8 DMA Guard
All the Guards – Part 7 Exploit Guard
All the Guards – Part 6 Application Guard
All the Guards – Part 5 Credential Guard
All the Guards – Part 4 System Guard
All the Guards – Part 3 Device Guard
All the Guards – Part 2 Virtualization Based Security
All the Guards – Part 1 Secure Boot
To successfully implement many of these you’ll need current hardware and an up to date version of Windows 10 Professional or Enterprise. The majority of protection is provided by virtualisation, which the device needs to support and have enough RAM (recommended minimum would be 8GB, but you can do it with less) to facilitate.
Configuration of these options can be handled individually but a better approach is to use a policy method such as via Microsoft Endpoint Manager across your fleet.
I have shared all the information I have found on these topics, hopefully in a manner that makes sense. Unfortunately, information about many of these technologies is not presented in a straight forward manner and in many cases, specifics are hard to find and confirm. Hopefully, however, there is enough information there to show you the benefits of implementing these technologies across your Windows 10 devices.
My advice, is that you look at implementing these technologies in the order that I have presented them to accommodate dependencies that exist. I have done exactly that in my production environment and now don’t even think about them.
So if you haven’t as yet implemented all the Guards that Microsoft has available, I’d encourage you to do so. The improvement in security it provides is worth the investment.
CIAOPS 