The ANSSI document “Recommandations pour l’administration sécurisée des SI reposant sur Active Directory” provides comprehensive guidance to secure information systems (SI) that rely on Microsoft’s Active Directory (AD). It emphasizes that AD administration requires specific security measures due to AD’s critical role in centralizing user identities and access controls. The guide advocates for a logical segmentation or tiered isolation (cloisonnement) of the SI into zones of trust to limit attack surfaces and lateral movement by adversaries. It highlights that attackers can exploit various vectors, including storage, virtualization, and backup infrastructures, thus these must also be secured to protect AD’s sensitive data. The document offers a detailed methodology for identifying and isolating these zones and presents 89 concrete recommendations covering architecture, privileged access management, and authentication protocols. It is intended both for initial design and ongoing improvement of AD-based SI security and targets IT administrators, security officers, and architects to foster a security-conscious administration aligned with current threat landscapes.
Publication's URL
URL: https://cyber.gouv.fr/publications/recommandations-pour-ladministration-securisee-des-si-reposant-sur-adPublication's scorecard
Country: FRA
Scope: Cyber
Typology: Standard
Publication's date: October 18, 2023
Category: Identity & Access Management
Sector:
Rating:
(No Ratings Yet)
Loading...