Windows 2000 and advanced editions permit to change local security settings for a particular PC. If PC was part of a domain on a network then these settings would probably be place at domain group policy level on a domain controller. If you are not part of a domain or if you are a only PC user then you can change your security settings so that they affect users of your PC.

To change typical security policy of a Windows PC you can utilize Local Security Settings tool or Group Policy Editor Tool. The Local Security Settings tool will display only items linked to security of PC while Group Policy Editor Tool will display you extra items you can organize like user and software settings.

To open Local Security Policy go to Start, Programs and then Administrative Tools. Then you see Local Security Policy icon. If you do not have Administrative Tools group displaying then right tick taskbar and select Properties. Then go to Start Menu tab and then Customize button. If you make use of Classic start menu check the box that shows Display Administrative Tools. If you make use of normal start menu then tick on advanced tab scroll down to System Administrative Tools and check Display on All Programs menu and Start menu. Then you get Administrative Tools choice under Programs menu. Now tick on Local Security Policy.

Name: w75.jpg Views: 348 Size: 34.6 KB

You will notice many sectors related to various areas of security policy.

Account Policies is where you can place password policies like minimum password length and how long before passwords end. You can also setup account shut out policies which can lock out a user if they enter incorrect password too many times.

Local Policies is where you setup things like auditing for logins, file access, policy changes and other kind of events that can be logged. There is also a sector for user rights tasks which permits you to fine tune what administrative tasks your users can do. In Security Options sector you can allowance or reject different privileges like capability to rename administrator account and limiting access to devices like CDROM.

Public Key Policies is utilized to identify how to handle certificates and certificate life cycles. This security setting specifies whether certificates are mechanically enrolled, renewed when they are ended, and detached when they are canceled.

Software Restriction Policy is utilized as a way to recognize software and control its capability to run on local PCs. The two security levels are Disallowed and Unrestricted.

IP Security Polices (IPSEC) is a structure for a set of protocols for security at network layer of network communication. It is utilized to support safe replace of packets at IP layer and is broadly utilized in Virtual Private Networks (VPNs). Windows has three fixed IPSEC polices. Client, Secure Server and Server. Client is utilized to talk with servers that request security but it’s not needed to utilize security if none is there. Secure Server does not permit unsecured communication with untrusted clients. Server always requests security but permits unsecured communication with clients that do not reply to request.