Problem

What do I need to do to prepare my Windows server for a Security Design Review (SDR)

Solution

As part of a SDR the Information Security Team will need to run a Nessus vulnerability scan on the server. In order for the scan to run successfully the following changes will need to be made to the Inbound Rules on the Windows Firewall:

1. Open the Windows Firewall from the Control Panel and click on Advanced settings
2. Under Inbound Rules scrolled down to the Windows Management Instrumentation rules
3. Enable the Windows Management Instrumentation rules for Async-In, DCOM-In, and WMI-In for the Domain Profile.
4. In addition, the rules need to be limited to the Nessus server. Right click on the rule and choose Properties. Then select the Scope tab and under Remote IP address click These IP addresses. Click Add and enter the following IP 172.16.76.66 then click Apply and Ok.