GPO Comparison
Last updated
Was this helpful?
Last updated
Was this helpful?
The GPO Comparison feature allows users to compare and analyze the settings applied by Group Policy Objects in the Active Directory against both custom and official baselines prepared by Microsoft, CIS, STIG, and Forestall. These baselines are created by considering the security best practices.
Input fields are ;
GPO: List of Group Policy Object's belongs to your Active Directory.
Baseline: List of predefined baseline documents.
Baselines are categorized according to the Windows operating system.
After selecting the relevant GPO and baseline, FSProtect automatically compares the applied settings and displays the results.
The colored labels and numbers in the upper-right describe the categories and the number of identified settings that belong to these categories in the comparison results.
Clicking on these badges allows you to filter the result table.
Colors of the badges are categorized as;
Uncompatible
Not Configured
Baseline Not Defined
Compatible
All
Uncompatible: The setting configured by the GPO is not secure according to the baseline.
Not Configured: The setting referenced by the baseline is not defined or not configured by the GPO.
Baseline Not Defined: The setting configured by the GPO is not included in the baseline.
Compatible: The setting configured by the GPO is secure according to the baseline.
All: All settings that are configured by the GPO or referenced by the baseline.
The widgets in the upper-right side of the table allow us to;
Search: Search the comparison results by the names of the settings.
Export: Export the comparison results and the respective information listed in this table as a CSV file.
The table contains information about the results of the Group Policy Object settings comparison,
Status: Comparison result for the GPO setting.
Type: Type of the setting.
Policy Group or Registry Key: Group policy configuration path of the setting.
Setting: Name of the settings.
GPO: Value of the setting configured by the GPO.
Baseline: Value of the setting defined by the baseline.
In addition, each setting in the rows displays summary information about the definition of the setting.
