Introducing the Restriction of NTLM Authentication
Applies To: Windows 7, Windows Server 2008 R2
This product evaluation topic for the IT professional describes new security policies introduced in Windows 7 and Windows Server 2008 R2 to help you analyze and restrict NTLM authentication usage in your IT environment. This feature requires data gathering, analysis of NTLM traffic, and a methodical process with which to restrict the traffic so that stronger authentication protocols, such as the Kerberos protocol, will be used.
With the advent of more secure authentication protocols, such as the Kerberos protocol, industry requests for the ability to better manage the NTLM protocol in their environments have increased. Reducing the usage of the NTLM protocol in an IT environment requires both the knowledge of deployed application requirements on NTLM and the strategies and steps necessary to configure computing environments to use other protocols.
New tools and settings have been added to help you discover how NTLM is used to selectively restrict NTLM traffic. The Auditing and restricting NTLM usage guide provides a planning and design framework along with assessment tools and configuration settings to evaluate and restrict NTLM authentication usage in your environment.
This guide contains the following:
About NTLM usage in your environment
This topic describes the NTLM authentication protocol, how it is used in Windows environments, and supported scenarios for restricting NTLM in a domain.
This topic describes how to implement specific Group Policies and security policies that allow you to access NTLM traffic between client computers, remote servers, member servers, and domain controllers, and it describes ways in which you can evaluate your environment to prepare for NTLM reduction.
This topic describes how to implement specific Group Policies and security policies that allow you to restrict NTLM traffic between client computers, member servers, and domain controllers.
This topic lists additional documentation about NTLM authentication traffic assessing and restriction information, including security policy settings and Microsoft Support articles.