2.9.1 Internal Security

This section describes the internal security of the Group Policy client. The general guideline for Group Policy implementers is to ensure that the resources used by the core Group Policy engine and extensions are protected from unauthorized access. It is important to prevent users who do not have the required credentials from modifying or tampering with administrative configurations.

The following diagram shows the different components that define the security boundaries of the Group Policy protocols on the Group Policy client. Elements that are external to the Group Policy protocols are described in [MS-GPOL].

Group Policy security boundary components

Figure 10: Group Policy security boundary components