[German]A brief note for admins responsible for security in Active Directory structures and 'secure workstations'. Microsoft has retired the Enhanced Security Admin Environment (ESAE) architectural approach to securing AD computer structures.
Advertising
I came across this information via the following tweet. The Enhanced Security Admin Environment (ESAE) architecture (often referred to as "Red Forest," "Admin Forest" or "Hardened Forest") is an older on-premises approach to providing a secure workplace for Active Directory administrators that has been dropped from Microsoft's mainstream recommendations.
ESAE guidance has been replaced by the Modern Privileged Access Strategy and Rapid Modernization Plan (RAMP) for providing secure workstations for privileged users. On-premises managed Windows Server Active Directory forests are no longer recommended for asset protection. The details can be read here.
