Details
Enables serverless peer name resolution over the Internet using the Peer Name Resolution Protocol (PNRP).
The recommended state for this setting is: Disabled.
Rationale:
Peer Name Resolution Protocol is a distributed and (mostly) serverless way to handle name resolution of clients with each other. In a high security environment, it is more secure to rely on centralized name resolution methods maintained by authorized staff.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled.
Computer ConfigurationPoliciesWindows SettingsSecurity SettingsSystem ServicesPeer Name Resolution Protocol
Impact:
Some peer-to-peer and collaborative applications, such as Remote Assistance, may not function.
Default Value:
Manual
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.