<br> Manages Internet SCSI (iSCSI) sessions from this computer to remote target devices. <br> <br> This service is critically necessary in order to directly attach to an iSCSI device. However, <br> iSCSI itself uses a very weak authentication protocol (CHAP), which means that the <br> passwords for iSCSI communication are easily exposed, unless all of the traffic is isolated <br> and/or encrypted using another technology like IPsec. This service is generally more <br> appropriate for servers in a controlled environment then on workstations requiring high <br> security. <br> Fixtext: <br> Fix: <br> (1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsSystem ServicesMicrosoft iSCSI Initiator Service <br> <br> (2) REG: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSiSCSI!Start <br>

[Automatic/Manual/disable]

Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\System Services\Microsoft iSCSI Initiator Service (2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSiSCSI!Start