Anonymous ID: 0385eb Nov. 26, 2018, 7:57 p.m. No.4044269   ๐Ÿ—„๏ธ.is ๐Ÿ”—kun

Found a red forest reference in a Microsoft forum:

 

The "Red Forest design" is a Active Directory tiered model for higher security requirements. Also known as ESAE.

 

โ€ฆthe term Red Forest means a standalone Microsoft Active Directory forest that is dedicated to hosting your highly privileged accounts. A trust relationship is created to your production forest and "Domain Admins" and other highly privileged accounts use this new forest to administer the existing forest. It's all about credential partitioning and credential theft mitigation. Microsoft Consulting Services have an offering called Enhanced Security Administrative Environment (ESAE) that provides this functionality. Guidance detailed in https://aka.ms/cyberpaw and https://aka.ms/pth (the two white papers) will help provide an understanding on all the concepts for credential theft mitigation.

 

https://social.technet.microsoft.com/wiki/contents/articles/37509.what-is-active-directory-red-forest-design.aspx?wa=wsignin1.0