Security concerns with enabling PowerShell on a production server


I work in the software development side of an ISV. We're thinking of using PowerShell for some utilities in and around the core application (which itself is ASP.NET).

One of my colleagues said to me that most serious customers would consider PowerShell to be a complete no-no in a production environment, and would reject this out-of-hand. Is he right?

Best Answer

PowerShell is included and enabled by default in the last several versions of Windows Server.

If the "serious customers" are using Microsoft technology, then they are almost certainly using PowerShell already, even if it's hidden behind other management GUIs, or have PowerShell present even if they aren't deliberately using it.

Microsoft server software in 2015 is managed by PowerShell.

And extending out to third parties including VMware, NetApp, Equallogic

It is possible to remove PowerShell, I'd be interested to hear of anyone who does, or what the limits of Windows Server 2012 R2 are with it removed.