I am evaluating the Center for Internet Security Microsoft Windows Server 2012 R2 Benchmark (version 2.2.0) for a Level 2 member server. Level 2 server settings are designed for a more secure environment. There are 51 L2 setting specified in this document, however there is only one setting that gives me pause: 188.8.131.52, Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled'.
Has this setting been evaluated for impacts? What clients, applications, services, processes, etc use RPC and are they authenticated or anonymous?
My current environment is W2K12R2 with PI Data Archive 2016 R2 and Coresight.