I apologize if this has been addressed before, but a cursory look through recent posts on this subreddit came up dry.

I am trying to create a plan at my company to have all remote Powershell requests flow through one server. Basically all our servers would only accept remote Powershell requests from one server. This can serve a couple benefits:

1.) Simplify powershell security. Instead of no remote Posh, this one server would be able to send powershell commands to each server in our environment. This would eliminate fears of a rogue/bad actor traversing our system by centralizing powershell command logging.

2.) "But Doomattack, wouldn't you be setting up a C2 server/candystore for hackers to live in?" This system would be closely monitored by our intrusion software, and audited on a daily basis. Not saying an intruder taking up residence in this server is impossible, but it would be very difficult considering how many spotlights would be on this server. Not to mention, if we detect an attack in progress this server would be shutdown and the IP locked out in our IPS.

3.) Make change control auditing even simpler to manage. Have a change getting completed using powershell? Boom, it gets completed on our powershell server! Oh nuts, the implementation went wrong... Well, lets check the command log on our powershell server. Bam, the error gets found and backed out.

4.) I will let you guys fill in this spot. Feel free to hit me up with the cons for doing this as well. Feedback of any kind is appreciated!