Use SCM to enhance Windows Server Security

Source: Internet
Author: User

Over the years, we have always criticized Microsoft for security issues. However, Microsoft has recently stepped up its game. It not only protects its Windows Server operating system, but also provides some resources to help us maintain the Server check status.

The best resources for this purpose are free Microsoft Solution Accelerator ), it is a test guide and automation tool that helps you plan, securely deploy, and manage new Microsoft technologies ".

Security Compliance Manager is a solution booster that provides baseline Security configurations to help block Windows servers and ensure adequate Compliance. SCM is composed of an SQLServer-driven management console that allows you to customize, store, and output security baseline configurations to GPO, DCM, SCAP, or Excel.


Figure 1. Security Compliance Manager 2nd GUI

LocalGPO provides a command line interface for input and live output GPO, which is especially convenient for servers that are not in your Windows domain.

SCM provides baselines for Windows Server 2003 SP2, Windows Server 2008 SP2, and Windows Server 2008 R2SP1. SCM also provides baselines for other operating systems and applications, as well as upcoming guidelines to assist development on Exchange and SQL Server 2008.

Even if you are not interested in the central management of all server configurations, you can also use SCM for documentation. Each baseline has a security guide and an attack reference. The security guide is a Word document that is as long as a book and covers almost everything you need to know about security best practices and general Windows configurations. The attack surface reference is an Excel table that contains the settings of running services and related technical details. In the scm gui, you can access a large number of security-related settings, which display the default settings, the settings recommended by Microsoft, and other details, as shown in 2.


Figure 2. Examples of available Windows Server settings on the security compliance Server

We can't say that we don't have the right tools to ensure the security of the Windows environment. Whether you are a fan of Microsoft or not, the company is using SCM to throw us an olive branch. If you have never reinforced your Windows-based server, you may use a more formal method to make your configuration consistent. SCM is worth looking.

Address: http://www.searchsv.com.cn/showcontent_53528.htm

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.