Published: February 27, 2008   |   Updated: January 4, 2010

 

Download This Solution Accelerator

This Solution Accelerator is part of the Security Compliance Management Toolkit Series. Launch the download of the Security Compliance Management Toolkit Series.

View the Security Compliance Management Toolkit Series in its entirety from Microsoft.

About this Solution Accelerator

The Windows Server 2008 Security Compliance Management Toolkit provides you with an end-to-end solution to help you plan, deploy, and monitor the security baselines of servers running Windows Server® 2008 in your environment.

This Solution Accelerator includes the Windows Server 2008 Security Guide and the GPOAccelerator tool to provide you with prescriptive information and automated tools to establish and deploy your security baseline. This toolkit also provides you with 6 Configuration Packs to use with the desired configuration management (DCM) feature in Microsoft® System Center Configuration Manager 2007 Service Pack 1 (SP1) Use these components to help you monitor the implementation of your security baseline for Windows Server 2008.

The Windows Server 2008 Security Compliance Management Toolkit is part of the Security Compliance Management Toolkit Series.

Included in this Download

Each of the Security Compliance Management Toolkits includes the following components:

• Security Guide –Each toolkit includes an updated version of a previously released security guide for Windows 7, Windows Vista, Windows XP, Windows Server 2008, Windows Server 2003, Internet Explorer 8, or 2007 Microsoft Office. The guidance provides you with best practices and automated tools to help you plan and deploy your security baseline.
• Security Baseline Settings workbook – A resource that lists the prescribed settings for each of the preconfigured security baselines that the security guides recommend.
• Security Baseline XML –XML files that allow your organization to consume the data defined in the Security Baseline Settings workbook.
• GPOAccelerator tool – A tool that you can use to create all the Group Policy objects (GPOs) you need to deploy your chosen security configuration.
• INF Files – INF files for Windows 7 and BitLocker, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003.
• Baseline Compliance Management Overview – The overview discusses best practices on how to monitor security baselines for Windows operating systems, Internet Explorer, and Office applications.
• DCM Configuration Pack User Guide – A step-by-step prescriptive user guide about how to use the configurations packs in Configuration Manager 2007 R2.
• DCM Configuration Packs – The toolkit includes DCM Configuration Packs for you to use with the DCM feature in Configuration Manager 2007 R2.

In More Detail

The Windows Server 2008 Security Guide includes the following content:

Overview

Executive Summary

Who Should Read This Guide

Chapter Summaries

Chapter 1: Implementing a Security Baseline

Enterprise Client Environment

Specialized Security – Limited Functionality Environment

Security Design

Chapter 2: Reducing the Attack Surface by Server Role

Securing Server Roles

Using SCW and Group Policy to Improve Security

Common Security Configuration Assumptions

Chapter 3: Hardening Active Directory Domain Services

Active Directory Domain Controller Role Service

Identity Management for UNIX Role Service

Server for Network Information Services

Password Synchronization

Chapter 4: Hardening DHCP Services

Attack Surface

Security Measures

Chapter 5: Hardening DNS Services

Attack Surface

Security Measures

Chapter 6: Hardening Web Services

Secure By Default

Attack Surface

Security Measures

Chapter 7: Hardening File Services

Attack Surface

Security Measures

Chapter 8: Hardening Print Services

Attack Surface

Security Measures

Chapter 9: Hardening Active Directory Certificate Services

Certification Authority Role Service

Certification Authority Web Enrollment Role Service

Online Responder Role Service

Network Device Enrollment Service Role Service

Chapter 10: Hardening Network Policy and Access Services

NPS Role Service

Routing and Remote Access Role Service

Routing Role Service

HRA Role Service

HCAP Role Service

Chapter 11: Hardening Terminal Services

Attack Surface

Security Measures

Related Resources

The following resources provide additional information about security topics and in-depth discussion of the concepts and security prescriptions in this guide:

• Security Solution Accelerators
• TechNet Labcast On-Demand: SCM Toolkit: Configure the DCM feature
• TechNet Labcast On-Demand: SCM Toolkit: Reporting
• Hyper-V Security Guide
• IT Infrastructure Threat Modeling Guide
• System Center Configuration Manager Extensions for SCAP

Community and Feedback

• Want to know what’s coming up next? Check out our Security Guidance Blog.
• E-mail the Solution Accelerators security team with your feedback: SecWish@microsoft.com.
• If you’ve used a Solution Accelerator in your organization, please share your experience with us by completing this short survey.

About Solution Accelerators

Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free, prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.

Sign up to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as:

• Communication and collaboration
• Security, data protection, and recovery
• Deployment
• Operations and management

Download This Accelerator

Launch the download of the Security Compliance Management Toolkit Series.