Published: February 27, 2008   |   Updated: February 18, 2009

 

Download This Solution Accelerator

Launch the download of the Windows Server 2008 Security Compliance Management Toolkit or get the entire toolkit series from the Microsoft Download Center.

About This Solution Accelerator

The Windows Server 2008 Security Compliance Management Toolkit provides you with an end-to-end solution to help you plan, deploy, and monitor the security baselines of servers running Windows Server® 2008 in your environment.

This Solution Accelerator includes the Windows Server 2008 Security Guide and the GPOAccelerator tool to provide you with prescriptive information and automated tools to establish and deploy your security baseline. This toolkit also provides you with 6 DCM Configuration Packs to use with the desired configuration management (DCM) feature in Microsoft® System Center Configuration Manager 2007 Service Pack 1 (SP1). Use this functionality to help you monitor the implementation of your security baseline for Windows Server 2008.

The Windows Server 2008 Security Compliance Management Toolkit is part of the Security Compliance Management Toolkit series.

The Windows Server 2008 Security Guide offers a choice of preconfigured security baselines for the following two different environments:

• Enterprise Client. This security baseline is best for most organizations in which functionality is evenly balanced with security.
• Specialized Security – Limited Functionality. This security baseline is best for organizations in which concern for security is so great that a significant loss of functionality is acceptable. For example, military and security agency organizations operate in this type of environment.

Included in the Download

The Windows Server 2008 Security Compliance Management Toolkit includes the following components:

• Security guide – The updated security guide for Windows Server 2008. The guidance provides you with best practices and information about automated tools to help you plan and deploy your security baseline.
• Attack Surface Reference workbook – A resource that lists the changes introduced as server roles are installed on computers running Windows Server 2008.
• Security Baseline Settings workbook – A resource that lists the prescribed settings for each of the preconfigured security baselines that the guide recommends.
• Security Baseline XML – An XML file that allows customers to consume the data defined in the Security Baseline Settings workbook.
• GPOAccelerator tool – A tool that you can use to create all the GPOs you need to deploy your chosen security configuration.
• INF Files – INF files for Windows Server 2008.
• Baseline Compliance Management Overview – An overview that includes best practices about how to monitor security baselines for computers running Windows Server 2008.
• DCM Configuration Pack User Guide – A step-by-step prescriptive user guide about how to use Configurations Packs in Configuration Manager 2007.
• DCM Configuration Packs – The toolkit includes 6 DCM Configuration Packs to use with the DCM feature in Configuration Manager 2007 SP1.

In More Detail

The Windows Server 2008 Security Guide includes the following content:

Overview

Executive Summary

Who Should Read This Guide

Chapter Summaries

 

Chapter 1: Implementing a Security Baseline

Enterprise Client Environment

Specialized Security – Limited Functionality Environment

Security Design

 

Chapter 2: Reducing the Attack Surface by Server Role

Securing Server Roles

Using SCW and Group Policy to Improve Security

Common Security Configuration Assumptions

 

Chapter 3: Hardening Active Directory Domain Services

Active Directory Domain Controller Role Service

Identity Management for UNIX Role Service

Server for Network Information Services

Password Synchronization

 

Chapter 4: Hardening DHCP Services

Attack Surface

Security Measures

 

Chapter 5: Hardening DNS Services

Attack Surface

Security Measures

 

Chapter 6: Hardening Web Services

Secure By Default

Attack Surface

Security Measures

 

Chapter 7: Hardening File Services

Attack Surface

Security Measures

 

Chapter 8: Hardening Print Services

Attack Surface

 

Other New Solution Accelerators

• Hyper-V Security Guide

  The Hyper-V Security Guide provides IT professionals like you with guidance, instructions, and recommendations to address your key security concerns about server virtualization. The guide includes the following chapters: Hardening Hyper-V, Delegating Virtual Machine Management, and Protecting Virtual Machines.

Related Resources

The following resources provide additional information about security topics and in-depth discussion of the concepts and security prescriptions in this guide:

• Security Solution Accelerators
• Security Compliance Management Toolkit series
• TechNet Labcast On-Demand: SCM Toolkit: Configure the DCM feature
• TechNet Labcast On-Demand: SCM Toolkit: Reporting

Community and Feedback

• Want to know what’s coming up next? Check out our Security Guidance Blog.
• E-mail your feedback to the following address: SecWish@microsoft.com.
• If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than 10 minutes long).

About Solution Accelerators

Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.

Register to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

• Communication & Collaboration
• Security, Data Protection, & Recovery
• Deployment
• Operations & Management

Download This Accelerator

Get the Windows Server 2008 Security Compliance Management Toolkit now.