Security Configuration Wizard

Applies To: Windows Server 2008 R2, Windows Server 2012

The Security Configuration Wizard (SCW) guides you through the process of creating, editing, applying, or rolling back a security policy. A security policy that you create with SCW is an .xml file that, when applied, configures services, network security, specific registry values, and audit policy. SCW is a role-based tool: you can use it to create a policy that enables services, firewall rules, and settings that are required for a selected server to perform specific roles, such as a file server, a print server, or a domain controller.

The following are considerations for using SCW:

  • SCW disables unnecessary services and provides Windows Firewall with Advanced Security support.

  • Security policies that are created with SCW are not the same as security templates, which are files with an .inf extension. Security templates contain more security settings than those that can be set with SCW. However, it is possible to include a security template in an SCW security policy file.

  • You can deploy security policies that you create with SCW by using Group Policy.

  • SCW does not install or uninstall the components necessary for the server to perform a role. You can install role-specific components through Server Manager.

  • SCW detects role dependencies. If you select a role, it automatically selects dependent roles.

  • All applications that use the IP protocol and ports must be running on the server when you run SCW.

  • In some cases, you must be connected to the Internet to use the links in SCW Help.

Additional references