Just a quick FYI that on 2/18 the Security Compliance Management Toolkit series was updated on the web. So what does this have to do with ConfigMgr? Well, after deploying the security settings you can verify the accuracy of the setting policies and monitor policy changes by applying one or more of 26 Configuration Packs included in the toolkit using the desired configuration management (DCM) feature of Microsoft System Center Configuration Manager 2007 SP1.
I have some of the main bullet points below but you can read all the details here.
The Security Compliance Management Toolkit series builds on previous Solution Accelerators to provide you with expanded best practices and additional automation tools to help configure and deploy security settings for the following operating systems and applications: Windows Server® 2008, Windows Server® 2003 Service Pack 2 (SP2), Windows Vista® SP1, Windows XP® Professional SP3, and 2007 Microsoft Office SP1.
After deploying the security settings, you can verify the accuracy of the setting policies and monitor policy changes by applying one or more of 26 Configuration Packs using the desired configuration management (DCM) feature of Microsoft System Center Configuration Manager 2007 SP1.
This series includes the following toolkits:
- Windows Server 2008 Security Compliance Management Toolkit
- Windows Server 2003 Security Compliance Management Toolkit
- Windows Vista Security Compliance Management Toolkit
- Windows XP Security Compliance Management Toolkit
- 2007 Microsoft Office Security Compliance Management Toolkit
Note: The GPOAccelerator tool is included with each toolkit download package.
Each of the Security Compliance Management Toolkits includes the following components:
- Security guide. Each toolkit includes an updated version of a previously released security guides for either Windows Vista, Windows XP, Windows Server 2008, Windows Server 2003, or 2007 Microsoft Office. The guidance provides you with best practices and automated tools to help you plan and deploy your security baselines.
- Attack Surface Reference workbook. A resource that lists the changes introduced as server roles are installed on computers running Windows Server 2003 and Windows Server 2008, for the toolkits specific to these operating systems.
- Security Baseline Settings workbook. A resource that lists all of the prescribed settings for each of the preconfigured security baselines that the security guides recommend.
- Security Baseline XML. XML files that allow your organization to consume the data defined in the security baseline settings workbooks.
- GPOAccelerator tool. A tool that you can use to create all the Group Policy objects (GPOs) you need to deploy your chosen security configuration. This release also supports Windows Server 2003, and creating security configurations on machines not joined to a domain.
- INF Files. INF files for Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008.
- Baseline Compliance Management Overview. The overview discusses best practices on how to monitor security baselines for Windows operating systems and Office applications.
- DCM Configuration Pack User Guide. A step-by-step prescriptive user guide about how to use the Configurations Packs with the DCM feature in Configuration Manager 2007 SP1.
- DCM Configuration Packs. The toolkit series includes 26 Configuration Packs.
J.C. Hornbeck | Manageability Knowledge Engineer