For those of you attending TechEd 2008, I will be presenting the session MGT56-TLC – Hardening Windows Server 2008 Deployments with the Windows Server 2008 Security Guide It will cover the Windows Server 2008 Security Guide as well as the GPOAccelerator v3. If you can’t make it don’t worry, I’ll be posting a recording of it a week or so after TechED.
Here’s a summary from the two website links above:
As an IT professional focused on security, you know firsthand how essential your servers are to keeping your organization up and running. It’s your job to stand guard over these essential assets, and to prevent them from going down. Windows Server 2008 is engineered from the ground up with security in mind.
The Windows Server 2008 Security Guide is designed to further enhance the security of the servers in your organization by taking full advantage of the new and improved security technologies and features in Windows Server 2008. Use the guidance to create, test, and deploy your security baseline quickly and reliably, harden your server workloads, and evaluate security setting recommendations to meet the requirements of your environment.
The Solution Accelerator for the Windows Server 2008 Security Guide includes the following components:
· Executive Overview. A summary for business and technical managers that briefly explains how you can use the guidance and the tool for this Solution Accelerator.
· Security Guide. Recommended guidelines and best practices in a series of chapters that offer detailed guidance on how to harden servers running Windows Server 2008 that handle different workloads, including those for Active Directory Domain Services (AD DS), DHCP, DNS, Web, File, Print, Active Directory Certificate Services (AD CS), Network Policy and Access Services, and Terminal Services.
· Security Settings Recommendation Appendix. A comprehensive technical reference that explains every prescribed security setting in the security guide.
· Security Settings Workbook. A resource that lists all prescribed settings for each of the preconfigured security baselines provided by the guide.
· Attack Surface Reference Workbook. A resource that lists the changes that installed server roles introduce in Windows Server 2008.
· GPOAccelerator. A tool that you can use to automatically create Group Policy objects (GPOs) recommended by the guide, which is available as a separate download. To learn more about the GPOAccelerator and download the tool, click here.
The GPOAccelerator automatically deploys the security recommendations in the Windows Server 2008 Security Guide, 2007 Microsoft Office Security Guide, the Windows Vista Security Guide and the Windows XP Security Guide. These guides recommend Group Policy configurations and, in the case of Windows Vista and Windows XP, Security Template configurations that are enforced via Active Directory® in your environment. Each of these guides contains prescriptive recommendations for two security baselines, Enterprise Client (EC) and Specialized Security – Limited Functionality (SSLF). These baselines have been thoroughly tested and validated. The tool provides you with the recommended EC and SSLF Group Policy objects (GPOs) for Windows Server 2008, Windows Vista, Windows XP, and the 2007 Office release in this download.