APPLY SECURITY POLICIES WITH THE SECURITY CONFIGURATION AND
Setting security on a server can be a time-consuming and confusing
task, particularly when you consider the hundreds of policies that
can affect security. In addition, as administrators attempt to implement
immediate solutions to specific problems, security settings can unexpectedly
change over time. The result is often a server that falls out of the
organization's intended security safety net.
To simplify security configuration and give administrators a means
to monitor security settings, Microsoft developed the Security Configuration
And Analysis tool for the Microsoft Management Console (MMC) and a
corresponding set of security templates for specific scenarios.
Using these tools, you can analyze a server against a known previously
saved configuration, or you can analyze it against a recommended security
configuration template. You can also use the tools to apply a set
of security settings to the server to set or restore it to a specific
To begin exploring these tools, first open an empty management console.
(Go to Start | Run, and enter mmc.exe.) Go to Console | Add/Remove
Snap-ins, and add the Security Configuration And Analysis and Security
Templates snap-ins to the console.
You don't need the Security Templates snap-in to use the Security
Configuration And Analysis snap-in. However, adding it to the console
now enables you to easily browse each template's settings later.
Before applying a given configuration, it's a good idea to export
your current settings to a template. Follow the tool's prompts to
create a new database, right-click Security Configuration And Analysis,
and select Export Template.
After exporting the template, you can begin analyzing and configuring
the server. For more complete instructions on using these security
tools, check out the Security Configuration And Analysis tool's Help