The Microsoft Solution Accelerators team has recently released a new set of security resources that you can use in combination with the Microsoft Security Compliance Manager tool: the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline, and setting packs for Windows 7 and Internet Explorer 8. Together with the tool, these resources are designed to help organizations efficiently manage the security and compliance process for some of the most widely used Microsoft products.

What’s a setting pack?

Here’s the story, straight from the development team: Since the release of the Security Compliance Manager tool, one of the most frequent requests has been to add all of the available Group Policy settings to the Microsoft-recommended baselines so that they can be accessed through the tool. While our baselines include hundreds of settings, there are hundreds of additional settings available in Group Policy. In response to this request, the team has created setting packs. The setting packs include the basic information required by the Security Compliance Manager tool to define custom baselines that you can use to create GPO backups, DCM configuration packs, and SCAP content. This is a temporary solution to address this request. A future version of the tool will provide the capability to add the settings customers need to their baseline without using a setting pack.

• The security baselines for Windows Server 2008 R2 and Microsoft Office 2010 provide you with free Microsoft-recommended solutions to meet today's security challenges. In combination with best-practice guidance and the Security Compliance Manager tool, the baselines are designed to help you plan, deploy, and monitor the security of computers running Windows Server 2008 R2 and of Office 2010 applications. Both releases also include a setting pack (for Windows Server 2008 R2 and Office 2010, respectively) enabling you to define baselines that include settings outside the scope of the security baselines from Microsoft.
• The Windows 7 and Windows Internet Explorer 8 setting packs, in combination with the Security Compliance Manager tool, will enable you to define baselines that include settings outside the scope of the security baselines from Microsoft. Use these new resources to define custom baselines, meet business-critical needs, and elevate the security of Windows 7 and Internet Explorer 8.

The Security Compliance Manager works with the Microsoft Assessment and Planning (MAP) Toolkit and the Microsoft Deployment Toolkit (MDT) to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. Learn more.

Next steps:

• First, learn more about the Security Compliance Manager tool. Next, learn more about the new security baselines and setting packs:
  
  • Windows Server 2008 R2 Security Baseline
  •  Microsoft Office 2010 Security Baseline
  • Windows 7 setting pack
  • Windows Internet Explorer 8 setting pack

 Download the tool:

• New users can access these resources by visiting the Microsoft Download Centre to download the Security Compliance Manager tool.
• Existing users can access the baseline and setting packs in the tool by clicking the Tools menu, and then clicking Check for Baselines.

Jeffa