Updated: December 17, 2008
Applies To: Windows Server 2008
This guide explains the most significant security countermeasures that are available in Windows Server® 2008 and Windows Vista®. You can use the Security Configuration Wizard (SCW) to create security policies and import them into a Group Policy object (GPO) that is linked to the parent organizational unit (OU) for the member server to manage most of the recommended settings. Because some hardening procedures cannot be applied through Group Policy, the guide also discusses some manual configuration settings. This guide was not intended to be a comprehensive reference to all of the features and considerations that you must take into account when securing Windows Server® 2008 and Windows Vista® operating systems. When constructing your information and network security plans for your environment, you may also find useful information in the following locations:
For more information about security and privacy at Microsoft, see the Security Central page (http://go.microsoft.com/fwlink/?LinkID=49428).
For more information about authoritative security guidance from Microsoft, see Enterprise Security Best Practices (http://go.microsoft.com/fwlink/?LinkID=100430).
For information about the "10 Immutable Laws of Security," see http://go.microsoft.com/fwlink/?LinkID=18751.
For more information about security for Windows Vista, see http://go.microsoft.com/fwlink/?LinkID=101446.
For more information about security for Windows Server 2008, see http://www.microsoft.com/technet/security/prodtech/windowsserver2008.mspx.
For information about Server and Domain Isolation, see(http://technet.microsoft.com/en-us/network/bb545651.aspx).
For information about using Windows Server 2008 Network Access Protection (NAP), see (http://technet.microsoft.com/en-us/library/cc667451.aspx).
For information about Windows Server Virtualization, see (http://technet.microsoft.com/en-us/library/bb897507.aspx).
For more information about Group Policy settings, including a listing of paths and values for all settings that are stored in the registry of Windows Server 2008 and Windows Vista with SP1, see Group Policy Settings Reference for Windows Server 2008 and Windows Vista SP1 (http://www.microsoft.com/downloads/details.aspx?familyid=2043B94E-66CD-4B91-9E0F-68363245C495&displaylang=en).
For information about the Windows Vista smart card infrastructure, see (http://msdn.microsoft.com/en-us/library/bb905527.aspx).