Microsoft released a new security baseline this week for Windows Server 2008 R2, adding to the slew of similar baselines released earlier this year. The R2 baseline accelerator gives admins access to a central database of Microsoft-recommended security settings from which they can customize their baselines and push them out to their Windows servers.
The R2 addition joins a slate of previously released baselines for April’s Security Compliance Manager (SCM) tool, an update to Microsoft’s Security Compliance Manager Toolkit series. Other baselines include Windows 7, Vista, XP, Server 2003 and 2008, as well as Office 2007 SP2 and Internet Explorer 8.
As MCPmag.com’s Herb Torrens beat me to the punch on, Wikipedia defines security baselines as “a cookbook recipe for a normal level of protection.” The Security Compliance Manager was released as a sort of library for these various “levels of protection” as recommended by (and based on the experience of) Microsoft and Windows security experts. The idea is for admins to use these baselines as a consistent starting point for securing Microsoft systems and apps before pushing them out via something like Group Policy. (Baselines can also be exported using Excel, DCM packs or Security Content Automation Protocol.)
Microsoft MVP Derek Melber wrote an extensive overview of the SCM tool for WindowsSecurity.com back when it was in beta, where he noted, “To this point, there have been many technologies that attempt to complete what SCM does, but none that really come close. Even if the historical technologies were spliced together, they would not equal what SCM accomplishes in one solution.”
The Windows Server 2008 R2 baseline could be a boon for folks planning to deploy the latest version of the server OS, as IT evangelist Andy Malone previously described SCM as an “awesome tool” that could take the headaches out of meeting industry security and compliance standards.
More security baselines are reportedly on the way for some of Microsoft’s other popular enterprise products, including Exchange Server 2010 and SQL Server 2008 and R2. A beta for the Office 2010 baseline was made available last month. As far as Windows Server 2008 R2 goes, the Solution Accelerators page (the series of which SCM is a part of) also includes downloadable R2 migration guides for infrastructure planning/design and virtualization with Microsoft Hyper-V.
For more of the latest Windows security news and expert advice, visit SearchWindowsServer.com.