Create a corporate security baseline for Windows Vista

Sadly, there isn't a Windows feature that can analyze every aspect of a workstation's security, but you can analyze the most relevant portions of a workstation's local security policy. To do so, you would simply use a properly configured workstation to create a security baseline. You can then compare that baseline against other computers on your network to see if they are properly configured.

Creating a security baseline for Windows Vista

Whether you want to analyze a workstation to test for incorrect security settings, or you want to correct security settings that are known to be wrong, the first step in the process is to create a security baseline. A security baseline is essentially a template that specifies how to set the various Group Policy settings.

There are two primary methods of creating a security baseline template in Windows Vista. The first method involves defining the template based on settings taken from a machine that is known to be configured correctly. To do so, log in as an administrator an

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Vista security issues, updates and alerts Ten ways to sell security to management Improve Windows security with our top 10 tips Windows Vista management tutorial Minasi says Vista SP1 solves problems, adds new ones Does Vista's strong security make it better than XP? Are Windows Vista's features silencing critics? Managing single sign-on security burdens in Windows Top 10 ways to improve Windows Vista security A Windows security checklist for IT managers Unauthenticated vs. authenticated security testing Windows desktop security tips Managing multiple passwords in Windows Using System Center Essentials as a patch management tool How Windows 7 stands up to security tests Securing sensitive data on Windows-based laptops Gathering and documenting your Windows desktop security policies Windows desktop security standards documentation best practices Desktop security preparation for a new wave of Windows apps Four Internet Explorer 8 group policy security settings The state of enterprise security and emerging threats in 2009 Why should Windows shops use Microsoft Baseline Security Analyzer?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

d follow these steps:

Figure A [IMAGE]
Navigate through the console tree to Local Computer Policy | Computer Configuration | Windows Settings | Security Settings

An alternate method

If you don't want to create a baseline based on an existing configuration, then there is another option. Windows Vista allows you to create a security baseline template from scratch. To do so, follow these steps:

Figure B [IMAGE]The new template appears beneath the security template folder.

Figure C [IMAGE]You can populate the new template in the same way that you would populate a Group Policy.

Now that I have shown you how to create a security baseline template, it's time to put the baseline template to use. In my next tip on creating a security baseline, I will show you how to use the template that you have created to analyze Windows Vista workstations on your network and how to use the template to adjust and amend security problems that you may encounter.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies.