Secure Configuration Assessment and Management

This page provides information for the IT professional about secure configuration assessment and management tools and services that are available for Windows Vista to administer security throughout a layered defense and manage ongoing threats.

Authorization Manager

Authorization Manager is a Microsoft Management Console (MMC) snap-in that can help provide effective control of access to resources. Authorization Manager is included with Windows Vista, Windows Server 2008, Windows XP, and Windows Server 2003. The two categories of role-based administration that benefit from this technology are user authorization roles, which are based on a user's job function, and computer configuration roles, which are based on a computer's function.

• Authorization Manager
  This technology page in the Windows Server 2008 Technical Library contains resources for understanding recent improvements, planning and architecture considerations, deployment guides, troubleshooting resources, and procedures for using Authorization Manager.

Group Policy

Group Policy allows you to implement specific configurations for users and computers. The Group Policy Management Console (GPMC) and the Local Group Policy Editor are included with Windows Vista and Windows Server 2008.

• What's New in Group Policy in Windows Vista
  This guide provides an overview of new features and improvements in Group Policy.
• Deploying Group Policy Using Windows Vista
  There are more than 700 new policies to help you manage desktops, security, and all other aspects of running your network. This document includes information about the new and updated features available in Windows Vista and provides best practices for deploying Group Policy.
• Security Group Policy Settings in Windows Vista
  This reference page describes domain, computer, and user policy settings. The reference also provides the recommended settings configured through the automated process prescribed by the Windows Vista Security Guide. The Windows Vista Security Guide Settings.xls file that accompanies this guide provides another resource that you can use to compare the setting values.
• Managing Group Policy ADMX Files Step-by-Step Guide
  This guide describes the management aspects of ADMX files, which is the new format for displaying registry-based policy settings.
• Step-by-Step Guide to Managing Multiple Local Group Policy Objects
  This guide includes a series of step-by-step scenarios to show how to set up multiple local Group Policy objects (GPOs) on a stand-alone computer running Windows Vista.
• Troubleshooting Group Policy Using Event Logs
  This guide provides you with the fundamental concepts used to troubleshoot Group Policy on Windows Vista.
• Group Policy Infrastructure Events and Errors Troubleshooting
  This troubleshooting information contains error messages with resolution and verification steps to help you configure and maintain a Group Policy deployment with Windows Vista and Windows Server 2008.
• Group Policy in Windows Server 2008
  The Group Policy site contains information to help you configure and maintain settings, deploy Group Policy solutions, and troubleshoot issues related to Group Policy deployments.

Security Auditing

Windows security auditing features Granular Audit Policy, which introduces more than 40 new audit policy subcategories. For command-line help, see Auditpol [Vista]. For additional information, see the following Knowledge Base articles:

• How to use Group Policy to configure detailed security auditing settings for Windows Vista client computers in a Windows Server 2003 domain or in a Windows 2000 domain
• Security auditing settings are not applied to Windows Vista client computers when you deploy a domain-based policy
• Description of security events in Windows Vista and in Windows Server 2008

Security Policies

A security policy is a combination of security settings that affect the security on a computer.

Security Policy Settings

• Security Policy Settings New for Windows Vista
  This reference topic provides information about new security settings in Windows Vista including the locations of the security settings in the local GPO, their default values, and a description of the setting.
• Updated Security Policy Settings for Windows Vista
  The three security policy settings that have been updated from Windows XP are described in this reference topic.
• Group Policy Settings Reference for Windows Server 2008 and Windows Vista SP1
  This downloadable spreadsheet lists the policy settings for computer and user configurations included in the Administrative template files (.admx/.adml) delivered with Windows Server 2008 and Windows Vista with Service Pack 1 (SP1). The policy settings included in this spreadsheet apply to Windows Server 2008, Windows Vista with SP1, Windows Server 2003, Windows XP Professional, and Microsoft Windows 2000. You can configure these policy settings when you edit GPOs.
• Security Policy Settings
  This provides information about security policy settings in Windows Server 2003.

Accounts

• Information for advanced users about the changes to the built-in administrator account in Windows Vista
  This Knowledge Base article details how the built-in administrator account has been changed to better reduce the potential attack surface of the built-in user accounts in Windows Vista.
• How to use System Restore to log on to Windows Vista when you lose access to an account
  This Knowledge Base article describes how to use the System Restore feature to log on to Windows Vista when you lose access to an account.
• Certain Windows XP-related user accounts and groups remain on the computer after you upgrade to Windows Vista
  This Knowledge Base article helps you remove some Windows XP–related groups that appear in Local Users and Groups after you upgrade to Windows Vista.

Software Restriction Policies

Software restriction policies provide administrators with a policy-driven mechanism for identifying the software programs running on computers in a domain and for controlling the ability of those programs to run.

• Software Restriction Policies Technical Overview
  This overview explains two improvements that have been made to software restriction policies in Windows Vista.
• Software Restriction Polices (SRP)
  This troubleshooting information contains error messages with resolution and verification steps to help you configure and maintain software restriction policies in Windows Vista and Windows Server 2008.
• Using Software Restriction Policies to Protect Against Unauthorized Software
  This provides architecture, design, and deployment information about software restriction policies in Windows Vista and Windows Server 2008.

WMI Scripting for Security

WMI contains many new features and additional help in Windows Vista, including User Account Control scripting information, IPv6 and IPv4 support, security auditing of WMI namespaces, and new provider hosting models.

• What's New in WMI
  This page provides information about new WMI security features in Windows Vista.