Microsoft has now released the latest version of the Security Compliance Manager v2.5 tool. This FREE tool is your one stop shop for downloading the best practice security guidance and configuration setting for your Microsoft programs. It also allows you to import existing Group Policy Object to then compare these setting against Microsoft template or other custom baseline templates.
This new version also has support for PowerShell allowing you to check for specific configuration setting programmatically rather than via just GPO settings via the DCM feature in SCCM. You will also notice the just released “Win7SP1 Extended DCM Checks 1.0” baseline that checks some of the essential security settings for computer to quickly check what PC’s are complaint in your environment.
Below is a summary of the new features and baselines…
NEW baselines include:
- Exchange Server 2007 SP3 Security Baseline
- Exchange Server 2010 SP2 Security Baseline
Updated client product baselines include:
- Windows 7 SP1 Security Compliance Baseline
- Windows Vista SP2 Security Compliance Baseline
- Windows XP SP3 Security Compliance Baseline
- Office 2010 SP1 Security Baseline
- Internet Explorer 8 Security Compliance Baseline
Other key features in SCM 2.5 include:
- Gold master support: Import and take advantage of your existing Group Policy or create a snapshot of a reference machine to kick-start your project using the Local GPO tool included in this release. SCM enables import of these policies and empowers you to make informed configuration decisions and then export a DCM pack to check for compliance against the golden master configuration.
- Remediation ready: Setting-level severity ratings allow customers to quickly sort, prioritize, and apply Microsoft security and compliance recommendations. In addition severity ratings can now be used to leverage the System Center Configuration Manager 2012 auto-remediation scenarios.
- Configure stand-alone machines: Deploy your configurations to non-domain joined computers using the GPO Pack feature of the Local GPO tool.
- Integration with the System Center 2012 Process Pack for IT GRC: Product configurations are integrated into the Process Pack for IT GRC to provide oversight and reporting of your compliance activities. New compliance-based setting groups that allow quicker and easier compliance reporting and audit preparation when used with the GRC management solution within System Center.