Creating and Enforcing Security Policies
To understand the rest of this chapter, you need to have a fundamental understanding of how to manage security policies and configurations. Windows Server 2003 comes with two basic tools that will help you create, distribute, and automate security configurations: security templates and the Security Configuration and Analysis tool.
Using Security Policy Templates
Security templates list all possible security attributes and settings for a given system and their associated configurations. By using the Security Templates snap-in, you can easily provision a standard collection of security across multiple systems using either remote registry editing or GP. For administrators that have a large number of systems to manage, and for those who provision quite a few systems on a regular basis, security templates can save a lot of time: they can assist with setting up a new machine or rolling out a new organization security policy onto many systems. They’re also helpful because you can define multiple templates, given that few large organizations have a single security standard for all computers. Security policy templates are a tool your organization can use to implement the three facets of the CIA principle.
You can begin using security templates by loading the Security Templates snap-in:
Run
mmcfrom the command-line to load the MMC in author mode. Author mode allows you to construct new consoles from scratch and add snap-ins to them.From the Console ...
Get Learning Windows Server 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
