To understand the rest of this chapter, you need to have a fundamental understanding of how to manage security policies and configurations. Windows Server 2003 comes with two basic tools that will help you create, distribute, and automate security configurations: security templates and the Security Configuration and Analysis tool.
Security templates list all possible security attributes and settings for a given system and their associated configurations. By using the Security Templates snap-in, you can easily provision a standard collection of security across multiple systems using either remote registry editing or GP. For administrators that have a large number of systems to manage, and for those who provision quite a few systems on a regular basis, security templates can save a lot of time: they can assist with setting up a new machine or rolling out a new organization security policy onto many systems. They’re also helpful because you can define multiple templates, given that few large organizations have a single security standard for all computers. Security policy templates are a tool your organization can use to implement the three facets of the CIA principle.
You can begin using security templates by loading the Security Templates snap-in:
mmc from the command-line to load the MMC in
author mode. Author mode allows you to construct new consoles from
scratch and add snap-ins to them.
From the Console ...