Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager

Configuration Manager has the ability to import the Security Compliance Manager GPO settings. Using these imported settings, you can audit, notify, and report on machine and device compliance. This is particularly useful for security administrators who wish to know that the policies defined are in place across an organization.

For example, if an administrator has overridden a policy manually on a Windows desktop, or if administrators have blocked group policy inheritance for an organizational unit, there would be no way of knowing about it unless it were reported by a user or technician.

The Configuration Manager agent can report on whether the desired ...

Get Microsoft System Center 2012 R2 Compliance Management Cookbook now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.