Introduction

Security is becoming the snowball of information technology. In recent years, security has become a major concern for many companies. Security has become so much of a concern in fact, that several companies have created a position specifically for a security officer, someone responsible for a corporation s security policies and their implementation. In this chapter we will examine two of Microsoft s key security tools for Windows Server 2003, the Security Configuration and Analysis management console and the Software Update Service (SUS).

With each passing day, there are new security threats and system vulnerabilities discovered and, with their discovery, new security patches and hot fixes to apply. The Security Configuration and Analysis management console provides a utility for testing baseline security settings and a method for applying a consistent security configuration to machines throughout the enterprise. The SUS provides a mechanism to consistently apply hot fixes and updates to all Microsoft systems in your enterprise. When used together, the Security Configuration and Analysis management console and the SUS are intended to reduce administrative overhead while providing consistent application of current security settings to all Microsoft-based machines in your network.

With the release of Service Pack 4 (SP 4) for Windows NT 4.0, Microsoft introduced a new security configuration tool to ease administration of your Windows NT network. The release of the NT 4.0 Service Pack 4 CD introduced the Security Configuration Manager (SCM). The Security Configuration Manager is a product originally designed for Windows NT 5.0 (now known as Windows...