Announcing Security Compliance Management for SCCM/DCM
Beta Download Available: http://www.microsoft.com/securitycompliance. Feedback welcome!
The Security Compliance Management toolkit provides customers with best practices from Microsoft about how to plan, set, get and remediate a security baseline, along with tools that you can use to verify the implementation of recommended security baselines from Microsoft for Windows Vista, Windows XP SP2, and Windows Server 2003 SP2.
The toolkit helps customers quickly and easily provide this compliance information to auditors to demonstrate how their organization is meeting important compliance regulations.
The toolkit helps customers manage the compliance process by enabling:
-
Automated security checks in their environment.
-
Verification of security baseline in their environment, and identification of baseline settings changes or “drift” from prescribed values.
-
Implement regulatory compliance through security checks.
The verification process is performed by Configuration Packs that can be applied using the desired configuration management (DCM) feature of Microsoft® System Center Configuration Manager 2007.
-
All Replies
- In my initial testing after importing the Secuirty Compliance Management Toolkit v1.0 into SCCM (native mode), it does not appear to be compatible with Vista SP1. The compliance reports fail on Vista SP1 but worked on XP SP3. Has anyone exported the XML rules and modified them to 6001 (SP1), then re-imported them as .cab files, then re-ran a compliance report on Vista SP1 clients? This may be the only option until the next version.
I checked, and Vista SP1 will not be supported until the next release. That is due early next year.
- What about making a copy of the original CI, modify it to add the Vista SP1 data and make your own, then either modify the original baseline to use "your" newly created CI or create your own baseline altogether?
