Security Compliance Manager 2.5 (SCM 2.5) is a free tool from the Microsoft Solution Accelerator team that enables you to quickly configure and manage your desktops, traditional datacenter, and private cloud using Group Policy and System Center Configuration Manager. SCM includes new security guidance and baselines for Exchange Server (2007 and 2010). The Exchange baselines contain unique settings for each of the five core server roles, a PowerShell-based "Script Kit" for applying the settings, and PowerShell-based modules that can be used with either DCM or SCAP 1.2 for scanning servers for baseline compliance. Updated baselines for the following products are also available in SCM 2.5:
SCM 2.5 provides ready to deploy policies and DCM configuration packs that are tested and fully supported. These baselines are based on Microsoft Security guide recommendations and industry best practices, allowing you to manage configuration drift, address compliance requirements, and reduce security threats. Easily configure computers running the latest Windows® operating systems, Microsoft® Office applications, and Windows Internet Explorer® with industry leading knowledge and fully supported tools. You can leverage SCM to import the current configuration of your computers using two different methods: first, you can import Active Directory-based group policies; second, you can import the configuration of a “golden master” reference machine by using the LocalGPO tool to backup the local group policy which you can then import into SCM. Compare your standards to industry best practices, customize them using rich knowledge, and seamlessly create new policies and DCM configuration packs in the user-friendly UI designed to work with Microsoft System Center Configuration Manager 2007 R2.
Wiki Articles about SCM:
SCM provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.
Take advantage of the experience of Microsoft security professionals, and reduce the time and money required to harden your environment. This end-to-end Solution Accelerator will help you plan, deploy, operate, and manage your security baselines for Windows® client and server operating systems, and Microsoft applications. Access the complete database of Microsoft recommended security settings, customize your baselines, and then choose from multiple formats—including Excel® workbooks, Group Policy objects (GPOs), Desired Configuration Management (DCM) packs, or Security Content Automation Protocol (SCAP)—to export the baselines to your environment to automate the security baseline deployment and compliance verification process. Use SCM to achieve a secure, reliable, and centralized IT environment that will help you better balance your organization’s needs for security and functionality.
SCM provides the following key features and benefits:
The supported operating systems and requirements to use SCM include:
SCM is intended to work with System Center Configuration Manager 2007 and the desired configuration management (DCM) feature of that product. Note: You can use the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint File Formats (available as a free download) to open, edit, and save documents, workbooks, and presentations in Microsoft Office 2007 file formats. You also can use Microsoft Word or Microsoft Word Viewer (available as a free download) to view Word documents.
Security Compliance Manager (SCM) is just one of the tools provided by the Microsoft Solution Accelerators team. The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and Security Compliance Manager provide tested guidance and automated tools to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft. Learn more.
Thanks for using the SCM tool, and feel free to contact us: Security Solutions Questions & Feedback.
The original post of this article was a request for information around SCM1.0. Since this is a wiki, I have moved the original request to this comment and changed the topic to a stub.
EricB, MSFT
>>>>>>
Hi,
I am currently evaluation theSecurtiy Complaince Manager 1.0 as an enterprise wide solution for baselining all end points and servers. It seems very promising in streamlining the compliance management of the organization, whichever standard it may be, as the baselines are customizable.
Has anybody evaluated or used SCM in here? I am sure the answer would be yes :-) ! Would love to share/learn from their experince.
Thanks,
Ali
Thiago Cardoso Luiz edited Revision 15. Comment: add Technet information.
Ed Price - MSFT edited Revision 18. Comment: White space issues
Kurt Dillard edited Revision 19. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.
Kurt Dillard edited Revision 20. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.