In a recent tip, we told you what you could
expect from Windows Server 2003 Service Pack 1, which Microsoft released in
late March with very little hype. Because the number
and variety of threats to computer security—particularly Windows systems—are
increasing daily, it should come as little surprise that a major focus of
SP1 is security.

Among the included improvements and additions, SP1 features the
Security Configuration Wizard, which helps administrators disable unnecessary
services, block unused ports, and more. Let’s take a closer look at this new
tool.

The Security Configuration Wizard allows administrators to
create security policies that they can then apply to various servers in their environments.
For example, using the wizard, you can enable role-based configuration, which
helps lock down the server, only opening the services and ports that are really
necessary to perform a particular task. In addition, this wizard supports group
policy deployment to make it easier to push out policy changes to other
machines on the network.

To install the Security Configuration Wizard, follow these
steps:

  1. Install
    Service Pack 1 on your Windows Server 2003 machine.
  2. Go to
    Start | Control Panel, and double-click Add Or Remove Programs.
  3. Select
    Add/Remove Windows Components, select the Security Configuration Wizard
    check box, and click Next.

Once you’ve installed the tool, you can use it to provide a
consistent security template across all your machines. Used in conjunction with
the Windows Automatic Update Service and/or a strict patching policy as well as
the other new security features included in SP1, Windows seems to be becoming
more secure, a task Microsoft appears to be taking more seriously.

For more information about this new tool, check out Microsoft’s
Security Configuration Wizard Web page.

Stay on top of the
latest WS2K3 tips and tricks with our free Windows Server 2003 newsletter,
delivered each Wednesday. Automatically
sign up today!