Security Configuration and Analysis Overview

Security Configuration and Analysis is a tool for analyzing and configuring local system security.

Security Analysis

The state of the operating system and applications on a computer is dynamic. For example, security levels may be required to change temporarily to enable immediate resolution of an administration or network issue; this change can often go unreversed. This means that a computer may no longer meet the requirements for enterprise security.

Regular analysis enables an administrator to track and ensure an adequate level of security on each computer as part of an enterprise risk management program. Analysis is highly specified, information about all system aspects related to security is provided in the results. This enables an administrator to tune the security levels, and most importantly, detect any security flaws that may occur in the system over time.

Security Configuration and Analysis enables quick review of security analysis results: recommendations are presented alongside current system settings, and icons or remarks are used to highlight any areas where the current settings do not match the proposed level of security. Security Configuration and Analysis also offers the ability to resolve any discrepancies revealed by analysis.

If frequent analysis of a large number of computers is required, as in a domain-based infrastructure, the Secedit.exe command line tool may be used as a method of batch analysis. However, analysis results still must be viewed using Security Configuration and Analysis. For more information, see Automating security configuration tasks

Security Configuration

This tool can also be used to directly configure local system security. Through its use of personal databases, you can import security templates created with the Security Templates snap-in, and apply these templates to the Group Policy object for the local computer. This immediately configures the system security with the levels specified in the template. For more information, see Managing Security Templates

0 comments: