News

Microsoft Rolls Out Security Baselines and MAP 5.5 Beta

• By Kurt Mackie
• November 16, 2010

Microsoft on Monday announced that it had rolled out two "new" security baselines for use with its Security Compliance Management tool, plus new setting packs for Windows 7 and Internet Explorer 8.

The two baselines, which conform to Microsoft's best-practice settings for ensuring security, include the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline. Both work with the Security Compliance Management tool, which Microsoft updated in August. The Security Compliance Management tool, in turn, works with Microsoft's System Center Configuration Manager 2007 management product to export the security settings across a computing environment.

For planning purposes, the Security Compliance Management tool also works with the Microsoft Assessment and Planning (MAP) Toolkit and the Microsoft Deployment Toolkit.

Last week, Microsoft announced the beta release of MAP 5.5, which is available at the Microsoft Connect portal page here. New features in the MAP 5.5 beta include assessments for moving to Windows Azure and SQL Azure, assessments for upgrading to Internet Explorer 8 and "heterogeneous database discovery for SQL Server migration projects," according to a Microsoft blog post.

The two new baseline additions are part of Microsoft's no-cost line of "solution accelerator" tools. It's unclear if they are really new, since some of these additions appear to have been released as far back as April. IT pros wanting to keep up with Microsoft's various solution accelerator releases can subscribe to Microsoft's notification service here. The service requires a Windows Live password for access.

The setting packs for Windows 7 and Internet Explorer 8 are designed for IT pros to customize security settings on top of Microsoft's recommended baseline settings. They help with customizing Group Policy settings. Setting packs are a temporary measure right now, allowing IT pros to export customized baseline settings in various formats, Microsoft's solution accelerator team explains in a blog post.

"The setting packs include the basic information required by the Security Compliance Manager tool to define custom baselines that you can use to create GPO backups, DCM configuration packs, and SCAP content," the team explains. "This is a temporary solution to address this request. A future version of the tool will provide the capability to add the settings customers need to their baseline without using a setting pack."

To get the new baselines and setting packs, Microsoft recommends that new users download the Security Compliance Manager tool. Existing users of Security Compliance Manager can check for new baselines by accessing the Tools menu in that program.