Page 1 of 24

Page | 1

Microsoft SCW (Security Configuration Wizard)

About the SCW

SCW disables unnecessary services and provides Windows Firewall with Advanced Security support

Removes unused firewall rules based on Server Roles

SCW enables those services that are necessary for the server, based on the roles that you select on the Select Server Roles page

The following procedure will lock down the Server 2008 system completely, I’m calling this tool the secret weapon for this contest. It’s going to disable un-necessary services, & lock down the whole environment.

To launch the SCW type scw at an Administrator Command Prompt

Page 2 of 24

Page | 2

Select Next. Create a new security policy, Next

Page 3 of 24

Page | 3

Enter hostname or LOCALHOST (to identify the computers’ hostname, you can type hostname at an Administrator Command Prompt), Next

Processing Complete, Next

Page 4 of 24

Page | 4

Next

Page 5 of 24

Page | 5

Uncheck all, except for ‘Volume Shadow Copy’, Next

Installed Features

Page 6 of 24

Page | 6

Uncheck all boxes except for Background Intelligent Transfer Service (BITS), DNS Client, Microsoft Networking Client, Time Synchronization, & Windows Update. Next

Page 7 of 24

Page | 7

Make sure all boxes are unchecked except for Remote Desktop, if you are using Remote Desktop to connect to this system.

Important: If you are connecting to the system via VirtualBox or the VMware Player, you can also uncheck the box for Remote Desktop. Next

Page 8 of 24

Page | 8

Additional services

Leave these boxes checked, Next

Page 9 of 24

Page | 9

Leave the defaults, Next

Page 10 of 24

Page | 10

Next

Page 11 of 24

Page | 11

Network Security

Next

Page 12 of 24

Page | 12

Leave all boxes checked, Next

Registry Settings

Page 13 of 24

Page | 13

Next

Require SMB Security Signatures

Page 14 of 24

Page | 14

Leave both boxes checked, Next

Outbound authentication methods

Page 15 of 24

Page | 15

Check the box for Local Accounts on remote computers, Next

Page 16 of 24

Page | 16

Leave the Windows NT 4.0 Service Pack 6a or later operating systems checked, Next

Page 17 of 24

Page | 17

Next

Audit Policy

Page 18 of 24

Page | 18

Next

System Audit Policy

Page 19 of 24

Page | 19

Select Audit successful and unsuccessful activities, Next

Audit Policy Summary

Page 20 of 24

Page | 20

Next. Save Security Policy. Next

Security Policy File Name

Page 21 of 24

Page | 21

Enter a name (I entered SecPol1), Next

Apply Now, Next

It always seems to end with an Unspecified error

Page 22 of 24

Page | 22

Finish

On review, it seems that the SCW worked, just ignore the error notice

Page 23 of 24

Page | 23

Change to Apply now. Next

Page 24 of 24

Page | 24