The Security Configuration Wizard (SCW) guides you through the process of creating, editing, applying, or rolling back a security policy. A security policy that you create with SCW is an .xml file that, when applied, configures services, network security, specific registry values, and audit policy. SCW is a role-based tool: you can use it to create a policy that enables services, firewall rules, and settings that are required for a selected server to perform specific roles, such as a file server, a print server, or a domain controller.
The following are considerations for using SCW:
- SCW disables unnecessary services and
provides Windows Firewall with Advanced Security support.
- Security policies that are created with SCW
are not the same as security templates, which are files with an
.inf extension. Security templates contain more security settings
than those that can be set with SCW. However, it is possible to
include a security template in an SCW security policy file.
- You can deploy security policies that you
create with SCW by using Group Policy.
- SCW does not install or uninstall the
components necessary for the server to perform a role. You can
install role-specific components through Server Manager.
- SCW detects role dependencies. If you select
a role, it automatically selects dependent roles.
- All applications that use the IP protocol and
ports must be running on the server when you run SCW.
- In some cases, you must be connected to the
Internet to use the links in SCW Help.