Hi, I'm doing some testing for windows 2008 R2 Server security hardening, i have problem with the related to Local services. i want to disable unwanted services. is there available any guide? please confirm. Aucsna

Hello! You can use the new Security Compliance Manager it includes extensive guidelines and documentation about hardening server along with security baselines for Windows Server 2008 R2. http://www.microsoft.com/download/en/details.aspx?id=16776 Regards,

you can easily use security configuration wizard for this thing(scw.exe). http://technet.microsoft.com/en-us/library/cc771492(WS.10).aspx just type scw.exe on your run and you can go through it Darshana Jayathilake

guys thanks for the reply, actually i'm looking for any standard security document. I used for CIS Windows Security guide for Group policy and Security policy. i'm looking for slimier once for windows services. Aucsna

Microsoft Baseline Security Analyzer http://technet.microsoft.com/en-us/security/cc184924 Darshana Jayathilake

Hello! You can use the new Security Compliance Manager it includes extensive guidelines and documentation about hardening server along with security baselines for Windows Server 2008 R2. http://www.microsoft.com/download/en/details.aspx?id=16776 Regards, I would also recommend SCM - even if you don't want to use the tool (but I would) it includes links to the official MS docs on server security and also the threats/countermeasures guides to understand what each hardening setting actually does...Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

Hi, In addition to the above suggestions, you may also consider using Best Practices Analyzer (BPA). Security rules in BPA are applied to measure a role’s relative risk for exposure to threats such as unauthorized or malicious users, or loss or theft of confidential or proprietary data. For more information, please refer to: Best Practices Analyzer http://technet.microsoft.com/en-us/library/dd759260.aspx Hope it helps. Regards, Bruce

hi, guys thanks for the reply, i have checked the scm v2 and it's useful tool , but their i couldn't find the windows services hardening part. Aucsna

Hi, SCM has official docs on server security. It includes extensive guidelines and documentation about hardening server along with security baselines for Windows Server 2008 R2. If you need more assistance about SCM, I suggest you ask on the SCM forum. The community members and support professional there are more familiar with it and can help you in a more efficient way. Security and Compliance Management http://social.technet.microsoft.com/Forums/en-US/compliancemanagement/threads Hope this helps. Regards, Bruce