Microsoft offers Windows security guide

Microsoft released on Friday a tutorial and templates to help system administrators lock down the security of computers running the company's newest operating system, Windows Server 2003.

The tutorial consists of portable document files (PDFs) detailing the reasoning behind configuring the server software for various applications, from a web server connected to the internet to a domain controller on a company's internal network. Also included are examples of Microsoft-recommended configurations for specific applications.

"There are a lot of different settings that a customer can set on something like a web server," said Michael Stephenson, lead programme manager for Windows Server 2003. "What the guide does is explain to customers why they would want a setting a certain way."

The publication of the security how-to guide came a day after the launch of the next generation of Microsoft's server OS. Among other things, the guide contains explanations, checklists, sample configurations and scripts for setting up eight different classes of servers using Windows Server 2003.

Along with the Windows Server 2003 guide, the software giant released another set of documents, called "Threats and Countermeasures," which describes the various security options that can be set in Windows 2003 and XP.

The guides are Microsoft's latest tactic in the battle to help better secure customers who install its software, as part of the Trustworthy Computing Initiative, the giant's 15-month-old strategy to increase customers' faith in its products.

That's why Microsoft has decided to make a large body of best-practice documents available for Windows users, Stephenson said.

"As part of Trustworthy Computing, we need to make it easier to be secure in a certain environment, and that's not something that we want to charge for," Stephenson said.

The software giant has occasionally released such tools to help administrators identify vulnerabilities and harden the company's operating systems. The guides build on another set of similar documents released in mid-March for Windows 2000.

In February 2002, Microsoft released the Baseline Security Advisor, a free application designed to let system owners scan their computers for Microsoft applications that were missing patches.

In two weeks, the company plans to put the Windows Server 2003 guide's lessons into a web tutorial format, to make learning the document's content easier. Microsoft also plans to release a new tool this summer to automate the configuration of Windows Server 2003 systems, Stephenson said.

"This plays well to what we are doing in the future...automating security and configurations," Stephenson said.

Robert Lemos writes for News.com