Windows 7 Security Baseline
Published: April 6, 2010 | Updated: January 28, 2013
What’s New
The Windows 7 Security Baseline is updated for Windows 7 Service Pack 1 (SP1). This updated product baseline provides:
- Setting severity ratings, allowing you to quickly sort, prioritize, and apply Microsoft security and compliance recommendations.
- Consolidated product baselines that eliminate EC and SSLF baseline components, and make viewing, customizing, and implementing your security and compliance baselines easier than ever!
- New compliance-based settings groups allow quicker and easier compliance reporting and audit preparation, when used with the GRC management solution within System Center.
Download This Solution Accelerator
The Windows 7 SP1 baseline is integrated with the Microsoft Security Compliance Manager (SCM) tool. To access this product baseline and the Windows 7 SP1 Security Guide, download the Security Compliance Manager.
To learn more about SCM, see Security Compliance Manager on Microsoft TechNet.
About This Solution Accelerator
The Windows 7 SP1 baseline package includes the Windows 7 SP1 Security Guide. SCM is designed to provide you with an end-to-end solution to help you plan, deploy, and monitor the security of computers running Windows 7 SP1 in your environment. You can also export the baselines as Desired Configuration Manager configuration packs for compliance scanning with Microsoft System Center Configuration Manager. You will find the Windows 7 SP1 Security Guide in the Attachments \ Guides node of the SCM tool.
What is a security baseline?
A security baseline is a collection of configurations items for a Microsoft product that provides prescribed values to solve a specific use case or scenario. Windows 7 SP1 security baselines provide guidance and supporting technical data to implement an effective and efficient messaging infrastructure that enables you to:
- Understand threats.
- Implement countermeasures.
- Learn about product-specific recommendations.
This knowledge is accessed through the Security Compliance Manager tool, which gives you the ability to customize a security baseline to meet the unique requirements of your organization. The tool exports security baselines in multiple formats to help you apply the configuration and confirm the compliance level of the computers in your organization.
Windows 7 SP1 security baselines include the following elements:
- A detailed view of security vulnerabilities related to specific Windows operating systems, applications, and browser settings, and information on the potential impact of configuring significant settings in these areas to help you better understand how to effectively mitigate threats to your environment.
- Recommended countermeasures to address such vulnerabilities, as well as the technical data required to implement and assess the state of each countermeasure that you implement.
- A product-specific security guide that provides detailed instructions and recommendations to help strengthen the security of the computers running Windows 7 SP1 in your organization.
About the Security Compliance Manager
The Security Compliance Manager (SCM) provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft products.
Take advantage of the experience of Microsoft security professionals, and reduce the time and money required to harden your environment. This end-to-end Solution Accelerator is designed to help you plan, deploy, operate, and manage your security baselines for Windows client and server operating systems, Microsoft applications, and Windows Internet Explorer. Access the complete database of Microsoft recommended security settings, customize your baselines, and then choose from multiple formats—including Desired Configuration Management (DCM) packs, Security Content Automation Protocol (SCAP), XLS, or Group Policy objects (GPOs)—to export the baselines to your environment and automate the security baseline compliance verification process.
Use SCM to achieve a secure, reliable, and centralized IT environment to help you better balance your organization’s needs for security and functionality.
Included in the Download
The SCM download includes the following components:
- Microsoft_Security_Compliance_Manager_Setup.exe – The Microsoft Security Compliance Manager allows you to view, update, and export security baselines.
- LocalGPO.msi – This tool is designed to manage local group policies of a computer such as applying a security baseline and exporting the local Group Policy.
After you download and install SCM, you can view all available Microsoft product security baselines. For more information, refer to the getting started guidance on the SCM TechNet Wiki.
The .cab file for the Windows 7 SP1 security baseline includes the following components:
- Win7SP1 BitLocker Security Compliance 1.0
- Win7SP1 Computer Security Compliance 1.0
- Win7SP1 Domain Security Compliance 1.0
- Win7SP1 User Security Compliance 1.0
- Windows 7 SP1 Security Guide.docx
- Win7SP1_IT_GRC_MCA_MP.cab
Related Resources
The following resources provide additional information about security topics and in-depth discussion of the concepts and security prescriptions related to SCM:
- Microsoft Security Solution Accelerators
- Security Compliance Manager TechNet Wiki
- Discussion of new features in SCM2 with José and Jeff
- Solution Accelerators Team presents Security Compliance Manager
- IT Infrastructure Threat Modeling Guide
- System Center Configuration Manager Extensions for SCAP
Community and Feedback
- Want to know what’s coming up next? Check out our Solution Accelerators Security and Compliance Blog.
- E-mail the Solution Accelerators security team with your feedback: [email protected].
- Join in discussions on managing IT security and compliance at the Security and Compliance Management Forum.
- If you have used a Solution Accelerator in your organization, please share your experience with us by completing this short survey.
About Solution Accelerators
Microsoft Solution Accelerators are authoritative resources that help IT professionals plan, deliver, operate, and manage IT systems that address real-world scenarios. Solution Accelerators provide free, prescriptive guidance and automation to accelerate cross-product integration, core infrastructure development, and other enhancements.
Sign up to receive the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as:
- Communication and collaboration
- Security, data protection, and recovery
- Deployment
- Operations and management
Download This Accelerator
Download the Security Compliance Manager.