Security Compliance Manager 3.0 (SCM 3.0) is a free tool from the Microsoft Solution Accelerator team that enables you to quickly configure and manage your desktops, traditional datacenter, and private cloud using Group Policy and System Center Configuration Manager. In addition to key features from the previous version, SCM 3.0 offers new baselines for Internet Windows Server 2012, Windows 8, and Internet Explorer 10.
SCM provides ready to deploy policies and DCM configuration packs that are tested and fully supported. These baselines are based on Microsoft Security guide recommendations and industry best practices, allowing you to manage configuration drift, address compliance requirements, and reduce security threats. Easily configure computers running the latest Windows® operating systems, Microsoft® Office applications, Windows Internet Explorer®, and Exchange Servers with industry leading knowledge and fully supported tools. You can leverage SCM to import the current configuration of your computers using two different methods: first, you can import Active Directory-based group policies; second, you can import the configuration of a “golden master” reference machine by using the LocalGPO tool to backup the local group policy which you can then import into SCM. Compare your standards to industry best practices, customize them using rich knowledge, and seamlessly create new policies and DCM configuration packs in the user-friendly UI designed to work with Microsoft System Center Configuration Manager 2007 R2.
Wiki Articles about SCM:
SCM provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.
Take advantage of the experience of Microsoft security professionals, and reduce the time and money required to harden your environment. This end-to-end Solution Accelerator will help you plan, deploy, operate, and manage your security baselines for Windows® client and server operating systems, and Microsoft applications. Access the complete database of Microsoft recommended security settings, customize your baselines, and then choose from multiple formats—including Excel® workbooks, Group Policy objects (GPOs), Desired Configuration Management (DCM) packs, or Security Content Automation Protocol (SCAP)—to export the baselines to your environment to automate the security baseline deployment and compliance verification process. Use SCM to achieve a secure, reliable, and centralized IT environment that will help you better balance your organization’s needs for security and functionality.
SCM provides the following key features and benefits:
The supported operating systems and requirements to use SCM include:
Optional
SCM is intended to work with System Center Configuration Manager 2007 or System Center Configuration Manager 2012 SP1 and the desired configuration management (DCM) feature of that product. Note: You can use the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint File Formats (available as a free download) to open, edit, and save documents, workbooks, and presentations in Microsoft Office 2007 file formats. You also can use Microsoft Word or Microsoft Word Viewer (available as a free download) to view Word documents.
Security Compliance Manager (SCM) is just one of the tools provided by the Microsoft Solution Accelerators team. The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and Security Compliance Manager provide tested guidance and automated tools to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft. Learn more.
Thanks for using the SCM tool, and feel free to contact us: Security Solutions Questions & Feedback.
Horizon_Net edited Revision 24. Comment: added language tags
Kurt Dillard edited Revision 23. Comment: Added information about what's included in SCM 2.5 and rewrote the passage about "golden master" to provide a little more clarity.
Jeff Sigman MSFT edited Revision 6. Comment: Small change in the MORE INFO section (technet forum)
Jeff Sigman MSFT edited Revision 5. Comment: Update REQUIREMENTS section and add our email to the end of the article
Jeff Sigman MSFT edited Revision 4. Comment: Clean-up use of the term "SCM"
Jeff Sigman MSFT edited Revision 3. Comment: Updating MORE INFO section with blog and fixing download link
Jeff Sigman MSFT edited Revision 2. Comment: Adding actual content :) yeah baby - pointing to all other known SCM articles
Jeff Sigman MSFT edited Revision 1. Comment: Changing title - going to use this as the main SCM article to point to all other SCM related articles
Eric Battalio MSFT edited Original. Comment: Removed query, copied to comment; add stub
The original post of this article was a request for information around SCM1.0. Since this is a wiki, I have moved the original request to this comment and changed the topic to a stub.
EricB, MSFT
>>>>>>
Hi,
I am currently evaluation theSecurtiy Complaince Manager 1.0 as an enterprise wide solution for baselining all end points and servers. It seems very promising in streamlining the compliance management of the organization, whichever standard it may be, as the baselines are customizable.
Has anybody evaluated or used SCM in here? I am sure the answer would be yes :-) ! Would love to share/learn from their experince.
Thanks,
Ali
Thiago Cardoso Luiz edited Revision 15. Comment: add Technet information.
Ed Price - MSFT edited Revision 18. Comment: White space issues
Kurt Dillard edited Revision 19. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.
Kurt Dillard edited Revision 20. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.
I'd love to see some community resources added here.