URLScan is not required for the site systems with SCCM 2007

0

Security Configuration Wizard Helps Secure Site Roles

With the release of Windows Server 2003 SP1, the Security Configuration Wizard (SCW) provides server hardening based on the roles performed by the server. Configuration Manager 2007 templates can be added to SCW to provide the recommended security configuration for Configuration Manager 2007 site system roles. Running the SCW replaces the previous security recommendations to run IIS Lockdown and URLScan on Configuration Manager 2007 roles that require IIS. Because the SCW provides an automated way to help secure servers, the manual hardening checklists for IIS and SQL provided in “Scenarios and Procedures for SMS 2003: Security” are no longer provided.

Before you can run the SCW on your site server and site systems, you must install the Configuration Manager 2007 SCW template, which is scheduled to be included in the Configuration Manager 2007 Toolkit (http://go.microsoft.com/fwlink/?LinkId=93071).

To get more details about What’s New in Security for Configuration Manager

http://technet.microsoft.com/en-us/library/bb632589.aspx

To more know about IIS security & URLSCAN

http://www.securityfocus.com/infocus/1755

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.