Security Baseline Settings
Just as you should have a performance baseline for your servers and a network baseline for your network, you should also have a security baseline for your servers and network. A baseline will define what is normal, eg: the normal number of password violations, failed logins, denied firewall packets, etc, per day, per hour, per minute, and where do they normally come from? You should know how to find these statistics and how to view them. You will need to know this information if you ever suspect an attack, suspect that activity has mysteriously gone up, or want to know if someone has violated security. If you don't have a baseline, you'll never know where to start.
While you could create a baseline manually, with something as complex as the Windows operating system this could be difficult and prone to errors. Microsoft realises this and has created a tool to help, the Microsoft Baseline Security Analyzer (MBSA).
MBSA can analyse your local system or remote systems and deliver a report to you on missing patches, accounts with poorly configured passwords, or applications with insecure settings. To use it, you simply install it, run it, and tell it what you want to scan.
DF9R 35:: Network Infrastructure 1: Implementation and Management (c) 2009 SQA