Using the Security Configuration Wizard (SCW) to Secure Windows for Exchange Edge Server Roles

SCW is a tool that was introduced with Windows Server 2003 SP1, you use it to minimise attack surface for servers by disabling Windows functionality that isn't required for Exchange Server 2010 server roles. SCW automates security best practice of reducing attack surface for a server. SCW uses a role-based metaphor to solicit services that're […]

SCW is a tool that was introduced with Windows Server 2003 SP1, you use it to minimise attack surface for servers by disabling Windows functionality that isn't required for Exchange Server 2010 server roles. SCW automates security best practice of reducing attack surface for a server. SCW uses a role-based metaphor to solicit services that're required for apps on a server. This tool reduces the susceptibility of Windows environments to exploitation of security vulnerabilities.

Exchange 2010 provides an SCW template for each of Exchange 2010 server roles. By using this template with SCW, Windows OS can be configured to lock down services and ports that're not needed for each Exchange server role. When SCW is run, a custom security policy is created for the environment. The custom policy can be applied to all Exchange servers in the organisation.

More Info: Using SCW to Secure Edge Servers