Windows Server Security Audit Tool
Audit the security of your Windows Servers and Workstations
Download Free 30-Day Trial
View Example Report
Perform a security audit on your Windows servers and workstations with the auditing tool XIA Configuration.
- Run reports to find servers that do not meet the security requirements of your organization
- Use the Windows compliance benchmark to determine if your machines comply with Microsoft best practices
-
Detect changes to the security configuration of remote machines
- Check that your advanced audit and account policies are configured correctly
To see all the Windows settings supported by XIA Configuration, navigate up to
Windows Machine >
XIA Configuration has a non-intrusive architecture with agentless data collection.
Security settings audited by our Windows auditing tool
Find out more about the Windows server security settings audited by XIA Configuration below:
Security Summary
Provides a summary of security related information.
- Machine SID
- Computer Domain SID
- Local Administrator Account Information
- Guest Account Information
- Local Administrators Group Information
Screenshot of the Windows machine security summary in the XIA Configuration web interface
Account Policies
Local account policies define the password complexity and account lockout policies that are effective on an individual machine. These policies can be configured locally or via a Group Policy Object (GPO).
This displays the effective security policy applied either locally or by group policy.
Supported on Windows XP, Windows Server 2003 and above
Password Policy
- Enforce password history
- Maximum password age
- Minimum password age
- Minimum password length
- Password must meet complexity requirements
- Store passwords using reversible encryption
Account Lockout Policy
- Account lockout duration
- Account lockout threshold
- Account lockout reset duration
Screenshot of Local Account Policies in the XIA Configuration web interface
Advanced Audit Policy
Gather Advanced Audit Policy configuration from your Windows machines.
- Account Logon
- Account Management
- Detailed Tracking
- DS Access
- Logon/Logoff
- Object Access
- Account lockout reset duration
Learn more
Screenshot of Advanced Audit Policy settings in the XIA Configuration web interface
Audit Policy
The audit policy determines what categories of information should be recorded to the Windows Security event log.
Document your Audit Policy configuration.
- Account logon events
- Account management
- Active Directory service access
- Logon events
- Object access
- Policy change
- Privilege use
- Process tracking
- System events
Screenshot of Audit Policy settings in the XIA Configuration web interface
Local Administrator Password Solution (LAPS)
Document Local Administrator Password Solution (LAPS) settings for each machine joined to an Active Directory domain.
- DLL File Location
- DLL Version
- Administrator Account Name
- Password Age (Days)
- Password Length
- Password Expiration Protection Enabled
- Password Complexity Type
Learn more
Screenshot of Local Administrator Password Solution settings in the XIA Configuration web interface
Local User Accounts
A local user account is available only on the computer where the local account is defined and is stored in the machine's SAM (security accounts manager) database.
Audit local user accounts.
- Name
- Enabled/Disabled
- Password Never Expires
- Full Name
- Description
- SID
- Last Login
- Password Expired
- Password Last Set
- User Cannot Change Password
- Profile Path
- Login Script
- Home Drive
- Home Directory
Screenshot of Local Users in the XIA Configuration web interface
Local Group Accounts
A local group account is available only on the computer where the local group is defined and is stored in the machine's SAM (security accounts manager) database. It can contain both local users and domain users and groups and can be used to assign security to resources on the local machine.
Check the configuration of local group accounts.
Screenshot of Local Groups in the XIA Configuration web interface
Machine Certificates
Check the SSL certificate expiration date in Windows across your environment and easily detect certificates that have expired or are close to expiry.
- General Information
- Certificate Details
- Certificate Trust Chain
Learn more
Screenshot of machine certificate information in the XIA Configuration web interface
Security Options
Security Options is a section of Group Policy that configures computer security settings from digital data signatures, Administrator and Guest account names, to driver installation behavior, and logon prompts.
Audit security options.
Supported on Windows XP, Windows Server 2003 and above
- Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
- Configured Setting
- Configuration Source (Local / Group Policy)
Note: Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.
Screenshot of Security Options in the XIA Configuration web interface
User Rights Assignment
Document user rights assignment configuration.
Supported on Windows XP, Windows Server 2003 and above
- Display name - for example "Access to this computer from the network"
- Internal right or privilege name - for example "SeNetworkLogonRight"
- Configuration Source (Local / Group Policy)
- Users and groups with this right assigned
Learn more
Screenshot of User Rights Assignment settings in a document generated by XIA Configuration
Windows Firewall with Advanced Security Configuration
Supported on Windows 7, Windows Server 2008 and above
Create firewall documentation for all the Windows machines in your environment.
- Active Profile
- Domain, Private, and Public Profile Settings
- Profile Enabled/Disabled
- Default Inbound/Outbound Action
- Firewall Rules
Learn more
Screenshot of Windows Firewall Inbound Rules in the XIA Configuration web interface
Windows Patches
This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.
- HotFix ID
- Description
- Installed By
- Installed On (Date)
Screenshot showing Windows Patches in the XIA Configuration web interface
Windows Update Configuration
Automatically detect your Windows Update configuration on your servers and workstations.
- Schedule
- Mode
- Recommended Updates
- Include Microsoft Updates
- WSUS settings
- Client Side Targeting
Learn more
Screenshot of Windows Update settings in the XIA Configuration web interface
Windows Update History
Check the Windows update history on your servers and workstations.
Supported on Windows 2000 and above
- Action Date
- Title
- Operation
- Result
Screenshot of Windows Update History in the XIA Configuration web interface
Try our Windows server security audit tool for free
No commitments. No costs. Try XIA Configuration today.
Download Free 30-Day Trial
Up to Windows Machine >