XIA Configuration

Windows Server Security Audit Tool

Harden the security of all your Windows servers and workstations

Watch Demo Video Download Free 30-Day Trial View Example Document

Audit the security of your servers and workstations with our Windows server security audit tool XIA Configuration.

Harden Security. Over 340 benchmark tests included for server security hardening
Enhance Auditing. Run reports to find computers that do not meet the security requirements of your organization
Track Changes. Detect changes to the configuration of your servers and help enforce change management
Expose Misconfiguration. Ensure your security policy settings are configured correctly

View all features >

XIA Configuration has a non-intrusive architecture with agentless data collection and PowerShell support.

Security Compliance Benchmark

The Windows security compliance benchmark includes over 340 tests to aid with server security hardening.

A screenshot showing the Windows basic compliance benchmark results — Use XIA Configuration's compliance benchmark to check your Windows settings meet security best practices

Learn more

Security settings audited by XIA Configuration

Find out more about the Windows server security settings audited by XIA Configuration below:

Account Policies
Advanced Audit Policy
Audit Policy
LAPS
Local Group Accounts
Local User Accounts
Machine Certificates

Microsoft Defender
Security Options
User Rights Assignment
Windows Firewall
Windows Patches
Windows Update Configuration
Windows Update History

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

Security Summary

Provides a summary of security related information.

Show details

Machine SID
Computer Domain SID
Local Administrator Account Information
Guest Account Information
Local Administrators Group Information

A screenshot showing a Windows machine security summary — This screenshot shows the security summary of a Windows machine in the XIA Configuration web interface

Account Policies

Audit your effective account policies, applied either locally or by group policy.

Show details

Account Lockout Policy

Account lockout duration
Account lockout threshold
Account lockout reset duration

Password Policy

Enforce password history
Maximum password age
Minimum password age
Minimum password length
Password must meet complexity requirements
Store passwords using reversible encryption

A screenshot showing local account policy settings — Audit your local account policy settings

Advanced Audit Policy

Check Advanced Audit Policy configuration on your Windows machines.

Learn more

Audit Policy

Assess your Audit Policy settings.

Show details

Account logon events
Account management
Active Directory service access
Logon events
Object access

Policy change
Privilege use
Process tracking
System events

A screenshot showing audit policy settings — View your audit policy settings

Local Administrator Password Solution (LAPS)

Audit Local Administrator Password Solution (LAPS) settings for each computer joined to your Active Directory domain.

A screenshot showing Local Administrator Password Solution settings — Audit your Local Administrator Password Solution settings

Learn more

Local Group Accounts

Provides information on local group accounts.

Show details

Name
Description
Security Identifier
Members

A screenshot showing local group accounts — Check your local group accounts

Local User Accounts

Provides information on local user accounts.

Show details

Name
Description
Account Enabled
Password Never Expires
Full Name
SID
Last Login

Password Expired
Password Last Set
User Cannot Change Password
Profile Path
Login Script
Home Drive
Home Directory

A screenshot showing local user accounts — View your local user accounts

Machine Certificates

Check the SSL certificate expiration date in Windows across your environments. Execute the SSL Certificate Report to easily find certificates that have expired or are close to expiry.

A screenshot showing machine certificate details — Audit your certificates

Learn more

Microsoft Defender

Audit your antivirus settings.

Show details

General Settings

Product Version
Engine Version
Real Time Protection Enabled
Tamper Protection

Antivirus Signature

Antivirus Signature Last Updated
Antivirus Signature Version

Cloud

Cloud Delivered Protection Enabled
Automatic Cloud Sample Submission

Exclusions

Excluded Exclusions
Excluded Paths
Excluded Processes

A screenshot showing Microsoft Defender settings — Check your Microsoft Defender settings

Security Options

Audit over 230 security options.

Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.

Show details

Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
Configured Setting
Configuration Source (Local / Group Policy)

A screenshot showing security options settings — View your security options settings

User Rights Assignment

Check User Rights Assignment settings on your Windows servers and workstations.

Learn more

Windows Firewall with Advanced Security Configuration

Create firewall documentation for all the Windows machines in your environments.

A screenshot of Windows firewall inbound rules — Audit your Windows firewall rules

Learn more

Windows Patches

This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.

Show details