XIA Configuration

Windows Server Security Audit Tool

Harden the security of your Windows servers and workstations

Audit the security of your servers and workstations with our Windows server security audit tool XIA Configuration.

  • Harden Security. Over 340 benchmark tests included for server security hardening
  • Enhance Auditing. Run reports to find computers that do not meet the security requirements of your organization
  • Track Changes. Detect changes to the configuration of your servers and help enforce change management
  • Expose Vulnerabilities. Ensure your security policy settings are configured correctly

View all features >

XIA Configuration has a non-intrusive architecture with agentless data collection and PowerShell support.

Security Compliance Benchmark

The Windows security compliance benchmark includes over 340 tests to aid with server security hardening.

A screenshot showing the Windows basic compliance benchmark results
Use XIA Configuration's compliance benchmark to check your Windows settings meet security best practices

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

Security Summary

Provides a summary of security related information.

Show details
  • Machine SID
  • Computer Domain SID
  • Local Administrator Account Information
  • Guest Account Information
  • Local Administrators Group Information
A screenshot showing a Windows machine security summary
This screenshot shows the security summary of a Windows machine in the XIA Configuration web interface

Account Policies

Audit your effective account policies, applied either locally or by group policy.

Show details

Account Lockout Policy

  • Account lockout duration
  • Account lockout threshold
  • Account lockout reset duration

Password Policy

  • Enforce password history
  • Maximum password age
  • Minimum password age
  • Minimum password length
  • Password must meet complexity requirements
  • Store passwords using reversible encryption
A screenshot showing local account policy settings
Audit your local account policy settings

Advanced Audit Policy

Check Advanced Audit Policy configuration on your Windows machines.

A screenshot showing advanced audit policy settings
Check your advanced audit policy settings

Audit Policy

Assess your Audit Policy settings.

Show details
  • Account logon events
  • Account management
  • Active Directory service access
  • Logon events
  • Object access
  • Policy change
  • Privilege use
  • Process tracking
  • System events
A screenshot showing audit policy settings
View your audit policy settings

Local Administrator Password Solution (LAPS)

Audit Local Administrator Password Solution (LAPS) settings for each computer joined to your Active Directory domain.

A screenshot showing Local Administrator Password Solution settings
Audit your Local Administrator Password Solution settings

Local Group Accounts

Provides information on local group accounts.

Show details
  • Name
  • Description
  • Security Identifier
  • Members
A screenshot showing local group accounts
Check your local group accounts

Local User Accounts

Provides information on local user accounts.

Show details
  • Name
  • Description
  • Account Enabled
  • Password Never Expires
  • Full Name
  • SID
  • Last Login
  • Password Expired
  • Password Last Set
  • User Cannot Change Password
  • Profile Path
  • Login Script
  • Home Drive
  • Home Directory
A screenshot showing local user accounts
View your local user accounts

Machine Certificates

Check the SSL certificate expiration date in Windows across your environments. Execute the SSL Certificate Report to easily find certificates that have expired or are close to expiry.

A screenshot showing machine certificate details
Audit your certificates

Microsoft Defender

Audit your antivirus settings.

Show details

General Settings

  • Product Version
  • Engine Version
  • Real Time Protection Enabled
  • Tamper Protection

Antivirus Signature

  • Antivirus Signature Last Updated
  • Antivirus Signature Version

Cloud

  • Cloud Delivered Protection Enabled
  • Automatic Cloud Sample Submission

Exclusions

  • Excluded Exclusions
  • Excluded Paths
  • Excluded Processes
A screenshot showing Microsoft Defender settings
Check your Microsoft Defender settings

Security Options

Audit over 230 security options.

Show details
  • Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
  • Configured Setting
  • Configuration Source (Local / Group Policy)

Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.

A screenshot showing security options settings
View your security options settings

User Rights Assignment

Check User Rights Assignment settings on your Windows servers and workstations.

A screenshot showing the user rights assignment compliance benchmark results
Use XIA Configuration's compliance benchmark to check your user rights assignment settings meet security best practices

Windows Firewall with Advanced Security Configuration

Create firewall documentation for all the Windows machines in your environments.

A screenshot of Windows firewall inbound rules
Audit your Windows firewall rules

Windows Patches

This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.

Show details
  • HotFix ID
  • Description
  • Installed By
  • Installed On (Date)
A screenshot showing Windows patches
Check the Windows patches installed on your Windows machines

Windows Update Configuration

Audit Windows Update configuration on your servers and workstations.

A screenshot showing Windows update settings
Audit your Windows update configuration

Windows Update History

Check the Windows update history on your servers and workstations.

Show details
  • Action Date
  • Title
  • Operation
  • Result
A screenshot showing Windows update history
View your Windows update history

For more information about Windows, please view the Windows page.

Try our Windows server security audit tool for free