XIA Configuration

Windows Server Security Audit Tool

Audit the security of your Windows Servers and Workstations

Download Free 30-Day Trial View Example Report

Perform a security audit on your Windows servers and workstations with the auditing tool XIA Configuration.

Run reports to find servers that do not meet the security requirements of your organization
Use the Windows compliance benchmark to determine if your machines comply with Microsoft best practices
Detect changes to the security configuration of remote machines
Check that your advanced audit and account policies are configured correctly

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

XIA Configuration has a non-intrusive architecture with agentless data collection.

Security settings audited by our Windows auditing tool

Find out more about the Windows server security settings audited by XIA Configuration below:

Security Summary
Account Policies
Advanced Audit Policy
Audit Policy
LAPS
Local User Accounts
Local Group Accounts

Machine Certificates
Security Options
User Rights Assignment
Windows Firewall
Windows Patches
Windows Update Configuration
Windows Update History

Security Summary

Provides a summary of security related information.

Machine SID
Computer Domain SID
Local Administrator Account Information
Guest Account Information
Local Administrators Group Information

Screenshot of the Windows machine security summary in the XIA Configuration web interface

Account Policies

Local account policies define the password complexity and account lockout policies that are effective on an individual machine. These policies can be configured locally or via a Group Policy Object (GPO).

This displays the effective security policy applied either locally or by group policy.

Supported on Windows XP, Windows Server 2003 and above

Password Policy

Enforce password history
Maximum password age
Minimum password age
Minimum password length
Password must meet complexity requirements
Store passwords using reversible encryption

Account Lockout Policy

Account lockout duration
Account lockout threshold
Account lockout reset duration

Screenshot of Local Account Policies in the XIA Configuration web interface

Advanced Audit Policy

Gather Advanced Audit Policy configuration from your Windows machines.

Account Logon
Account Management
Detailed Tracking
DS Access
Logon/Logoff
Object Access
Account lockout reset duration

Learn more

Screenshot of Advanced Audit Policy settings in the XIA Configuration web interface

Audit Policy

The audit policy determines what categories of information should be recorded to the Windows Security event log.

Document your Audit Policy configuration.

Account logon events
Account management
Active Directory service access
Logon events
Object access

Policy change
Privilege use
Process tracking
System events

Screenshot of Audit Policy settings in the XIA Configuration web interface

Local Administrator Password Solution (LAPS)

Document Local Administrator Password Solution (LAPS) settings for each machine joined to an Active Directory domain.

DLL File Location
DLL Version
Administrator Account Name
Password Age (Days)
Password Length
Password Expiration Protection Enabled
Password Complexity Type

Learn more

Screenshot of Local Administrator Password Solution settings in the XIA Configuration web interface

Local User Accounts

A local user account is available only on the computer where the local account is defined and is stored in the machine's SAM (security accounts manager) database.

Audit local user accounts.

Name
Enabled/Disabled
Password Never Expires
Full Name
Description
SID
Last Login

Password Expired
Password Last Set
User Cannot Change Password
Profile Path
Login Script
Home Drive
Home Directory

Screenshot of Local Users in the XIA Configuration web interface

Local Group Accounts

A local group account is available only on the computer where the local group is defined and is stored in the machine's SAM (security accounts manager) database. It can contain both local users and domain users and groups and can be used to assign security to resources on the local machine.

Check the configuration of local group accounts.

Name
Description
Members

Screenshot of Local Groups in the XIA Configuration web interface

Machine Certificates

Check the SSL certificate expiration date in Windows across your environment and easily detect certificates that have expired or are close to expiry.

General Information
Certificate Details
Certificate Trust Chain

Learn more

Screenshot of machine certificate information in the XIA Configuration web interface

Security Options

Security Options is a section of Group Policy that configures computer security settings from digital data signatures, Administrator and Guest account names, to driver installation behavior, and logon prompts.

Audit security options.

Supported on Windows XP, Windows Server 2003 and above

Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
Configured Setting
Configuration Source (Local / Group Policy)

Note: Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.

Screenshot of Security Options in the XIA Configuration web interface

User Rights Assignment

Document user rights assignment configuration.

Supported on Windows XP, Windows Server 2003 and above

Display name - for example "Access to this computer from the network"
Internal right or privilege name - for example "SeNetworkLogonRight"
Configuration Source (Local / Group Policy)
Users and groups with this right assigned

Learn more

Screenshot of User Rights Assignment settings in a document generated by XIA Configuration

Windows Firewall with Advanced Security Configuration

Supported on Windows 7, Windows Server 2008 and above

Create firewall documentation for all the Windows machines in your environment.

Active Profile
Domain, Private, and Public Profile Settings
Profile Enabled/Disabled
Default Inbound/Outbound Action
Firewall Rules

Learn more

Screenshot of Windows Firewall Inbound Rules in the XIA Configuration web interface

Windows Patches

This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.