XIA Configuration

Windows Server Security Audit Tool

Audit the security of your Windows Servers and Workstations

  Download Free 30-Day Trial   View Example Report

Perform a security audit on your Windows servers and workstations with our auditing tool XIA Configuration.

  • Harden Security. Use the Windows compliance benchmark to determine if your machines meet Microsoft best practices
  • Improve Visibility. Run reports to find servers that do not meet the security requirements of your organization
  • Track Changes. Detect changes to the security configuration of remote machines
  • Expose Vulnerabilities. Check that your advanced audit and account policies are configured correctly

XIA Configuration has a non-intrusive architecture with agentless data collection.

Screenshot of the Windows Basic Compliance Benchmark in the XIA Configuration web interface

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

Security Summary

Provides a summary of security related information.

  • Machine SID
  • Computer Domain SID
  • Local Administrator Account Information
  • Guest Account Information
  • Local Administrators Group Information
Screenshot of the Windows machine security summary in the XIA Configuration web interface
Screenshot of the Windows machine security summary in the XIA Configuration web interface

Account Policies

Audit your effective security policy, applied either locally or by group policy.

Account Lockout Policy

  • Account lockout duration
  • Account lockout threshold
  • Account lockout reset duration

Password Policy

  • Enforce password history
  • Maximum password age
  • Minimum password age
  • Minimum password length
  • Password must meet complexity requirements
  • Store passwords using reversible encryption
Screenshot of Local Account Policies in the XIA Configuration web interface
Screenshot of Local Account Policies in the XIA Configuration web interface

Advanced Audit Policy

Gather Advanced Audit Policy configuration from your Windows machines.

  • Account Logon
  • Account Management
  • Detailed Tracking
  • DS Access
  • Logon/Logoff
  • Object Access
  • Policy Change
  • Privilege Use
  • System
Learn more
Screenshot of Advanced Audit Policy settings in the XIA Configuration web interface
Screenshot of Advanced Audit Policy settings in the XIA Configuration web interface

Audit Policy

Document your Audit Policy configuration.

  • Account logon events
  • Account management
  • Active Directory service access
  • Logon events
  • Object access
  • Policy change
  • Privilege use
  • Process tracking
  • System events
Screenshot of Audit Policy settings in the XIA Configuration web interface
Screenshot of Audit Policy settings in the XIA Configuration web interface

Local Administrator Password Solution (LAPS)

Document Local Administrator Password Solution (LAPS) settings for each machine joined to an Active Directory domain.

  • LAPS Installed
  • LAPS Enabled
  • DLL File Location
  • DLL Version
  • Administrator Account Name
  • Password Age (Days)
  • Password Length
  • Password Complexity Type
  • Password Expiration Protection Enabled
Learn more
Screenshot of Local Administrator Password Solution settings in the XIA Configuration web interface
Screenshot of Local Administrator Password Solution settings in the XIA Configuration web interface

Local Group Accounts

Provides information on local group accounts.

  • Name
  • Description
  • Security Identifier
  • Members
Screenshot of Local Groups in the XIA Configuration web interface
Screenshot of Local Groups in the XIA Configuration web interface

Local User Accounts

Audit local user accounts.

  • Name
  • Description
  • Account Enabled
  • Password Never Expires
  • Full Name
  • SID
  • Last Login
  • Password Expired
  • Password Last Set
  • User Cannot Change Password
  • Profile Path
  • Login Script
  • Home Drive
  • Home Directory
Screenshot of Local Users in the XIA Configuration web interface
Screenshot of Local Users in the XIA Configuration web interface

Machine Certificates

Check the SSL certificate expiration date in Windows across your environment and easily detect certificates that have expired or are close to expiry.

  • General Information
  • Certificate Details
  • Certificate Trust Chain
Learn more
Screenshot of machine certificate information in the XIA Configuration web interface
Screenshot of machine certificate information in the XIA Configuration web interface

Microsoft Defender

Audit your antivirus settings.

General Settings

  • Product Version
  • Engine Version
  • Real Time Protection Enabled
  • Tamper Protection

Antivirus Signature

  • Antivirus Signature Last Updated
  • Antivirus Signature Version

Cloud

  • Cloud Delivered Protection Enabled
  • Automatic Cloud Sample Submission

Exclusions

  • Excluded Exclusions
  • Excluded Paths
  • Excluded Processes
Screenshot of Microsoft Defender settings in the XIA Configuration web interface
Screenshot of Microsoft Defender settings in the XIA Configuration web interface

Security Options

Audit security options.

  • Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
  • Configured Setting
  • Configuration Source (Local / Group Policy)

Note: Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.

Screenshot of Security Options in the XIA Configuration web interface
Screenshot of Security Options in the XIA Configuration web interface

User Rights Assignment

Document user rights assignment configuration.

  • Display name - for example "Access to this computer from the network"
  • Internal right or privilege name - for example "SeNetworkLogonRight"
  • Configuration Source (Local / Group Policy)
  • Users and groups with this right assigned
Learn more
Screenshot of User Rights Assignment settings in a document generated by XIA Configuration
Screenshot of User Rights Assignment settings in a document generated by XIA Configuration

Windows Firewall with Advanced Security Configuration

Create firewall documentation for all the Windows machines in your environment.

  • Active Profile
  • Domain, Private, and Public Profile Settings
  • Profile Enabled/Disabled
  • Default Inbound/Outbound Action
  • Firewall Rules
Learn more
Screenshot of Windows Firewall Inbound Rules in the XIA Configuration web interface
Screenshot of Windows Firewall Inbound Rules in the XIA Configuration web interface

Windows Patches

This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.

  • HotFix ID
  • Description
  • Installed By
  • Installed On (Date)
Screenshot showing Windows Patches in the XIA Configuration web interface
Screenshot showing Windows Patches in the XIA Configuration web interface

Windows Update Configuration

Automatically detect your Windows Update configuration on your servers and workstations.

  • Schedule
  • Update Mode
  • Recommended Updates
  • Include Microsoft Updates
  • WSUS settings
  • Client Side Targeting
Learn more
Screenshot of Windows Update settings in the XIA Configuration web interface
Screenshot of Windows Update settings in the XIA Configuration web interface

Windows Update History

Check the Windows update history on your servers and workstations.

Supported on Windows 2000 and above
  • Action Date
  • Title
  • Operation
  • Result
Screenshot of Windows Update History in the XIA Configuration web interface
Screenshot of Windows Update History in the XIA Configuration web interface

For more information about Windows, please view the Windows page.

Try our Windows server security audit tool for free