CSRC System Administration

MS Windows
Other Resources
Our Sponsor


 

white space white space

- DOWNLOAD PAGE -

WARNING NOTICE

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. These recommendations should be applied only to the Windows XP Professional SP2 Systems and will not work on Windows 9X/ME, Windows NT, Windows 2000 or Windows Server 2003. The security templates have been tested on WinXP Professional SP2 systems and will not work on Windows 9X/ME, Windows NT, Windows 2000 or Windows Server 2003.

This document is only a guide containing recommended security settings; it is not meant to replace well-structured policy or sound judgment. Furthermore this guide does not address site-specific configuration issues. Care must be taken when implementing this guide to address local operational and policy concerns.

This document was developed at the National Institute of Standards and Technology, which collaborated with NSA, DISA, USAF, CIS, and Microsoft to produce the Windows XP security templates. Pursuant to title 17 Section 105 of the United States Code this document and template are not subject to copyright protection and is in the public domain. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic. We would appreciate acknowledgement if the document and template are used.

Download Packages

Updates History
  • Security Templates (.inf files)
    • 2007-05-08 - Release R1.2.1
    • 2005-11-02 - Release R1.2.0
    • 2004-08-24 - Draft Update R1.0.2
      Comments (all templates) - Remove extraneous comments.
      Setting 12.19 (all templates) - Correct typo.
      Setting 12.15 (all templates) - Delete the NoNameReleaseOnDemand registry value.
      Settings 9.1 & 13.1 (High Security) - delete the file permission and auditing from the SystemDrive.
      Setting 8.9 (High Security) - delete the Netlogon service (Not Defined)
    • 2004-07-04 - Draft Update R1.0.1
      Setting 5.26 (all templates) - Correct typo in the DOJ message.
      Setting 12.5 (all templates) - Correct typo in the registry value.
    • 2004-06-24 - Draft Release R1.0

  • Guidance for Securing Microsoft Windows XP Systems for IT Professionals document (pdf file)
    • 2005-11-02 - Final Release
    • 2004-08-24 - Draft Update
      Setting 12.19 (Appendix A) - Correct typo.
      Setting 12.15 (Appendix A) - Strikethrough the NoNameReleaseOnDemand registry value (Not Defined).
      NoNameReleaseOnDemand (Section 6.8.3) - Indicate that the setting is not included in the NIST security templates.
      Settings 9.1 & 13.1 (Appendix A) - Strikethrough the file permission and auditing from the SystemDrive (Not Defined).
      Setting 8.9 (Appendix A) - Change Netlogon service to Not Defined for the High Security template.
      Netlogon (Section 6.5 ) - Remove it from the list of disabled service.
    • 2004-07-04 - Draft Update
      Delete a blank page.
      Setting 12.5 (Appendix A) - Correct typo in the registry value.
    • 2004-06-24 - Draft Release

Comments and Questions
Comments and questions may be addressed to itsec@nist.gov.

 

 
Disclaimer
Any mention of commercial products or reference to commercial organizations is for information only; it does not imply recommendation or endorsement by NIST nor does it imply that the products mentioned are necessarily the best available for the purpose.
Last updated: May 8, 2007
Page created: January10, 2001
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to itsec@nist.gov
NIST is an Agency of the U.S. Commerce Department's Technology Administration