Windows XP included several security templates (.inf files that represent a computer’s security configuration), but Windows Vista includes none. Want some? Download and install the Windows Vista Security Guide.

The Windows Vista Security Guide includes several templates:

• Vista Default Security. A security template that you can use to restore default security settings or compare your current settings to the default.
• VSG EC Desktop, VSG EC Laptop, and VSG EC Domain. Templates that the Windows Vista Security Guide team recommends for use in enterprise environments. EC stands for Enterprise Configuration. Use this if you have a domain.
• VSG SSLF Desktop, VSG SSLF Laptop, and VSG SSLF Domain. Templates that the Windows Vista Security Guide team recommends for organizations that are willing to sacrifice some functionality for improved security. SSLF stands for Specialized Security Limited Functionality. Don’t use these unless your 200 feet underground in some concrete bunker. They break stuff (like application compatibility) and you’ll spend weeks tweaking the configuration to get things to work again.

After installation, you can examine these security templates by using the Security Templates snap-in.

Follow these steps to open the security templates in the Security Templates snap-in:

1. Click Start and type mmc.
2. A blank MMC console appears. Click the File menu, and then click Add/Remote Snap-In.
3. From the Add Or Remove Snap-Ins dialog, double-click Security Templates. Click OK.
4. Right-click Security Templates and then click New Template Search Path.
5. In the Browse For Folder dialog, expand your user folder, Documents, Windows Vista Security Guide, GPOAccelerator Tool, and then select Security Templates (the Windows Vista Security Guide installs the templates to “C:\Users\Documents\Windows Vista Security Guide\GPOAccelerator Tool\Security Templates\”). Click OK.
6. Click the new folder in the Security Templates snap-in, and browse through the templates.

Want to see what the Windows Vista Security Guide team recommends that’s different from your current configuration? Use the Security Configuration And Analysis Snap-in:

1. Create a new Microsoft Management Console (MMC) console, and add the Security Configuration And Analysis snap-in.
2. Right-click Security Configuration And Analysis, and then click Open Database.
3. In the Open Database dialog box, type a name for the new database, and then click Open.
4. In the Import Template dialog box, select a security template to import. Click Open.
5. Right-click Security Configuration And Analysis, and then click Analyze Computer Now.
6. In the Perform Analysis dialog box, click OK.

After the analysis is complete, examine the results by expanding the nodes contained within the Security Configuration And Analysis node. The Database Setting column shows what’s recommended in the template. The Computer Setting column shows your setting.