Symantec ESM best practice policies are configured to protect specific applications and operating systems from security vulnerabilities.

Operating system (OS) hardening policies incorporate the Symantec security research that is based on ISO 17799 and other industry standards and best practices. OS policies can be used in place of the default policies.

OS policies are configured by Symantec with values, name lists, templates, and word files that apply to the targeted platforms. They use Security Update modules and templates to check OS patches, password settings, and other vulnerabilities on the operating system. These policies may also introduce new templates and word lists to examine conditions that are required by supported standards or regulations.

The maintenance-paying Symantec ESM customers can download the OS Policies without charge through LiveUpdate or from the following Symantec Security Response Web site:

http://www.symantec.com/avcenter/security/Content/Product/Product_ESM.html