Microsoft Updates Windows Admin Center with New Security Tools
Windows Admin Center has added new security features to simplify IT management.
Published: Mar 19, 2025
Key Takeaways:
- Microsoft has introduced new features in Windows Admin Center to improve security management for Windows Server environments.
- Silicon Assisted Security provides a consolidated view of essential security configurations.
- OSConfig ensures consistent security baselines with a built-in drift control mechanism.
Microsoft has introduced new security tools in Windows Admin Center to help IT administrators manage and protect their servers more effectively. The update includes Silicon Assisted Security, Windows LAPS, and OSConfig, which provide better security monitoring, password management, and configuration control.
Windows Admin Center is a web-based management tool that allows administrators to manage Windows Server instances. It offers features like remote management, Azure integration, and partner extensions for hardware monitoring. This tool simplifies administrative tasks like monitoring, troubleshooting, and configuring servers and virtual machines.
Silicon Assisted Security
Microsoft has added a new Silicon Assisted Security tool that builds on the secured-core requirements and includes the minimum recommended hardware requirements for Windows Server 2025. This feature consolidates these requirements into a single view to make configuration easier.
Silicon Assisted Security helps administrators monitor the status and track various security features, including Virtualization-based Security (VBS), System Guard Secure Launch (DRTM), Hypervisor-protected Code Integrity (HVCI), Boot DMA protection, Secure Boot, and Trusted Platform Module (TPM 2.0).
The Silicon Assisted Security feature is currently in public preview for commercial customers. To access this tool, IT admins will need to add an experimental key by navigating to Settings > Advanced > Experiment keys: msft.sme.security.siliconAssistedSecurityPreview
Windows Server 2025 Security baseline
Microsoft has introduced OSConfig, a new security configuration platform designed to enforce security baselines throughout a device’s lifecycle. One key feature is its built-in drift control mechanism, which ensures the system starts in a secure state and maintains consistent security settings over time.
The latest update allows organizations to apply recommended security baselines. The list includes Center for Internet Security (CIS) Benchmark, Defense Information Systems, Agency Security Technical Implementation Guides (DISA STIG), Federal Information Processing Standards (FIPS 140) requirements for the OS, and Azure Compute Security baselines.
Windows LAPS
Microsoft has introduced a new Windows LAPS integration in Windows Admin Center that allows administrators to manage passwords for local administrator accounts within their domain. IT admins can view and copy passwords for specific machines, check expiration dates, and update expiration timestamps. Additionally, they can set expiration times and reset passwords for multiple machines simultaneously.
Microsoft notes that these new security tools collectively make security management more efficient, reliable, and aligned with best practices. If you haven’t done it yet, you can download the latest version of Windows Admin Center from the official website.