Microsoft Windows Server

This CIS Benchmark is the product of a community consensus process and consists of secure configuration guidelines developed for Microsoft Windows Server

CIS Benchmarks are freely available in PDF format for non-commercial use:

Included in this Benchmark

Free Download

Safeguard IT systems against cyber threats with these CIS Benchmarks. Click to download a PDF from the list of available versions.

Learn more about CIS Benchmark

Recent versions available for CIS Benchmark:

* Microsoft Windows Server 2012 R2 (1.0.0)

Azure Compute Microsoft Windows Server 2022 (1.0.0)

Azure Compute Microsoft Windows Server 2019 (1.0.0)

Microsoft Windows Server 2022 (3.0.0)

Microsoft Windows Server 2022 STIG (2.0.0)

Microsoft Windows Server 2019 (3.0.1)

Microsoft Windows Server 2019 Stand-alone (2.0.0)

Microsoft Windows Server 2019 STIG (3.0.0)

Microsoft Windows Server 2016 (3.0.0)

Microsoft Windows Server 2016 RTM (Release 1607) (1.3.0)

Microsoft Windows Server 2016 STIG (3.0.0)

Microsoft Windows Server 2012 (1.0.0)

Microsoft Windows Server 2012 (non-R2) (3.0.0)

Microsoft Windows Server 2012 R2 (3.0.0)

Microsoft Windows Server 2008 (2.0.0)

Microsoft Windows Server 2008 (2.1.0)

Microsoft Windows Server 2008 (non-R2) (3.3.1)

Microsoft Windows Server 2008 R2 (2.0.0)

Microsoft Windows Server 2008 R2 (3.3.1)

Microsoft Windows Server 2003 (3.0.0)

Microsoft Windows Server 2003 (3.1.0)

CIS Securesuite Members Only

Scan your systems against this CIS Benchmark to easily identify your conformance to the secure configuration recommendations.

Learn more about CIS-CAT Pro

Not a CIS SecureSuite member yet?

Apply for membership

Recent versions available for CIS-CAT Pro:

Azure Compute Microsoft Windows Server 2022 (1.0.0)

Azure Compute Microsoft Windows Server 2019 (1.0.0)

Microsoft Windows Server 2022 (3.0.0)

Microsoft Windows Server 2022 STIG (2.0.0)

Microsoft Windows Server 2019 (3.0.1)

Microsoft Windows Server 2019 Stand-alone (2.0.0)

Microsoft Windows Server 2019 STIG (3.0.0)

Microsoft Windows Server 2016 (3.0.0)

Microsoft Windows Server 2016 STIG (3.0.0)

Microsoft Windows Server 2012 (non-R2) (3.0.0)

Microsoft Windows Server 2012 R2 (3.0.0)

Microsoft Windows Server 2008 R2 (3.3.1)

CIS Securesuite Members Only

Automate your hardening efforts for Microsoft Windows Server using Group Policy Objects (GPOs) for Microsoft Windows and Bash shell scripts for Unix and Linux environments.

Download CIS Build Kits

Not a CIS SecureSuite member yet?

Apply for membership

Recent versions available for CIS Build Kits:

Azure Compute Microsoft Windows Server 2022 (1.0.0)

Azure Compute Microsoft Windows Server 2019 (1.0.0)

Microsoft Windows Server 2022 (3.0.0)

Microsoft Windows Server 2022 STIG (2.0.0)

Microsoft Windows Server 2019 (3.0.1)

Microsoft Windows Server 2019 Stand-alone (2.0.0)

Microsoft Windows Server 2019 STIG (3.0.0)

Microsoft Windows Server 2016 (3.0.0)

Microsoft Windows Server 2016 RTM (Release 1607) (1.3.0)

Microsoft Windows Server 2016 STIG (3.0.0)

Microsoft Windows Server 2012 (1.0.0)

Microsoft Windows Server 2012 (non-R2) (3.0.0)

Microsoft Windows Server 2012 R2 (3.0.0)

Microsoft Windows Server 2008 (non-R2) (3.3.0)

Microsoft Windows Server 2008 R2 (2.0.0)

Microsoft Windows Server 2008 R2 (3.3.0)

Available on all major cloud service provider marketplaces

Virtual machine (VM) images that are pre-configured to meet the robust security recommendations of the associated CIS Microsoft Windows Server Benchmark.

Available CIS Hardened Images

Recent versions available for CIS Hardened Images:

Microsoft Windows Server 2022

Microsoft Windows Server 2022 STIG

Microsoft Windows Server 2019

Microsoft Windows Server 2019 STIG

Microsoft Windows Server 2016

Microsoft Windows Server 2016 STIG

Looking for an older version?

Older versions of the CIS Benchmarks that are no longer supported by CIS and the CIS Benchmarks Community are not lised above. Access a list of archived CIS Benchmarks in Workbench .