Microsoft Knowledge Base Article 906236 contains the following INTRODUCTION:

The Security Configuration Wizard is a security policy authoring tool that focuses on reducing attack surface. You can use the Security Configuration Wizard to do the following things:

<font size="+1"><b>•</b></font> Disable unnecessary ports and services.
<font size="+1"><b>•</b></font> Configure Microsoft Windows Firewall.
<font size="+1"><b>•</b></font> Configure Internet Protocol security (IPSEC) filters.
<font size="+1"><b>•</b></font> Configure Lightweight Directory Access Protocol (LDAP) settings.
<font size="+1"><b>•</b></font> Configure server message block (SMB) settings.
<font size="+1"><b>•</b></font> Configure NTLM protocol settings.
<font size="+1"><b>•</b></font> Configure predefined audit settings.
<font size="+1"><b>•</b></font> Configure individual settings for applications such as Microsoft Internet Information Services (IIS),
  Microsoft Exchange, Microsoft SQL Server, Microsoft Internet Security and Acceleration (ISA) Server,
  and most Microsoft server-side application products.
The Security Configuration Wizard is an application instead of a service. The Security Configuration Wizard is abstracted from the actual components that store and enforce the security options. The Security Configuration Wizard does not enforce defined settings. Instead, the Security Configuration Wizard creates a customized settings template. Other aspects of the operating system are responsible for using the template to modify system behavior.