Security Center

The Security Center (wscsvc) service monitors and reports security health settings on the computer. The health settings include whether the firewall is turned on, the current status of the installed antivirus application, the current status of the installed antispyware application, the current Windows Update setting, whether User Account Control is turned on, and whether the recommended Internet settings are in use.

The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center uses the service to provide alerts in the notification area and a graphical view of the security health states in the Action Center Control Panel. Network Access Protection (NAP) uses this service to report the security health states of client computers to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system.

If you disable the Security Center service, the protected components continue to function in accordance with their specific configuration settings. However, no centralized monitor service is provided.

This service is installed by default and its startup type is Automatic (Delayed Start.

When the Security Center service is started in its default configuration, it logs on by using the Local Service account.

The Security Center service is dependent upon the following system components:

  • Remote Procedure Call (RPC)
  • DCOM Server Process Launcher
  • RPC Endpoint Mapper
  • Windows Management Instrumentation