I like to create a server group and server settings template (policy). When creating the template, be sure to choose the Server O.S. tab, as the options are different for Servers.
For File Servers, I usually manually install all servers (custom install) so that I can be 100% in control of every step. Installation for server OS usually consists of the File System Shield only. This is the only real protection required for file servers and this is an industry standard best practice. This assumes of course that the File Server not being used as a workstation. If the Server will EVER browse, add the Web Shield. If the Server checks email, be sure to add the mail Shield (RISKY and a fire able offense in my office). SharePoint servers should add the SharePoint shield in addition to the File System Shield. If there are multiple server types, then it is best to create a matching group and template for each; File, Exchange, SharePoint, and Terminal Servers. Installers can be customized for the group and template desired for each system type. Terminal Server protection is different beast and is best tailored to the function of the clients. At one site, the users remotely access the SQL server, so here only File System Shield would be required. However, I have a site that uses thin clients. All email and browsing are preformed through the Terminal Server. Proper protection will now include File System Shield, Mail Shield, and Web Shield.