Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK

Published byLesley Day Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK"— Presentation transcript:

1 Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK http://blogs.technet.com/jhoward

2 Agenda Goals and Vision Security Enhancements Roadmap and Resources

3 Agenda Goals and Vision Security Enhancements Roadmap and Resources

4 Key Customer Challenges Security Securely configuring networks in a simplified way Coping with malicious hackers, viruses and network attacks Being prepared to face future security threats Reliability Minimise network downtime Performance Desire for increased performance

5 Some ways security is addressed in SP1 Support for “No Execute” hardware Windows Firewall & Boot Time Security Role based configuration and lockdown IIS 6.0 metabase auditing VPN Quarantine Internet Explorer

6 Agenda Goals and Vision Security Enhancements Roadmap and Resources

7 Hardware DEP Processor support required Software DEP Functional on any process supporting Windows Server 2003 Boot.ini “/noexecute=PolicyLevel” switch OptInOptOutAlwaysOnAlwaysOff GUI configuration through System Performance settings Security Enhancements Data Execution Prevention (DEP)

8 Security Enhancements Post Setup Security Updates (PSSU) Protects servers between first boot and application of most recent security updates Opens on first admin login if Windows Firewall was not explicitly enabled using unattend script or Group Policy Blocks inbound connections until customer clicks “Finish” on PSSU dialog box

9 Offers links to Windows Update Opportunity to configure Automatic Updates Re-opens if not completed before first restart Forced closure (ALT+F4) does not change firewall Tests to display PSSU again at next log on Security Enhancements Post Setup Security Updates (PSSU)

10 Invoked during Slipstreamed installation Not applied when Windows Firewall is enabled or disabled through Group Policy before PSSU is displayed Upgrade existing servers Security Enhancements Post Setup Security Updates (PSSU)

11

12 Security Enhancements Windows Firewall Enhancement to Internet Connection Firewall (ICF) Not on by default Except during PSSU Can be configured during installation Boot time security Global Configuration On with no exceptions Multiple profiles Integration with netsh command line utility

13 Windows Firewall Demo

14 Security Enhancements Security Configuration Wizard (SCW) Guided Attack Surface Reduction for Servers Security Coverage Roles-Based Metaphor Disables Unnecessary Services Disables Unnecessary IIS Web Extensions Blocks unused Ports, inlcuding multi-homed scenarios Helps Secure Ports that are left open using IPSEC Reduces protocol exposure (LDAP, NTLM, SMB) Configures Audit Setting with high Signal to Noise

15 Security Enhancements Security Configuration Wizard (SCW) Install Add/remove Windows Components Unattended setup Configuration saved to XML file Command line support Rollback capability Analysis capability

16 Security Configuration Wizard Demo

17 Security Enhancements Internet Explorer Feature parity with XP SP2 Zone elevation Add-on management Information bar Pop-up management Window restrictions Download security

18 RPC and DCOM Enhancements Dovetails with Windows XP SP2 RPC attack surface reduced New RPC registry keys Allow server applications to restrict access to the interface, typically through a security call back Enables application developers to more closely control access Additional DCOM access control restrictions Strengthening of DCOM authentication security model Overall reduction of risk of a successful network attack RPC and DCOM ports handled as a special case by Windows Firewall

19 Security Enhancements Access Based Directory Enumeration What it does Hides directories based on access rights InterfacesGUI Command line tool markShareforABDE.exe Whitepaper on microsoft.com

20 Access Based Directory Enumeration Demo

21 Agenda Goals and Vision Security Enhancements Roadmap and Resources

22 MajorRelease MajorReleaseMajorReleaseReleaseUpdateReleaseUpdate ~ 4 years ~ 2 years Mainstream Service Packs & Updates Extended Support At least 5 years At least 5 years from major release Release Cycle

23 ► Windows Server 2003 Service Pack 1 ► Windows Server 2003 x64 Editions ► Windows Server Update Services ► Windows Server “Longhorn” Beta ► Windows Server 2003 “R2” ► Windows Storage Server “R2” ► Windows Server “Longhorn” Windows Server “Longhorn R2” 2009 2007 2005 Release Roadmap

24 Resources Windows Server 2003 Home Page http://www.microsoft.com/windowsserver2003/default.mspx Windows Server 2003 SP1 Home Page http://www.microsoft.com/windowsserver2003/downloads/servicepacks/sp1 Technet TechCentre http://go.microsoft.com/?linkid=2503849

25 Download locations http://windowsupdate.microsoft.com http://go.microsoft.com/?linkid=2503850 Windows Update Download centre

26 Deployment Guidance Documents http://www.microsoft.com/security/guidance/ http://www.microsoft.com/security/guidance/ How to deploy Windows Server 2003 SP1 in an Enterprise Infrastructure How to configure and deploy Windows Firewall functionality centrally through Windows Server 2003 SP1 and Active Directory How to deploy role-based secure Servers with Windows Server 2003 SP1 and Security Configuration Wizard How to setup VPN Quarantine of users utilizing Windows Server 2003 SP1 How to deploy VPN Quarantine in an Enterprise Infrastructure utilizing Windows Server 2003 SP1 How to setup Secure Server Templates with Security Configuration Wizard in Windows Server 2003 SP1 How to deploy Security Configuration Wizard Server Templates with Active Directory utilizing Windows Server 2003 How to deploy Security Configuration Wizard Server Templates with Active Directory utilizing Windows Server 2003

27 Summary SP1 provides significant security enhancements as well as reliability and performance improvements Windows Server SP1 provides tools to reduce attack surface area To maximize security/performance Windows Server, begin evaluating SP1 today Exciting roadmap – complement to XP SP2, precursor to Windows Server 2003 R2 and Longhorn

28 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

29

30 Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK http://blogs.technet.com/jhoward

Download ppt "Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK"

Similar presentations

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.

Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Changes in Windows XP Service Pack 2

Changes in Windows XP Service Pack 2
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.
Kalpesh Patel Ramprabhu Rathnam

Kalpesh Patel Ramprabhu Rathnam
1 of 3 Open Outlook 2007. On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.

1 of 3 Open Outlook On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor

Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Similar presentations

Ads by Google