Presentation is loading. Please wait.

Presentation is loading. Please wait.

SCAP Adoption at Microsoft Kelly Hengesteg, Principal Group Manager Accelerating the adoption of Microsoft technologies.

Similar presentations


Presentation on theme: "SCAP Adoption at Microsoft Kelly Hengesteg, Principal Group Manager Accelerating the adoption of Microsoft technologies."— Presentation transcript:

1 SCAP Adoption at Microsoft Kelly Hengesteg, Principal Group Manager Accelerating the adoption of Microsoft technologies

2 Agenda - Solution Accelerators - Microsoft Security Baselines - System Center Configuration Manager Extensions for SCAP - Security Compliance Manager - Questions Microsoft.com/SolutionAcceleratorsPage 2

3 Solution Accelerator Team Over 2.55 million downloads a year + 24M SysInternals downloads 4.39M Download page views 58% conversion rate Customer satisfaction 158 NSAT currently NSAT uplift 24 w/use of SA 87% accelerated adoption Partner satisfaction 128 NSAT currently 91% accelerated adoption 60.9% used by Partners Product impact Accelerate the adoption of Microsoft technology in every organization Tools Guidance Microsoft.com/SolutionAccelerators Page 3

4 Customers Partners Product Groups Microsoft Research Industry Input How Do We Build Accelerators? Engineering Best Practices Frameworks Products & Technologies Solution Accelerators Partner and Microsoft Service offerings Product improvements TechNet Microsoft Learning Microsoft Press Output Microsoft.com/SolutionAccelerators Page 4

5 Most Popular Solution Accelerators - Microsoft Deployment Toolkit 2010 Microsoft Deployment Toolkit Microsoft Assessment and Planning Toolkit Microsoft Assessment and Planning Toolkit - Security Compliance Management Toolkit Security Compliance Management Toolkit - Malware Removal Starter Kit Malware Removal Starter Kit - Infrastructure Planning and Design Guide Series Infrastructure Planning and Design Guide Series - Microsoft Operations Framework Microsoft Operations Framework Microsoft.com/SolutionAcceleratorsPage 5

6 SYSTEM CENTER CONFIGURATION MANAGER EXTENSIONS FOR SCAP Leverage existing SCCM Infrastructure to meet FDCC mandate

7 System Center Configuration Manager Extensions for SCAP Attained NIST recognition for SCCM 2007 as a SCAP-validated tool with FDCC scanning capability June ‘09 - Consume SCAP data streams - Assess a system for compliance - Report results in SCAP format System Center Configuration Manager Extensions for SCAP Enables agencies to take advantage of their existing SCCM infrastructures to meet the reporting requirements of the FDCC mandate Microsoft.com/SolutionAccelerators Page 7

8 Solution Architecture FDCC SCAP content SCAP reports Output logs Assesses client compliance SCCM 2007 SCCM DCM configuration pack SCCM DCM report Admin input Conversion tool DCM2SCAP SCMDCM script Conversion tool SCAP2DCM Command line tool that converts SCAP content for FDCC into DCM configuration packs Leverages SCCM 2007 feature of desired configuration management to conduct assessment Deploy SCMDCM script to clients to assess a subset of settings in the FDCC Command line tool that converts SCCM DCM assessments to SCAP format Microsoft.com/SolutionAcceleratorsPage 8

9 Requirements SCAP2DCM & DCM2SCAP conversion tools - Current versions of both x86 and x64 Windows - Requires Microsoft.NET 2.0 or later SCMDCM script - Current versions of 32-bit Windows Microsoft.com/SolutionAccelerators Page 9 Packaging MSI - SCAP2DCM.exe - DCM2SCAP.exe - ScmDcm.exe (packaged in ScmDcm.msi) - Configuration files - Release notes, user guide, FAQ, data mapping documentation

10 Implementation Prerequisites Microsoft.com/SolutionAcceleratorsPage 10

11 Deploy Microsoft.com/SolutionAcceleratorsPage 11

12 Microsoft.com/SolutionAcceleratorsPage 12 Scan

13 SECURITY BASELINES

14 Background Started developing security guides in 2002 (Windows 2000 Security Guide) - The goal was to: - Help reduce support costs due to …unsupportable configurations - Reduce the conflicting security guidance available to our customers, drove the creation of the SCRB (Security Content Review Board) today resides in the TwC team - Bring together multiple government agencies to collaborate and produce a unified guide Microsoft.com/SolutionAcceleratorsPage 14

15 Evolution of the Security Guide Microsoft.com/SolutionAccelerators Page 15

16 Security Compliance Management Toolkit Series Available as a free download from Microsoft Based on tested guidance by Microsoft security experts An end - to-end solution to help you plan, deploy, and monitor your security baselines. Microsoft.com/SolutionAcceleratorsPage 16

17 Security Baseline Portfolio Available Today Security Compliance Management Toolkit Includes GPO Accelerator, SCCM DCM configuration packs, and security guidance) - Windows XP Security Baseline - Windows Vista Security Baseline - Windows Server 2003 Security Baseline - Windows Server 2008 Security Baseline Office Security Baseline - Windows 7 Security Baseline (just released) - Bit Locker Security Baselines (just released) - Internet Explorer 8.0 Security Baseline (just released) - Hyper-V Security Guide Microsoft.com/SolutionAcceleratorsPage 17

18 Roadmap FY10 - Exchange Server 2007 Security Baseline - Windows Server 2008 R2 Security Baseline - Hyper-V (R2 refresh) Security Guide - SQL Server 2008 – RBDMS only Baseline Future - Exchange Server 2010 Security Baseline - Office 2010 Security Baseline - Office SharePoint Server 2007 / 2010 Security Baseline Page 18

19 SECURITY COMPLIANCE MANAGER Enabling Baseline Management

20 Managing Security Baselines Tool provides: - Exportation of baseline in multiple formats/standards - Classified data (structuralized) - Improved data presentation - Unified experience from security baseline deployment to compliance check - Ability to customize baseline - Compare and merging of baselines Microsoft.com/SolutionAcceleratorsPage 20

21 Current Requirements Want to see our work in progress? Check out our connect site here, https://connect.microsoft.com/site/sitehome.aspx?Sit eID=715 https://connect.microsoft.com/site/sitehome.aspx?Sit eID=715 Security Compliance Manager: - Enough free disk space/memory - Admin must be logged on - Windows Installer 2.0 or greater - Current versions of both x86 and x64 - Windows XP or later - Requires Microsoft.NET 2.0 or later - Requires SQL Express 2008 or later - Microsoft Office 2007 SP2 or later (Word & Excel) Single instance/user mode only Availability: - Beta Release early Feb ’10 - RTM early April ‘10 Microsoft.com/SolutionAccelerators Page 21

22 DEMO Security Compliance Manager v.1.0

23 Future Ideas Capabilities: - Increase export formats to include System Center Operations Manager (events) - Provide import formats beyond SCM v.1.0 format - System Center Operations Manager packs - System Center Configuration Management DCM packs - SCAP - Provide full authoring mode for new settings and/or events Microsoft.com/SolutionAcceleratorsPage 23

24 Microsoft.com/SolutionAcceleratorsPage 24 Questions? Follow-up questions contact us at or

25 © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.


Download ppt "SCAP Adoption at Microsoft Kelly Hengesteg, Principal Group Manager Accelerating the adoption of Microsoft technologies."

Similar presentations


Ads by Google