Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mark Gibson Solution Specialist Microsoft. Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Mark Gibson Solution Specialist Microsoft. Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps."— Presentation transcript:

1 Mark Gibson Solution Specialist Microsoft

2 Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps

3 www.microsoft.com/technet/security Security Tools Education and Training Security Readiness www.microsoft.com/itshowcase

4

5 Design Threat Modeling Standards, best practices, and tools Security PushFinal Security Review RTM and Deployment Signoff Security Response Product Inception

6 Secure Platform Secure Access Data Protection Rights Management Services (RMS) SharePoint, Exchange, Windows Mobile integration Encrypting File System (EFS) Bitlocker Malware Protection User Account Control Network Access Protection (NAP) IPv6 IPsec Windows CardSpace Native smart card support GINA Re-architecture Certificate Services Credential roaming Security Development Lifecycle (SDL) Kernel Patch Protection Kernel-mode Driver Signing Secure Startup Windows Service Hardening Windows Defender IE Protected Mode Address Space Layout Randomization (ASLR) Data Execution Prevention (DEP) Bi-directional Firewall Windows Security Center

7 Security Development Lifecycle (SDL) Windows Server Virtualization (Hypervisor) Role Management Tool OS File Integrity Secure Platform Network Protection Identity Access Data Protection Read-only Domain Controller (RODC) Active Directory Federation Srvcs. (ADFS) Administrative Role Separation PKI Management Console Online Certificate Status Protocol Network Access Protection (NAP) Server and Domain Isolation with IPsec End-to-end Network Authentication Windows Firewall With Advanced Security On By Default Rights Management Services (RMS) Full volume encryption (Bitlocker) USB Device-connection rules with Group Policy Improved Auditing Windows Server Backup

8 Technology Process People IT is a strategic asset Users look to IT as a valued partner to enable new business initiatives IT Staff manages an efficient, controlled environment Users have the right tools, availability, and access to info IT Staff trained in best practices such as MOF, ITIL, etc. Users expect basic services from IT IT staff taxed by operational challenges Users come up with their own IT solutions Self-assessing and continuous improvement Easy, secure access to info from anywhere on Internet SLAs are linked to business objectives Clearly defined and enforced images, security, best practices Central Admin and configuration of security Standard desktop images defined, not adopted by all IT processes undefined Complexity due to localized processes and minimal central control Self provisioning and quarantine capable systems ensure compliance and high availability Automate identity and access management Automated system management Multiple directories for authentication Limited automated software distribution Patch status of desktops is unknown No unified directory for access mgmt BasicStandardizedRationalizedDynamic Improve IT Maturity while Gaining ROI $1320/PC Cost$580/PC Cost $230/PC Cost < $100/PC Cost

9 Isolated Trusted Remediation Server Web Server Remote Access Gateway Infrastructure Servers Unmanaged Devices Malicious Users Trusted Home New Customer Unhealthy PC Secure Anywhere Access End-to-end security with IPv6 and IPsec Access driven by policy not topology Certificate based multi-factor authentication Health checks and remediation prior to access Policy-driven network access solutions Windows Firewall with advanced filtering Server and Domain Isolation Network Access Protection (NAP) ISA Server 2006 Intelligent Application Gateway (2007) Windows Filtering Platform

10 Authorization Manager RMS MIIS ADFS Domain/Directory Services Certificate Services Secure collaboration Easily managing multiple identities Government sponsored identities (eID) Hardware supported trust platform Disparate directories synchronization Centralized ID controls and mgmt. Embedded identity into applications Policy Governance / Compliance Role Based Permissions Identity and Data Privacy

11 Consumer/ Small Business Corporate Client Protection Server ProtectionEdge Protection Simple PC maintenance Anti-Virus Anti-Spyware Anti-Phishing Firewall Performance Tuning Backup and Restore Edge, server and client protection “Point to Point” Solutions Security of data at rest and in transit Mobile workforce Manageability

12 Optimized access for employees, partners, and customers from virtually any device or location Secure Remote Access Enhanced connectivity and security for remote sites and applications Branch Office Security Increased resiliency for IT infrastructure from Internet-based threats Internet Access Protection

13 Multiple scan engines at multiple layers throughout the corporate infrastructure provide maximum protection against e-mail and collaboration threats Advanced Protection Tight integration with Microsoft Exchange, Windows-based SMTP, SharePoint and Office Communications Servers maximizes availability and management control Availability and Control Ensures organizations can eliminate inappropriate language and dangerous attachments from internal and external communications Secure Content

14 Unified malware protection for business desktops, laptops, and server operating systems that is easy to manage and control One spyware and virus protection solution Built on protection technology based Effective threat response Unified Protection One simplified security administration console Define one policy to manage client protection agent settings Integrates with your existing infrastructure Simplified Adminis- tration One dashboard for visibility into threats and vulnerabilities View insightful reports Stay informed with state assessment scans and security alerts Visibility and Control

15 Client and Server Operating System Server Applications Edge Microsoft Forefront provides greater protection and control over the security of your business’ network infrastructure

16 Management System System Center, Active Directory GPO Forefront Edge and Server Security, NAP Perimeter Network Access Protection, IPSec Internal Network Forefront Client Security, Exchange MSFP Device SDL process, IIS, Visual Studio, and.NET Application BitLocker, EFS, RMS, SharePoint, SQL Data User Active Directory and Identity Lifecycle Mgr Poor integration across the platform “Point to Point” Solutions Standards Adoption Compliance Reporting Manageability

17

18 Guidance Developer Tools Systems Management Active Directory Federation Services (ADFS) Identity Management Services Information Protection Encrypting File System (EFS) BitLocker™ Network Access Protection (NAP) Client and Server OS Server Applications Edge

19 ISA Server SP1 planned for 1 st half 2008 Forefront “Unified Access Gateway” planned for 1 st half CY2009 Forefront “Threat Management Gateway” planned for 1 st half CY2009 A subset of “Threat Management Gateway” features will ship as part of “Centro” Subset of “TMG” shipped in Windows Server Code Name “Centro”Subset of “TMG” shipped in Windows Server Code Name “Centro” Forefront “Unified Access Gateway” ISA Server 2006 SP1 Forefront “Threat Management Gateway” Forefront Code Name “Stirling”

20 Partner with your Microsoft Account Team to create or review your Security Action Plan Talk about Infrastructure Optimization and the value it could bring to your organization Implement a Defense-in-Depth security architecture using our advanced security technologies Leverage Microsoft prescriptive security guidance and online security training Stay informed through Microsoft Security Bulletins, Security Newsletters and Security Events

21 Microsoft Security Home Page: www.microsoft.com/securitywww.microsoft.com/security Microsoft Trustworthy Computing: www.microsoft.com/security/twcwww.microsoft.com/security/twc Microsoft Forefront: www.microsoft.com/forefrontwww.microsoft.com/forefront Infrastructure Optimization: www.microsoft.com/iowww.microsoft.com/io Microsoft Security Assessment Tool: www.microsoft.com/security/msatwww.microsoft.com/security/msat General Information: Microsoft Live Safety Center: safety.live.comsafety.live.com Microsoft Security Response Center: www.microsoft.com/security/msrcwww.microsoft.com/security/msrc Security Development Lifecycle: msdn.microsoft.com/security/sdlmsdn.microsoft.com/security/sdl Get the Facts on Windows and Linux: www.microsoft.com/windowsserver/comparewww.microsoft.com/windowsserver/compare Anti-Malware: Microsoft OneCare Live: beta.windowsonecare.combeta.windowsonecare.com Microsoft Defender: www.microsoft.com/athome/security/spyware/softwarewww.microsoft.com/athome/security/spyware/software Spyware Criteria: www.microsoft.com/athome/security/spyware/software/isvwww.microsoft.com/athome/security/spyware/software/isv Guidance Centers: Security Guidance Centers: www.microsoft.com/security/guidancewww.microsoft.com/security/guidance Security Guidance for IT Professionals: www.microsoft.com/technet/securitywww.microsoft.com/technet/security The Microsoft Security Developer Center: msdn.microsoft.com/securitymsdn.microsoft.com/security The Security at Home Consumer Site: www.microsoft.com/athome/securitywww.microsoft.com/athome/security

22 © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Mark Gibson Solution Specialist Microsoft. Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps."

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.

Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Microsoft Forefront Client Security

Microsoft Forefront Client Security
Ovidiu Pismac Account Technology Specialist MCSE Security, CISSP Microsoft Corporation.

Ovidiu Pismac Account Technology Specialist MCSE Security, CISSP Microsoft Corporation.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Secure Platform Data Protection Secure Access Malware Protection

Secure Platform Data Protection Secure Access Malware Protection
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Understanding Active Directory

Understanding Active Directory
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.

Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.

Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Optimizing Business Operations Business Priorities Presentation.

Optimizing Business Operations Business Priorities Presentation.
Windows Optimized Desktop: Enhance Security & Control.

Windows Optimized Desktop: Enhance Security & Control.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Similar presentations

Ads by Google