Presentation is loading. Please wait.

Presentation is loading. Please wait.

Future of the Server Room Tour. Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization Today and Tomorrow Take Control of Your.

Published byMatthew Hudson Modified over 8 years ago

Similar presentations

Presentation on theme: "Future of the Server Room Tour. Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization Today and Tomorrow Take Control of Your."— Presentation transcript:

1 Future of the Server Room Tour

2 Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization Today and Tomorrow Take Control of Your Network Bring Security to the Forefront Ottawa Montreal Calgary Vancouver Toronto

3 Security Challenges Security is still a key priority 73% of IT Pro’s fear losing their job due to security breach* 65% of attacks are initiated internally** Multiple servers, multiple different AV tools; different AV tool, different management tool Out of date AV definitions open the door to possible threats Management and monitoring of client security Ottawa Montreal Calgary Vancouver Toronto * King Research 2007 ** Gartner Report 2006

4 Defence In-Depth Ottawa Montreal Calgary Vancouver Toronto Policies, Procedures, & Awareness Physical Security Using a layered approach: Increases an attacker’s risk of detection Reduces an attacker’s chance of success OS hardening, authentication, patch management Firewalls, Network Access Quarantine Control Application hardening, antivirus ACLs, encryption, EFS Security documents, user education Perimeter Internal Network Host Application Data Guards, locks, tracking devices Network segments, IPSec, NIDS

5 3 Dimensions of Client Security Ottawa Montreal Calgary Vancouver Toronto User Account Control IE7 with Protected Mode Randomize Address Space Layout Advanced Desktop Firewall Kernel Patch Protection (64bit) Unified Virus & Spyware Protection Central Management Reporting, Alerting and State Assessment Infrastructure Software Integration Policy Based Network Segmentation Restrict-To-Trusted Net Communications Server and Domain Isolation (SD&I) Combined Solution Windows Vista™ Forefront™ Client Security

6 BitLocker Protects data when it is at rest Available in Vista and Server 2008 Provides for cost effective decommissioning Capable of almost instant disk sanitation Significantly reduces cost of PC asset decommissioning Ottawa Montreal Calgary Vancouver Toronto

7 Network Access Requests Not Compliant Policy Compliant How NAP Works Corporate Network Restricted Network Windows Client Network Access Devices NPS Active Directory Remediation Servers Health Statements QA SHA EC QS SHV Ottawa Montreal Calgary Vancouver Toronto

8 Demo DHCP Based NAP

9 Security Landscape Ottawa Montreal Calgary Vancouver Toronto

10 ForeFront Server Security Centralized management of all the ForeFront Security tools Content filtering for SharePoint Spam protection for Exchange 2007 Rapid updating of AV engines Multiple engines to better protect your servers and clients Ottawa Montreal Calgary Vancouver Toronto

11 Multiple Engine Advantage Rapid response to new threats Fail-safe protection through redundancy Diversity of anti- virus engines and heuristics Small footprint on servers Response Time (hours) Forefront Set 1 Forefront Set 2 Forefront Set 3 Vendor A Vendor B Vendor C 0406 Mytob.NQ@mm 1.51.03.19.917.42.1 0406 Mytob.NQ@mm 1.0 28.111.63.5 0406 Spybot!04C2 23.0 1.00.029.939.0 0406 Nugache.a 1.0 34.112.948.1 0506 Numuen.F 0.0 1.010.315.0 0506 Numuen.H 1.0 103.8251.9114.8 0506 Numuen.G 3.2 1.0151.8469.0 0506 Banwarum.C@mm 87.5 1.0116.773.0129.3 0506 Banwarum.B@mm 12.11.81.0116.722.532.9 0506 Rbot!E905 0.0 1,141.8217.61.0 0606 Bagle.EG 0.0 7.30.0 0606 Bagle.EH@mm 0.0 18.40.0 0606 Bagle.EG@mm 0.0 1.00.026.50.0 0606 Bagle.LY@mm 0.0 6.42.5 0706 Feebs.gen@mm 0.0 503.8 0706 Feebs.EU 0.0 52.3173.239.0 0706 Virut.A 0.0 1,317.0 > 24 hrs 4 to 24 hrs < 4 hrs 1 AVTest.org, 2006 Ottawa Montreal Calgary Vancouver Toronto

12 Unified malware protection for business desktop computers, mobile computers, and server operating systems that is easier to manage and control One solution for spyware and virus protection Built on protection technology used by millions worldwide Effective threat response Complements other Microsoft security products One console for simplified security administration Define policy to manage client protection agent settings Deploy signatures and software faster Integrates with your existing infrastructure One dashboard for visibility into threats and vulnerabilities View insightful reports Stay informed with state assessment scans and security alerts Client Security Ottawa Montreal Calgary Vancouver Toronto

13 FCS Architecture Ottawa Montreal Calgary Vancouver Toronto November 2006 13

14 ForeFront Update Distribution WSUS WSUS helper (if WSUS 2.0) Force WSUS 2.0 to sync up with Microsoft Update hourly Auto-approval rules for FCS definition updates Subscribe to FCS product category and definition update classification Failover to Microsoft Update Ottawa Montreal Calgary Vancouver Toronto

15 ForeFront Client Policies FCS policy manages the following Antimalware and Security State Assessment scan settings Signature override settings Alert levels and reporting Advanced settings Signature check frequency Path and file extension exclusions Client UI options Ottawa Montreal Calgary Vancouver Toronto

16 Demo FCS Administration

17 Deploying Policies via File Ability to deploy and report on a policy distributed outside of Group Policy Exports the policy to a.reg file Import on the client using the included “FCSLocalPolicyTool.exe” Q: Why can’t I just double-click the.reg file and import? A1: Service is listening for an update via GP, and this won’t raise the proper event – policy won’t be picked up until you stop/start the service A2: The tool creates the proper LGPO object, which is the prescribed method to update policy Can be used to distribute policy to non-AD machines (via scripts or other distribution tool) Ottawa Montreal Calgary Vancouver Toronto

18 Demo Deploying FCS

19 ForeFront Reporting Ottawa Montreal Calgary Vancouver Toronto Security Summary Alert SummaryThreat Summary State Assessment Deployment Summary

20 Ottawa Montreal Calgary Vancouver Toronto Visibility Is my environment compliant with outlined policies? Have I been exposed to and potential security threats? Are any of my clients or servers at risk?

21 Guidance Developer Tools Systems Management Active Directory Federation Services (ADFS) Identity Management Services Information Protection Encrypting File System (EFS) BitLocker™ Network Access Protection (NAP) Client and Server OS Server Applications Edge Ottawa Montreal Calgary Vancouver Toronto Putting the Puzzle Together

22 Key Points So Far.... Ottawa Montreal Calgary Vancouver Toronto Mitigate internal threats NAP/NPS to determine health of PCs Defence Deploy policies with or without AD Report on the state of AV In Centralize management MOM 2005 Built in Depth

23 Today’s Highlights Ottawa Montreal Calgary Vancouver Toronto More Control Greater Flexibility Increased Security Three Pillars Licensing Changes Familiar management tools Virtualization Monitor – not just Microsoft products Report – State of network, security auditing Act – Be proactive about maintenance Management Defence In Depth Mitigate internal threats Leverage FCS reporting to determine state of network Security

24 Resources Microsoft.ca/technet/fosr/resources Blogs.technet.com/canitpro Blogs.technet.com/cdnitmanagers Ottawa Montreal Calgary Vancouver Toronto

25 Thanks! Please Submit Your Evaluations! 9 is good, 1 is bad! Please tell us how we can do better!

26 Winners! Ottawa Montreal Calgary Vancouver Toronto

27 Questions

28 Ottawa Montreal Calgary Vancouver Toronto © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Future of the Server Room Tour. Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization Today and Tomorrow Take Control of Your."

Similar presentations

The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Microsoft Forefront Client Security

Microsoft Forefront Client Security
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.

Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Jamie Sharp Security Architect Microsoft Corporation

Jamie Sharp Security Architect Microsoft Corporation
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.
 Alexander Malek Lead Program Manager SharePoint Microsoft Corporation BB47.

 Alexander Malek Lead Program Manager SharePoint Microsoft Corporation BB47.
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Session 1.

Session 1.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Similar presentations

Ads by Google