Implementing Advanced Server and Client Security

Slides:



Advertisements
Similar presentations
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
Advertisements

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.
Changes in Windows XP Service Pack 2
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Information for Developers Windows XP Service Pack 2 Information for Developers.
Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor
Lesson 19: Configuring Windows Firewall
Operating Systems Day 1. Booting a Computer 1.Switch on the UPS electricity supply - green light electricity failure - red light charging – orange light.
Windows XP Service Pack 2 and the Microsoft Virtual Machine: Developer Implications Rudi Larno Developer & Platform Group Microsoft BeLux.
Module 16: Software Maintenance Using Windows Server Update Services.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
Microsoft Windows XP SP2 for Developers Rafal Lukawiecki Strategic Consultant Project Botticelli Ltd This session is based.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
Microsoft ® Official Course Module 9 Configuring Applications.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 7: Configuring TCP/IP Addressing and Name Resolution.
Hands-On Microsoft Windows Server 2008
Information for Developers Windows XP Service Pack 2 Information for Developers Tony Goodhew Product manager Developer Division Microsoft Corp
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.
Using Windows Firewall and Windows Defender
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.
Implementing Network Access Protection
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Module 14: Configuring Server Security Compliance
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
DIT314 ~ Client Operating System & Administration CHAPTER 2 INTRODUCTION TO WINDOWS XP PROFESSIONAL Prepared By : Suraya Alias.
1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Using Internet Explorer 7.0 to Access Cisco Unity 5.0(1) Web Interfaces Unity 5.0(1)
C HAPTER 2 Introduction to Windows XP Professional.
Securing the Infrastructure Windows Server 2003 SP1 and Windows XP SP2 Ken Schaefer System Engineer, MVP Avanade.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 5: Configuring Internet Explorer and Supporting Applications.
Remote Administration Remote Desktop Remote Desktop Gateway Remote Assistance Windows Remote Management Service Remote Server Administration Tools.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Windows XP Service Pack 2 Customer Awareness Workshop XP SP2 Technical Drilldown – Part 1 Craig Schofield Microsoft Ltd. UK September.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Module 7: Implementing Security Using Group Policy.
Module 10: Windows Firewall and Caching Fundamentals.
Security Configuration Wizard Keith D Miller Microsoft European Support Readiness Manager.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Module 8 Implementing Security Using Group Policy.
Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK
ITMT Windows 7 Configuration Chapter 7 – Working with Applications.
Unit 9 ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 2/17/2016 Instructor: Williams Obinkyereh.
Windows Vista Configuration MCTS : Network Security.
Lesson 6: Configuring Servers for Remote Management
Windows Server 2003 NAME: Ashraf Fakhouri
Securing the Network Perimeter with ISA 2004
How to Fi
Dynamic Web Page A dynamic web page is a kind of web page that has been prepared with fresh information (content and/or layout), for each individual viewing.
Microsoft Windows XP Inside Out Second Edition
Lesson #10 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 10 Configuring Network and Firewall Settings.
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Unit 9 NT1330 Client-Server Networking II Date: 8/9/2016
Implementing Client Security on Windows 2000 and Windows XP Level 150
Security through Group Policy
Designing IIS Security (IIS – Internet Information Service)
Windows XP SP2 & Windows Server 2003 SP1
Using Software Restriction Policies
Presentation transcript:

Implementing Advanced Server and Client Security Sandeep Modhvadia Security Technical Specialist http://blogs.msdn.com/sandeepm deep@microsoft.com

Agenda Windows Server 2003 Service Pack 1 Windows XP Service Pack 2 2 years on! Windows XP Service Pack 2

What are the Goals of SP1? Enhanced Security reduced attack surface new security enhancements Stronger Defaults and privilege reduction on services RPC DCOM Support for no execute hardware Intel AMD Windows Firewall Enabled for new install scenarios Provide a Security Configuration Wizard to assist IT Admins Role-based configuration and lockdown VPN Quarantine Client inspection Fix-up Isolation IIS 6.0 metabase auditing Enhanced Reliability Enhanced Performance 10%+ improvement in TPC, TPC-H, SAP, SSL, etc.

SP1 Security Features and Enhancements Relevant XP SP2 enhancements RPC, DCOM lockdown Windows Firewall Post-Setup Security Updates Boot-time network protection for clean installs Security Configuration Wizard Base 64-bit extension system

Windows Firewall/RPC Group policy, command line, unattended setup Goals and customer benefit Provide by default better protection from network attacks Focus on role-based server configuration What we’re doing Windows Firewall (formerly ICF) will be on by default in almost all configurations utilizing the Security Configuration Wizard More configuration options Group policy, command line, unattended setup Better user interface Boot time protection Restrict anonymous connections to DCOM/RPC interfaces Application impact In-bound network connections will not be permitted by default Listening ports only open as long as the application is running

Post-Setup Security Updates A new feature designed to protect servers between first boot and application of most recent security updates Opens on first admin login if Windows Firewall was not explicitly enabled using unattend script or GP Blocks inbound connections until customer clicks “Finish” on PSSU dialog box

Security Configuration Wizard Guided Attack Surface Reduction for Windows Servers Security Coverage Roles-Based Metaphor Disables Unnecessary Services Disables Unnecessary IIS Web Extensions Blocks unused Ports, inlcuding multi-homed scenarios Helps Secure Ports that are left open using IPSEC Reduces protocol exposure (LDAP, NTLM, SMB) Configures Audit Setting with high Signal to Noise Security for mere mortals Roles-based makes answering questions easy Automated versus Paper-Based Guidance Fully tested and supported by Microsoft

SCW Demo

What is SP2? Post-SP1 hotfixes (more regression testing) New security technologies Network protection Memory protection Safer e-mail handling More secure browsing Improved computer maintenance Some updated features

Windows Firewall enhancements New and improved user interface On by default for all network interfaces Provides boot-time security Global and per-interface configurations Exceptions list (can be disallowed) Local subnet restrictions Command-line and better group policy management Multiple profiles and RPC support Unattended setup

Command Line Control C:\>netsh firewall show The following commands are available: Commands in this context: show allowedprogram - Shows firewall allowed program configuration. show config - Shows firewall configuration. show currentprofile - Shows current firewall profile. show icmpsetting - Shows firewall ICMP configuration. show logging - Shows firewall logging configuration. show multicastbroadcastresponse - Shows firewall multicast/broadcast response co nfiguration. show notifications - Shows firewall notification configuration. show opmode - Shows firewall operational configuration. show portopening - Shows firewall port configuration. show service - Shows firewall service configuration. show state - Shows current firewall state.

Windows Firewall Demo Change of Scope Multiple Interface Rules Application Exceptions Group Policy

Internet Explorer Window restrictions What is it? Scripts can’t position or resize windows with title and status bars offscreen Scripts can’t turn off status bar Script windows: Must fit between top and bottom of parent Overlap parent horizontally Move with parent Appear above parent so that other windows (like dialog boxes) can’t be hidden Why do it? Eliminates windows that try to spoof desktop objects Allows users to always see security zone Prevents overlaying of address bar

Internet Explorer Managing pop-ups

Client Demo Software Restriction Policies Data Execution Prevention

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.