Presentation is loading. Please wait.

Presentation is loading. Please wait.

{ Security Technologies}

Published byOswald Holt Modified over 5 years ago

Similar presentations

Presentation on theme: "{ Security Technologies}"— Presentation transcript:

1 { Security Technologies}
Steve Lamb Technical Security Advisor, Microsoft UK

2

3 ”Effective Security”

4 Agenda Overview of Windows Server 2008 Security
Windows Service Hardening Network Access Protection Read-Only Domain Controllers AD Rights Management Auditing Resources

5 Windows Server 2008 Security
Architecture Network Access Protection Read-Only Domain Controller AD Rights Management Services Auditing

6 Windows Services Hardening
12/10/2018 1:30 AM Windows Services Hardening U Windows Services are profiled Reduce size of high risk layers Segment the services Increase number of layers K Service Service 1 Service … Service 2 Service A Service 3 Service B K Kernel Drivers U User-mode Drivers 6

7 Where is the boundary? ?

8 Network Access Protection
Internet Boundary Zone Employees , Partners, Vendors Intranet Customers Partners Remote Employees

9 Network Access Protection How It Works
Policy Servers e.g.., Patch, AV 1 1 Access requested Health state sent to NPS (RADIUS) NPS validates against health policy If compliant, access granted If not compliant, restricted network access and remediation Microsoft NPS 2 3 Not policy compliant 5 3 2 Remediation Servers e.g., Patch Restricted Network 4 Policy compliant DCHP, VPN Switch/Router Corporate Network 5 4

10 Read-Only Domain Controller
12/10/2018 1:30 AM Read-Only Domain Controller RODC Main Office Branch Office

11 AD Rights Management Do NOT Forward Let’s have a my

12 How does RMS work? Windows Server running RMS Author using Office
SQL Server Active Directory Windows Server running RMS 3 1 4 2 5 3 Author using Office The Recipient

13 Federated Rights Management
12/10/2018 1:30 AM Federated Rights Management Contoso Adatum AD AD Federation Trust Resource Federation Server Account Federation Server RMS Web SSO

14 Auditing - Comparison Windows Server 2003 Windows Server 2008

15 Updated Event Viewer

16 CLI305 Is EFS Dead? ?

17 A Quick Review BitLocker

18 New Windows Firewall Inbound and Outbound Filtering New Management MMC
Integrated Firewall and IPsec Policies Rule Configuration on Active Directory Groups and Users Support for IPv4 and IPv6 Advanced Rule Options On by Default (Beta 3)

19 Server and Domain Isolation
Active Directory Domain Controller Corporate Network Server Isolation Trusted Resource Server Servers with Sensitive Data HR Workstation X Unmanaged/Rogue Computer X Managed Computer Managed Computer Untrusted Distribute policies and credentials Define the logical isolation boundaries Enable tiered-access to sensitive resources Block inbound connections from untrusted Managed computers can communicate

20 Crypto Next Generation (CNG)
12/10/2018 1:30 AM Crypto Next Generation (CNG) Native AES 256 in the Kernel Can plug in new algorithms FIPS 140-2 ©2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

21 Please fill in your Evaluation Form

Download ppt "{ Security Technologies}"

Similar presentations

Service Manager for MSPs

Service Manager for MSPs
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.

Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.
Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.

Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Jason Leznek, Group Product Manager, Windows Client Justin Graham, Senior Product Manager, Windows Server.

Jason Leznek, Group Product Manager, Windows Client Justin Graham, Senior Product Manager, Windows Server.
Vito Konopelec Microsoft Slovakia Building The Optimized Desktop Infrastructure with Windows 7 and Windows Server 2008 R2.

Vito Konopelec Microsoft Slovakia Building The Optimized Desktop Infrastructure with Windows 7 and Windows Server 2008 R2.
Understanding Active Directory

Understanding Active Directory
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Clinic Security and Policy Enforcement in Windows Server 2008.

Clinic Security and Policy Enforcement in Windows Server 2008.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Securing Windows Servers Using Group Policy Objects

Securing Windows Servers Using Group Policy Objects
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Similar presentations

Ads by Google