Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Published byCalvin Palmer Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline."— Presentation transcript:

1 1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline Security Analyzer

2 Security Configuration Wizard Security Configuration Wizard (SCW) –Provides a step-by-step wizard for hardening your network servers –Available in Administrative Tools Security policies can be created for: –Role-based service configuration –Network security –Registry settings –Audit policy MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 2

3 Windows Firewall Allows users to turn the firewall off or on By default, Windows Firewall is turned on and allows exceptions for programs and ports Allows you to create exceptions for inbound traffic Exception –Instruction to open a port briefly, allow a program or service to pass information, and then close the port MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 3

4 4

5 5

6 Windows Firewall with Advanced Security Used to manage Windows Firewall based on port, services, applications, and protocols MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 6

7 Windows Firewall with Advanced Security Available Nodes: –Inbound rules –Outbound rules –Connection security rules –Monitoring Available network profiles –Public –Private –Domain Deploying Windows Firewall Settings via Group Policy – WFAS allows you to import or export firewall policies MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 7

8 BitLocker Provides hard drive–based encryption of servers and Windows Vista computers Encrypts entire Windows system volume of a computer running Windows Server 2008 Designed to enhance protection against data theft or exposure on computers that are lost or stolen MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 8

9 BitLocker (continued) Four authentication modes used by BitLocker –BitLocker with a TPM –BitLocker with Universal Serial Bus (USB) flash drive in place of TPM –BitLocker with a TPM and a personal identification number (PIN) –BitLocker with a TPM and a USB flash drive MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 9

10 BitLocker (continued) Installing BitLocker –Hard drive that supports BitLocker needs to be configured before installing BitLocker –BitLocker requires at least 1.5 GB of unallocated or available drive space –System volume is responsible for maintaining the unencrypted boot information –Boot volume will contain the OS files and be encrypted by BitLocker MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration 10

11 Updating Windows Server 2008 Windows Update (in Control Panel) –Suite of tools and services for applying updates to systems –Responsible for download and install updates from Microsoft –Requires access to the Internet 11

12 Windows Server Update Services Benefits: –Centralizes the updating tasks for client and server –Minimizes effects on the WAN connection –Improves network security and reliability –Improves installation of relevant updates –Targets updates to specific computers and groups Basic requirements before installing WSUS 3.0 SP1 –Microsoft Internet Information Services (IIS) 7.0 –Microsoft Report Viewer Redistributable 2005 –Minimum of 6 GB of free space for storing downloaded updates –WSUS requires a database to keep records of updates Internal DB or SQL Sever 2005 SP1 or later Windows authentication (SQL authentication is not supported) 12

13 Working with WSUS –WSUS Administrative console allows you to: Generate reports  Daily/Weekly reports via email & email when updates are synchronized. Manage updates Monitor the computer through the console –WSUSutil.exe: a command-line tool managing WSUS 13

14 14

15 Windows Server Update Services Configuring clients –To use the WSUS server for updates –Clients must be Windows 2000 SP3 or later –By default, client checks for update every 17 – 22 hrs. Approving and deploying updates –Using the Update Services console, you can control Which updates are applied Which computers receive the updates When the updates are distributed 15

16 Microsoft Baseline Security Analyzer 2.1 A tool to analyze your current security posture MBSA scans for missing security updates for the following products –Windows 2000 SP4 and later –Microsoft Office XP and later –Microsoft Exchange Server 2000 and later –Microsoft SQL Server 2000 SP4 and later MBSA –Free download from Microsoft –Can be used on a local computer or to connect to one or more remote computers on your network Options for running MBSA on remote computers –Domain name and IP address range 16

17 Microsoft Baseline Security Analyzer (Continue) When MBSA scans a computer, it creates a report that is organized into the following areas –Security Assessment –Security Update Scan Results –Windows Scan Results –Internet Information Services (IIS) Scan Results –SQL Server Scan Results –Desktop Application Scan Results Scanning a computer with MBSA –You can perform MBSA scans using: The GUI-based tool The mbsacli.exe command- line tool –Requires Internet connectivity –Can scan computer, remote computer, or groups of remote computers. 17

Download ppt "1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline."

Similar presentations

Rodney Buike IT Pro Advisor, Microsoft Canada

Rodney Buike IT Pro Advisor, Microsoft Canada
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.

MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Similar presentations

Ads by Google