Securing your data Security with Microsoft Infrastructure and Internet Explorer Matt Kestian Strategic Security Advisor | National Security Team | Microsoft.

Slides:



Advertisements
Similar presentations
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Advertisements

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Paula Kiernan Senior Consultant Ward Solutions
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Implementing Application and Data Security Fred Baumhardt Senior Consultant – Security and Architecture Microsoft Consulting Services - UK.
Secure Messaging Nick Hall & James Clifford Microsoft.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 7 HARDENING SERVERS.
Implementing Application and Data Security Presenter Name Job Title Company.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Essentials of Security Steve Lamb Technical Security Advisor
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Internet Explorer Today & Tomorrow Margaret Cobb Internet Explorer Product Manager Windows Client Group microsoft.com Microsoft Corporation.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
A Holistic Approach to Malware Defense Bruce Cowper Senior Program Manager; Security Initiative Microsoft Canada.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.
Securing Microsoft® Exchange Server 2010
Module 14: Configuring Server Security Compliance
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Module 7 Planning Server and Network Security. Module Overview Overview of Defense-in-Depth Planning for Windows Firewall with Advanced Security Planning.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Module 6: Designing Security for Network Hosts
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Module 11: Designing Security for Network Perimeters.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Security fundamentals Topic 10 Securing the network perimeter.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Advancing Security Progress and Commitment Stuart Okin Chief Security Advisor – Microsoft UK Delivering on security (an update on progress)
Implementing Application and Data Security Brjann Brekkan Senior System Engineer Microsoft.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
IS3220 Information Technology Infrastructure Security
Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK
Securing Tomorrow’s World Microsoft Security Roadmap Ed Gibson & Steve Lamb Microsoft Ltd.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Security fundamentals
.
Critical Security Controls
Configuring Windows Firewall with Advanced Security
HARDENING CLIENT COMPUTERS
Securing the Network Perimeter with ISA 2004
Microsoft’s Security Strategy
Cybersecurity Strategy
{ Security Technologies}
Implementing Client Security on Windows 2000 and Windows XP Level 150
Designing IIS Security (IIS – Internet Information Service)
6. Application Software Security
Using Software Restriction Policies
Presentation transcript:

Securing your data Security with Microsoft Infrastructure and Internet Explorer Matt Kestian Strategic Security Advisor | National Security Team | Microsoft Corporation | March 11,2005 Version 1.0

Microsoft Confidential – NDA Material Agenda Some true stories….. Phishing/Malware Demonstration Strategy for securely browsing with internet explorer Defense in Depth Securing the perimeter Securing the network Securing the hosts Securing applications Securing the data

Microsoft Confidential – NDA Material True stories from the field Phishing gone high tech Bank in Latin America between two companies (actually this one is personal)

Microsoft Confidential – NDA Material Internet Explorer in XP SP2 More Secure Infrastructure Zone & domain restrictions Block suspicious content Anti-spoofing More User Control Download monitoring Pop-up blocker Information bar Add-on manager Key improvements: Major upgrade focused on security mybank.com evilhacker.com Internet Intranet Trusted Sites Local Machine Can’t elevate privileges Locked Can’t see across domains Zone/Domain Security Download Monitoring

IE Security Improvements in XP SP2

Microsoft Confidential – NDA Material Post XP SP2 Observations Strengths Big security investments were worthwhile Balance of app compat and security seems good Opportunities to Improve Needed to consider cleanup, not just protection Info disclosure just as important as code execution Servicing IE with the OS is difficult for some customers Configuration management – are we doing all we can? Everyone wants new features – even security pros IE 7 will beta this summer with even more phishing and malware protection

Microsoft Confidential – NDA Material Threat Modeling Spoofing An unauthorized user impersonating a valid user Tampering An attacker illegally modifying or destroying data Repudiation Ability of a user to deny performing an action Information Disclosure Releasing information to unauthorised users Denial of Service Causing the system to be unavailable to valid users Elevation of Privilege An attacker illegally gains a higher level of access

Microsoft Confidential – NDA Material Web servers Exchange front end DNS IDS Exchange Directory Web apps LOB apps SMS/MOM DNS Directory SQL cluster Disk array Desktops [VLAN] Attack Methodologies  Reconnaissance - Port Scanning network mapping 2Search for known vulnerabilities 3Exploit the vulnerabilities 4Take ownership – Elevate Privileges Download hacker tools, backdoors, rootkits, etc Download hacker tools, backdoors, rootkits, etc 5Perform unauthorized activities Determine other targets and attack them 6Steal the Data 7Cover your tracks Clear Audit Trails X X X X X

Microsoft Confidential – NDA Material Policies, Procedures, & Awareness Physical Security Perimeter Network Host Application Data Defense in Depth An organizing framework for Security Layered Portfolio of Countermeasures Reduce the chance of a single point of vulnerability

Microsoft Confidential – NDA Material Perimeter Layer  The Internet  Branch offices  Business partners  Remote users  Wireless networks  Internet applications Network perimeters include connections to: Business Partner Internet Services LAN Main Office LAN Internet Services Branch Office LAN Wireless Network Remote User Internet

Microsoft Confidential – NDA Material Business Partner Internet Services LAN Main Office LAN Internet Services Branch Office LAN Wireless Network Remote User Internet Perimeter Layer Compromise  Attack on corporate network  Attack on remote users  Attack from business partners  Attack from a branch office  Attack on Internet services  Attack from the Internet Network perimeter compromise may result in:

Microsoft Confidential – NDA Material Perimeter Layer Protection  Firewalls  Blocking communication ports  Port and IP address translation  Virtual Private Networks  Tunneling protocols  Filter traffic- SMTP, Spam blocking, proxy technologies  VPN quarantine Network perimeter protection includes: Business Partner Internet Services LAN Main Office LAN Internet Services Branch Office LAN Wireless Network Remote User Internet

Microsoft Confidential – NDA Material ISA Server 2004 Application level FW VPN Quarantine Sybari Antigen – Anti-Virus, Anti-Spam Lab Unmanaged guest

Microsoft Confidential – NDA Material Network Layer Marketing Human Resources Finance Sales Wireless Network

Microsoft Confidential – NDA Material Network Layer Compromise Unauthorized access to systems Sniff packets from the network Unexpected communication ports Access all network traffic Unauthorized access to wireless networks

Microsoft Confidential – NDA Material Security Zones Tier Restrictions Intra-zone Tier Communication Restrictions Inter-zone Communication Restrictions

Microsoft Confidential – NDA Material Network Layer Protection Implement mutual authentication Segment the network (Vlan, internal FW) Encrypt network communications Block communication ports Control access to network devices Sign network packets Multi home some servers

Implementing IPSec Policy

Microsoft Confidential – NDA Material Host Layer Specific network role Operating system configuration The term “host” is used to refer to both workstations and servers

Microsoft Confidential – NDA Material Host Layer Compromise Unsecured Operating System Configuration Unmonitore d Access Exploit Operating System Weakness Distribute Viruses

Microsoft Confidential – NDA Material Malicious Web content Buffer overrun attacks Port-based attacks Malicious attachments Malicious attachments Attack Vectors Days to exploit and complexities around patching makes patching a less effective defense strategy

Microsoft Confidential – NDA Material Windows XP Service Pack 2 Windows Server 2003 Service Pack 1 Microsoft Windows AntiSpyware Software Restriction Policies Future: Network Access Protection

Microsoft Confidential – NDA Material Manage configuration changes Host Layer Protection Harden operating system Install security updates Implement auditing Disable or remove unnecessary services Install and maintain antivirus software Use Group Policy – implement templates XP and Server Run AV and keep up to date Implement IPSec for mutual authentication Restrict anonymous access where able Rename the admin account disable guest Use Windows Firewall

Microsoft Confidential – NDA Material Application Layer Applications That Create and Access Data Server Applications (for example, Exchange Server or SQL Server) Security issues specific to applications Functionality must be maintained

Microsoft Confidential – NDA Material Application Layer Compromise Loss of application Execution of malicious code Extreme use of application Unwanted use of applications

Microsoft Confidential – NDA Material Application Layer Protection Enable only required services and functionality Configure application security settings Install security updates for applications Install and update antivirus software Run applications with least privilege

Microsoft Confidential – NDA Material Data Layer Documents Directory Applications

Microsoft Confidential – NDA Material Data Layer Compromise Documents Directory Applications View, Change, or Modify Information Interrogate Directory Files Replace or Modify Application Files

Microsoft Confidential – NDA Material Persistent information protection New “lockbox” business scenarios Deployment, usability enhancements Offline support FIPS compliance Smartcard integration Technology Investments

Microsoft Confidential – NDA Material Data Layer Protection Encrypt files with EFS Secure SQL server according to SQL server security guidelines Move files from the default location Create data backup and recovery plans Protect documents and with Windows Rights Management Services Utilize NTFS Access control lists

Microsoft Confidential – NDA Material Microsoft Baseline Security Analyzer (MBSA) v1.2 Virus Cleaner Tools Systems Management Server (SMS) 2003 Software Update Services (SUS) SP1 Internet Security and Acceleration (ISA) Server 2004 Standard Edition Windows XP Service Pack 2 Patching Technology Improvements (MSI 3.0) Systems Management Server 2003 SP1 Microsoft Operations Manager 2005 Windows malicious software removal tool Windows Server 2003 Service Pack 1 Windows Update Services ISA Server 2004 Enterprise Edition Windows Rights Management Services SP1 Windows AntiSpyware System Center 2005 Windows Server 2003 “R2” Visual Studio 2005 Vulnerability Assessment and Remediation Active Protection Technologies Antivirus Prior H2 04 Future 2005

© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.