Urs P. Küderli Principal Security Architect Microsoft.

Slides:



Advertisements
Similar presentations
Ljubomir Ivaniš CPU d.o.o.
Advertisements

Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.
System Operation Manager 2007 R2 im Überblick SESSION: I207 Walter Pitrof Technology Solution Professional Microsoft Switzerland
Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.
Microsoft Forefront Client Security
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Secure Platform Data Protection Secure Access Malware Protection
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Unified Logs and Reporting for Hybrid Centralized Management
Security and Policy Enforcement Mark Gibson Dave Northey
Laurent Bugnion Senior User Experience Developer IdentityMine.
Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.
Mark Gibson Solution Specialist Microsoft. Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps.
Bernd Schneider Technical Solution Professional - BI Microsoft Schweiz.
Christian Binder Senior Platform Strategy Manager Microsoft.
Getting Ready for Network Access Protection Jeff Alexander Technology Advisor Microsoft.
Ronnie Saurenmann Microsoft Switzerland
Ingo Rammer thinktecture.
Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.
Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Gavin Carius Architect Microsoft Services SVR311.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
Clinic Security and Policy Enforcement in Windows Server 2008.
Dominik Zemp TSP Security Microsoft Switzerland
Sascha P. Corti Developer Evangelist Microsoft Switzerland
Christian Jäggli Principal Consultant Microsoft Corporation.
Markus Erlacher Technical Specialist Microsoft Corporation.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.
Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.
© British Telecommunications plc BT Managed Services Innovate
Patch Management Only part of the solution….. Bob Isaak Mar 04, 2004.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Doug Cavit Chief Security Strategist Trustworthy Computing.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
The Infrastructure Optimization Journey Kamel Abu Ayash Microsoft Corporation.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.
Module 6: Designing Security for Network Hosts
Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community
Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.
Exchange Deployment Planning Services Exchange 2010 Complementary Products.
Ken Casada Developer Evangelist Microsoft Switzerland
May 30 th – 31 st, 2007 Chateau Laurier Ottawa. Getting it Done: Understanding the Security Features of Windows Vista Kai Axford, CISSP, MCSE-Security.
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and.
Walter Pitrof Technology Solution Professional Microsoft Switzerland Client Lifecycle Management mit Configuration Manager 2012 Chris Greuter Partner |
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Asif Jinnah Field Desktop Services Enabling a Flexible Workforce, an insider’s view.
Enabling Secure Always-On Connectivity Gustav Kaleta Partner Technology Advisor Microsoft Corporation.
Provided Under NDA - Secure Access to Corporate Resources.
Cloud-First, Modern Windows Management and Security
Forefront Security ISA
Threat Management Gateway
Check Point Connectra NGX R60
TechEd /7/ :16 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Implementing Client Security on Windows 2000 and Windows XP Level 150
Increase and Improve your PC management with Windows Intune
Security in the Real World – Plenary Day One
In the attack index…what number is your Company?
Presentation transcript:

Urs P. Küderli Principal Security Architect Microsoft

Access to information from wherever and whenever Access to information on any device User-friendly, transparent Low TCO Security Demand for access Different access, authentication and authorization systems Different encryption technologies No interoperability ComplexExpensiveSecurity Escalating threats

Defense in Depth Identity & Access SDL and SD3 Threat Mitigation Threat Mitigation Security Development Lifecycle process Engineered for security Design threat modeling SD3: Secure by Design Secure by Default Secure In Deployment Automated patching and update services Windows Firewalls Protected Mode Web browsing Windows Server only installs what it needs, reduces attack surface Non-administrator users (UAC) Server & Domain Isolation (SDI) Advanced Memory Management (ASLR) Encrypted disk & file systems User controllable, authenticated identity Authenticated, authorized groups & individuals Policy-enforced access control to resources & data Federated personal & corporate identities Microsoft Security Response Center (MSRC) Microsoft Malware Protection Center (MMPC) Windows Live OneCare and Forefront Client Security, powered by the Microsoft Malware Protection Center Malicious Software Removal Tool (MSRT) (Network Access Protection (NAP/NAC)

Current Strategies No Strategy VisionVision Integrated Solutions Defense in Depth Integrated Identity SDL and SD3 Threat Mitigation Point Solutions Information Protection FirewallsFirewalls patchingpatching FirewallsFirewalls Anti-phishingAnti-phishing Anti-spywareAnti-spyware Anti-virusAnti-virus Identity Management phishing No Policy viruses malware denial of service data theft identity theft End-to-End Trust “I+4A” Social Economic Trusted Stack Data People Software Hardware Integrated Protection SDL & SD3 Defense in Depth Threat Mitigation Political

“I+4A” SDL and SD3 SD3 Defense in Depth ThreatMitigation Trusted Hardware SecureFoundation Core Trust Components Identity Claims Authentication Authorization Access Control Mechanisms Audit Trusted People TrustedStack Trusted Data Trusted Software Integrated Protection

How RAS worked at MS RAS Statistics: 55,000 unique users monthly 850,000 connections/month 45 seconds median time to successfully connect through quarantine 1700 Helpdesk calls per month Two Engineers 154 servers

Increase Agility More easily adapt to changing business needs and workforce trends, including tough new regulatory standards Boost Productivity Control IT costs by leveraging existing infrastructure investments Improve Protection Protect critical business information end-to-end and more effectively manage identities across the enterprise

Identity Strong two-factor authentication Role-based access to resources Federation with partners and customers Flexible, pervasive PKI infrastructure Protection Policy-based security controls and automated remediation Layered endpoint security solutions Secure platform Updates, anti-malware, firewall verified and controlled by policy Authenticated transactions via PKI and IPSec/IPv6 Endpoint encryption and data access controls

Networks Policy-based network access controls with auto- remediation IPSec support for flexible and secure domain isolation IPv6 for expanded address space and auto-config Gateways for older or less-capable platforms Ability to authenticate all network-level transactions Manageability Define and distribute security and group policies Asset and configuration management Patch distribution for applications and OS

Cost Benefits Reduced MSIT hardware compared to current VPN solution Scalability of Solution Reduced traffic/usage of the Proxies User Benefits Extends corpnet seamlessly to remote user No user initiation to connect Single Sign on Always on Easy to use; consistent experience Use Peer to Peer Technologies Security Benefits Promotes end-to-end host-based security System is always reachable (for scans, Group Policy, patching ) Proactive health (always checking for NAP, GPO, can be scanned while remote etc.)

Presentations TechDays: MSDN Events: MSDN Webcasts: MSDN Events MSDN Events: Save the date: TechEd 2009 Europe, 9-13 November 2009, Berlinhttp:// MSDN Flash (our by weekly newsletter) Subscribe: MSDN Team Blog RSS: Developer User Groups & Communities Mobile Devices: Microsoft Solutions User Group Switzerland: Managed User Group of Switzerland: FoxPro User Group Switzerland:

Presentations TechDays: TechNet Events TechNet Events: Save the date: TechEd 2009 Europe, 9-13 November 2009, Berlinhttp://technet.microsoft.com/de-ch/bb aspx TechNet Flash (our by weekly newsletter) Subscribe: Schweizer IT Professional und TechNet Blog RSS: IT Professional User Groups & Communities SwissITPro User Group: NT Anwendergruppe Schweiz: PASS (Professional Association for SQL Server):

7. – 8. April 2010 Congress Center Basel

Classic Sponsoring Partners Media Partner Premium Sponsoring Partners

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.