Vista Impact on Higher Ed Security Cam Beasley, ISO Craig Blaha, Manager of Special Projects The University of Texas at Austin.

Slides:

Advertisements

Similar presentations

Operating-System Structures

Advertisements

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Tom Sheridan IT Director Gas Technology Institute (GTI)

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

ITE PC v4.0 Chapter 1 1 Operating Systems Computer Networks– 2.

Module 3 Windows Server 2008 Branch Office Scenario.

-How To leverage Virtual Desktop for Manageability & Security -Desktop Computing “as a service” Andreas Tsangaris CTO, PERFORMANCE

1 Routing Simulations – Zebra Routing Software Eric Ciocca Dimitris Zacharopoulos.

Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

MCITP: Microsoft Windows Vista Desktop Support - Enterprise Section 1: Prepare to Deploy.

Chatham College Community and Computers Pervasive Computing at a Liberal Arts College Charlotte E. Lott, Ph. D. Lynda Barner West, Ed. D. Copyright Charlotte.

Cambodia-India Entrepreneurship Development Centre - : :.... :-:-

Installing software on personal computer

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

What are computers? Computers are machines that perform tasks or calculations according to a set of instructions, or programs. The first fully electronic.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.

Clinic Security and Policy Enforcement in Windows Server 2008.

Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.

Welcome Thank you for taking our training. Collection 6421: Configure and Troubleshoot Windows Server® 2008 Network Course 6690 – 6709 at

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

Windows Vista What’s new and how to support it. Windows Vista What’s New Editions Requirements Security Changes Control Panel Updates Miscellaneous Updates.

Module 4: Add Client Computers and Devices to the Network.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

Managing Windows Server 2008 R2 Lesson 2. Objectives.

Chapter SIx Maintaining a Computer Part I: Configuring, Updating, and Upgrading the OS.

Evaluation of Microsoft Windows Vista By: Richard Awusi Supervisor: John Ebden Consultants: Jill Japp and Billy Morgan.

Networking Basics Lesson 1 Introduction to Networks.

DEP351 Windows ® Rights Management (Part 2): Enterprise Readiness & Deployment Marco DeMello Group Program Manager Windows Trusted Platforms & Infrastructure.

Windows 7 Firewall.

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

Mr C Johnston ICT Teacher

Module 1: Installing and Configuring Servers. Module Overview Installing Windows Server 2008 Managing Server Roles and Features Overview of the Server.

Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Cisco Discovery Home and Small Business Networking Chapter 2 – Operating Systems Jeopardy Review Darren Shaver – Kubasaki High School – Okinawa, Japan.

Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community

Module 5: Designing Security for Internal Networks.

Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.

ORGANIZING IT SERVICES AND PERSONNEL (PART 1) Lecture 7.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

1 Windows 2008 Server Manager. 2 Server Manager Gives ability to perform effectively server administration without needing to launch a multitude of tools.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

RMM / MDM Cloud Partner Training Series September 2015.

By Daniel Grim. What Is Windows NT? IPSEC/Windows Firewall NTFS File System Registry Permissions Managing User Accounts Conclusion Outline.

1 Evolution and Revolution: Windows 7 and Desktop Virtualization Changing the Desktop Support Landscape Denise Harrison, CIO and Vice President.

Moving Small Business Server into the Future. STANDARD Workload Optimized DATACENTER Virtualization Optimized Virtualization SKUs ESSENTIALS Small Business,

Introducing Windows Vista Lesson 1. Skills Matrix Technology SkillObjective DomainObjective # Understanding Windows Vista System Requirements Identify.

Introduction to Windows Server 2008

Network Operating System Lab

Popular Operating System Chapter 8

SmartHOTEL Planner Add-In for Outlook: Office 365 Integration Enhances Room Planning, Booking, and Guest Management for Small Hotels and B&Bs OFFICE 365.

Migrating your IaaS infrastructure from ASM to ARM without downtime

Securing the Network Perimeter with ISA 2004

Networking for Home and Small Businesses – Chapter 2

Microsoft Virtual Academy

Microsoft Virtual Academy

Networking for Home and Small Businesses – Chapter 2

Technology Convergence

Introducing Windows Operating Systems

Deploying and Managing Windows To Go

Presentation transcript:

Vista Impact on Higher Ed Security Cam Beasley, ISO Craig Blaha, Manager of Special Projects The University of Texas at Austin

Overview  Corporate vs. HE  ITS at UT, TAP program  Big picture – get in front of it  User account protection  Firewall  Bitlocker  Collaboration  Network access protocol  Command line  IPV6

Primary Customer - Corporate?  Vista great for homogenous, centrally managed environment  With 63k+ machines attached to the network, managed by individuals or various departments.

Application Programming Network Management User Support Application Programming Network Management User Support Administrative Decisions Operations CIO Security Purchasing Corporate Hierarchy

Application Programming Network Management User Support Application Programming Network Management User Support Administrative Decisions Operations CIO Security Purchasing Administrative Decisions Operations Administrative Decisions Operations Administrative Decisions Operations Application Programming Administrative Decisions Application Programming Network Management User Support Application Programming Network Management User Support Administrative Decisions Operations CIO Security Application Programming User Support Application Programming User Support Application Programming Purchasing Security Purchasing CIO Operations Application Programming Administrative Decisions Operations Application Programming Network Management User Support Application Programming Network Management User Support Administrative Decisions Operations CIO Security Purchasing HE - The Explosion of Corp.

UT Technical Overview  Over 119 instances of exchange  Utnet is one of the largest single networks in the country, supporting 1836 subnets and ~350 subdomains.  Every flavor of OS  16 academic departments, many administrative departments and independent entities each with the capacity and freedom to make their own IT decisions

UT Overview  Founded in 1883  Flagship of the 15- campus university of texas system, with 6 medical centers  51,000 students; 11,000 degrees/year  300,000 continuing ed enrollments  3,000 faculty, 18,000 staff  Over 450,000 alumni

TAP Program  Technology adoption program  Over 100 participants, 3 higher ed research institutes  2 beta tests, one with 25 machines another with 100.  Commitment to deploy vista widely after RTM

Prepare For Vista  Get in front of it  CLI training  Key escrow  Enterprise level security

Hardware Requirements  Many systems on campus will not be able to support the RAM | CPU | graphics requirements of vista..  E.G., Aero, the new GUI, requires at least 128mb video RAM.  Need to upgrade to RAM (512MB) to expose the new features  Benefit:  More time to prepare and test  Issue:  What is the tipping point?

User Account Protection  Limits the chances of an application installing or making changes silently  Issue:  User account protection = pop-up fatigue?  Examples of when this is required… make fonts larger or smaller, control panel mouse, battery power, add or remove user accounts

Firewall  Easy to write and share rules with users  3 flavors - sane, paranoid and ultra-paranoid  Issue:  May conflict with existing firewalls  Initial confusion (breaking apps?)  Potential for user misconfiguration

Bitlocker  Great potential - HIPAA, research data BPM, stolen laptops etc.  De-commissioning made easy  Issue (?)  Potential boat anchor creator - users can mistakenly kill all of their own data  When employee leaves, we can be locked out.  All managed machines compromised if AD is vulnerable  Check on state key escrow requirements

Collaboration  New P2P protocol – peer name resolution protocol (PNRP) – on by default in last build  Users and applications can communicate with each other  Find people near me  P2P happens, might as well be secure  Issue  Could be used in new botnet command & control scenarios.

NAP  Network access protocol – NAP if using longhorn server (replacement for other network access control devices?)

Complexity and Command Line  2500 GPO’s added to registry  Adds to level of control  Adds to complexity  Command line driven

IP Stack  IPV6 on by default  Each interface has its own routing table  Can allow for transmission of sensitive data over secure channels only.  Ex.: Isolation between data going through a VPN interface vs. Regular network interface  May decrease the chance of inadvertent routing of private network data over public network

Conclusion  Get your organization to support a professionally (centrally) managed windows environment, so that all of the new vista features can be properly leveraged.  Watch Star Trek re-runs.