Connect with life Ravi Sankar Technology Evangelist | Microsoft Corporation Ravisankar.spaces.live.com/blog

Agenda

The Malware Landscape Variations of One Trojan Increase In Potentially Unwanted Software Increase In Fraud & Phishing scam s

Deploying and properly configuring security technologies Protecting against complex attacks – securing virtual and physical machines Enabling secure access to virtual and physical assets based on policy Managing identities and their rights to manage physical and virtual machines Ensuring software running in virtual and physical machines remains up-to-date Getting critical visibility into security state into endpoints and virtual machines Responding to and remediating security issues What’s the same Securing The Virtual Environment What’s the same

Microsoft Confidential – Provided under NDA

Problems With Point Products

Value Of Infrastructure Integration

Microsoft Confidential – Provided under NDA Microsoft’s Approach To Virtualization Security

VirtualizationStackVirtualizationStack

Microsoft’s Hypervisor Windows Hypervisor Server Hardware

Root Partition Virtualization Service Providers (VSPs) Windows Kernel Server Core Device Drivers VM Worker Processes VM Mgmt Service WMI Provider... Windows Hypervisor Server Hardware Provided by: Windows 3 rd Party ISVs Hyper-V

The Complete Architecture Provided by: Windows 3 rd Party ISVs Hyper-V Virtualization Service Providers (VSPs) Windows Kernel Server Core Device Drivers VM Worker Processes VM Mgmt Service WMI Provider Windows Hypervisor Server Hardware Virtualization Service Clients (VSCs) OS Kernel Enlightenments VMBus Guest Applications

Virtualization Attacks Virtualization Service Providers (VSPs) Windows Kernel Server Core Device Drivers VM Worker Processes VM Mgmt Service WMI Provider Windows Hypervisor Server Hardware Virtualization Service Clients (VSCs) OS Kernel VMBus Guest Applications Enlightenments Windows 3 rd Party ISVs Hyper-V Hackers Attack Vectors

Attack Mitigation

Enables app to run on one computer but be accessed through another Enables app to run on a machine without installing it on the OS Complete Virtualization Solution

Complementary Security Solutions

Endpoint Security Messaging and Collaboration Application Security Network Edge Security

Simplified Management... Microsoft Identity Lifecycle Manager Provides a single view of a user’s identity and its privileges across the heterogeneous enterprise Enable end-uses to request access to physical and virtual assets through a defined workflow Physical Environment Virtual Environment WS08 and Hyper-V Authorization Manager (AzMan) for Role-Based Access Control

... And Enabled By Active Directory

Core Infrastructure Optimization

Summary

For More Information Virtualization: n Windows Server:Windows Server: server Forefront: Forefront: Identity & Access:Identity & Access: System Center: System Center:

Feedback / QnA Your Feedback is Important! Please take a few moments to fill out our online feedback form at: > For detailed feedback, use the form at Or us at Use the Question Manager on LiveMeeting to ask your questions now!

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.