Download presentation
Presentation is loading. Please wait.
1
Implementing Client Security on Windows 2000 and Windows XP Level 150
17/01/ :22 Implementing Client Security on Windows 2000 and Windows XP Level 150 Sandeep Modhvadia Security Technical Specialist © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
2
The Defense-in-Depth Model
17/01/ :22 The Defense-in-Depth Model Policies, Procedures, & Awareness Physical Security Data ACLs, encryption, EFS Application Application hardening, antivirus OS hardening, authentication, patch management, HIDS Host Internal Network Network segments, IPSec, NIDS Firewalls, Network Access Quarantine Control Perimeter Guards, locks, tracking devices Security documents, user education © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
3
Implementing Network & Perimeter Security
17/01/ :22 Implementing Network & Perimeter Security Next Implementing Advanced Server and Client Security Wednesday: 11:00 – 1215 Implementing Application & Data Security Wednesday: 0930 – 1045 Wireless Security: Let the Nightmare End! Wednesday: 15:50 – 17:05 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
4
Client Attack Vectors Malicious e-mail attachments
17/01/ :22 Client Attack Vectors Malicious attachments Malicious Web content Port-based attacks Buffer overrun attacks © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
5
Enterprise Attack Vectors
17/01/ :22 Enterprise Attack Vectors Potentially infected remote client Potentially infected local client © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
6
Threats Vectors & Countermeasures
17/01/ :22 Threats Vectors & Countermeasures Group Policy Overview Web / Applications Remote Network Attacks WorkStation Lockdown Remediation © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
7
Group Policy Overview Centralised management & control
17/01/ :22 Group Policy Overview Centralised management & control The Windows XP administrative templates have over 850 settings The Windows XP Security Guide includes 10 additional administrative templates Two domain templates that contain settings for all computers in the domain Two templates that contain settings for desktop computers Two templates that contain settings for laptop computers Registry & Local Admin Scripts and Local Policy © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
8
Web / Email Browser Lockdown URL Access lists Pop Ups
17/01/ :22 Web / Browser Lockdown Disable Everything? Sign Active X Add on manager URL Access lists Trusted Sites prevents phishing Pop Ups Security risk – not just a nuisance Attachments / SPAM Stop unmanaged IM Internal Applications Internet Explorer 7 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
9
Applications Patching Applications (& Servers) Application Data
17/01/ :22 Applications Patching Applications (& Servers) Hardening Applications Windows/Microsoft Update Services Application Data No Execute – hardware / software (GS Flag) Internet Connectivity Application Trust Software Restriction Policies Administrator Access © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
10
Remote Network Attacks
17/01/ :22 Remote Network Attacks Windows Firewall Boot Time Protection Roaming Profiles / Management 3rd Party Integration Egress Filtering Wireless Security SSID, Macs, WEP, WPA Remote Access VPN, SSL Apps, Web Apps © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
11
Local Threats Local Administrators Access Control Lists & Encryption
17/01/ :22 Local Threats Local Administrators Strong Passwords Access Control Lists & Encryption Hard Drive Removal Cracking Tools Keyloggers….. Auditing BIOS Locks Multi Factor Authentication Locking Machines USB / Devices © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
12
Countermeasures Firewalls Antivirus / Anti Spyware
17/01/ :22 Countermeasures Firewalls Antivirus / Anti Spyware Application / OS Lockdown Patch Management User education © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
13
Please complete your Evaluation Forms
17/01/ :22 Event Information What’s Next? Technical Roadshow Post Event Website Available from Monday 18th April Please complete your Evaluation Forms © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
14
17/01/ :22 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Similar presentations
