Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and identity (Network Access Protection, Parental Controls)

Published byZdeňka Urbanová Modified over 5 years ago

Similar presentations

Presentation on theme: "Security and identity (Network Access Protection, Parental Controls)"— Presentation transcript:

1 Security and identity (Network Access Protection, Parental Controls)
Paulius Švagždys

2 Contents Network Access Protection
Examples of system health requirements NAP API Requirements Limitations Parental Controls Restrictions Using Parental Controls APIs Example

3 Network Access Protection
Network Access Protection (NAP) is a set of operating system components that provide a platform for protected access to private networks. The NAP platform provides an integrated way of evaluating the system health state of a network client and restricting the access until health policy requirements have been met. The Network Access Protection platform is not available starting with Windows 10.

4 Examples of system health requirements
Whether the computer has the most recent operating system updates installed. Whether the computer has the latest version of the anti- virus software signature. Whether the computer has a host-based firewall installed and enabled. Computers with a NAP client will have their health status evaluated upon establishing a network connection. NAP can restrict or deny network access to the computers that are not in compliance with the defined health requirements.

5 NAP API NAP is an extensible platform that provides an infrastructure and an API set for adding components that store, report, validate, and correct a computer's system health state.

6 Requirements For the NAP enforcement methods, programmers should be familiar with networking protocols and technologies such as Remote Authentication Dial-in User Service (RADIUS), Dynamic Host Configuration Protocol (DHCP), virtual private networks (VPNs), the IEEE 802.1X standard for wired and wireless access, and Internet Protocol security (IPsec). The NAP platform requires NAP infrastructure servers running Windows Server 2008 or later and NAP clients running Windows XP with Service Pack 3 (SP3), Windows Vista, or later operating systems.

7 Limitations NAP is not designed to secure a network from malicious users. If a computer has all the software and configurations that the network access policy requires, the computer is considered healthy or compliant, and it will be granted the appropriate access to the network. NAP does not prevent an authorized user with a compliant computer from uploading a malicious program to the network or engaging in other inappropriate behavior.

8 Parental Controls Parental Controls functionality is used to monitor and limit exposure of selected computer users to online dangers and inappropriate content. The Parental Controls technology in Windows is intended to assist diligent parents or guardians in ensuring access to appropriate materials by age or maturity level for those under their guardianship.

9

10 Restrictions (1) Every account with administrator rights has privileges to perform the parent or guardian role of viewing log data and setting policies. Parental controls may only be set on standard-rights users (formerly called Least-privileged User Accounts, or LUAs), as only they cannot alter logs and settings with Access Control Lists (ACLs) configured only for administrators to write.

11 Restrictions (2) With the exception of items such as ratings system definitions, settings available for manipulation by the Parental Controls User Interface may also be modified by exposed APIs. As a consumer technology, Parental Controls is not deployed in business SKUs.

12 Using Parental Controls APIs (1)
Development involves use of up to three APIs: Basic settings access The Parental Controls minimum compliance COM API (Compliance API) for simple access to a key subset of Parental Controls state Full settings write/read access If you need to modify settings Logging Event Tracing and Reporting system API (also referred to as ETW) for publishing activity events into the Parental Controls logs

13 Using Parental Controls APIs (2)
Developing for Parental Controls requires access to three header files: Wpc.h, WpcApi.h, and WpcEvent.h. Wpc.h is a collector that includes the settings public compliance API and event headers, so it is sufficient to include Wpc.h in application code.

14 Example Parameters: pcszSID - the SID string of the user. If this parameter is NULL, retrieve settings for the current user. ppSettings - a pointer to an IWPCSettings interface pointer. Result: S_OK - the method completed successfully. E_INVALIDARG - a pointer argument is NULL. E_FILE_NOT_FOUND - the user settings were not found. E_OUT_OF_MEMORY - there is insufficient memory to complete the operation. E_FAIL - the method failed.

15 Bibliography protection-start-page controls-portal

Download ppt "Security and identity (Network Access Protection, Parental Controls)"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Configuring Windows to run Dr.Web scanner remotely.

Configuring Windows to run Dr.Web scanner remotely.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Agenda Introduction Network Access Protection platform architecture

Agenda Introduction Network Access Protection platform architecture
Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.

Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.

Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Clinic Security and Policy Enforcement in Windows Server 2008.

Clinic Security and Policy Enforcement in Windows Server 2008.

Similar presentations

Ads by Google