10. Fluffy’s Safe Right?

11. If you want to limit a user’s functionality, don’t make them an administrator.

13. BILLION DOLLAR/EURO LAPTOP PROBLEM Europe 2010 275 Organizations +72,000 laptops lost ~1.79 Billion Euros United States 2010 329 Organizations +86,000 laptops ~2.1 Billion Dollars

14. HIPAA Breach: Stolen Hard Drives March 2012: Large Medical Provider in Tennessee paying $1.5 million to the US Dept. Health & Human Services Theft of 57 hard drives that contained protected health information (ePHI) for over 1 million individuals Secured by: Security Patrols Biometric scanner Keycard scanner Magnetic locks Keyed locks “71% of health care organizations have suffered at least one data breach within the last year” -Study by Veriphyr

37. Parent Partition Virtualization Service Providers (VSPs) Windows Kernel Server Core Virtualization Stack Device Drivers Hypervisor VM Worker Processes VMMS Service WMI Provider Virtual Machines Kernel Mode User Mode Virtualization Service Clients (VSCs) OS Kernel EnlightenmentsVMBus Guest Applications Provided by: Windows ISV Hyper-V APICMMU CPU Storage NIC VID Kernel Mode User Mode

65. Physical NIC Root Partition Extensible Switch Extension Protocol Extension Miniport Host NIC VM NIC VM1 VM NIC VM2  Capture extensions can inspect traffic and generate new traffic for report purposes  Capture extensions do not modify existing Extensible Switch traffic  Example: sflow by inMon  Windows Filter Platform (WFP) Extensions can inspect, drop, modify, and insert packets using WFP APIs  Windows Antivirus and Firewall software uses WFP for traffic filtering  Example: Virtual Firewall by 5NINE Software  Forwarding extensions direct traffic, defining the destination(s) of each packet  Forwarding extensions can capture and filter traffic  Examples: – Cisco Nexus 1000V and UCS – NEC ProgrammableFlow's vPFS OpenFlow Capture Extensions (NDIS) Windows Filter Platform (WFP) Forwarding Extensions Forwarding Extensions (NDIS) Filtering Engine BFE Service Firewall Callout

70. IPsec Task Offload: Microsoft expects deployment of Internet Protocol security (IPsec) to increase significantly in the coming years. The large demands placed on the CPU by the IPsec integrity and encryption algorithms can reduce the performance of your network connections. IPsec Task Offload is a technology built into the Windows operating system that moves this workload from the main computer's CPU to a dedicated processor on the network adapter. SR-IOV is a specification that allows a PCIe device to appear to be multiple separate physical PCIe devices. The SR-IOV specification was created and is maintained by the PCI SIG, with the idea that a standard specification will help promote interoperability. SR-IOV works by introducing the idea of physical functions (PFs) and virtual functions (VFs). Physical functions (PFs) are full-featured PCIe functions; virtual functions (VFs) are “lightweight” functions that lack configuration resources. Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.

88. Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at www.2013mms.com. Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.