Presentation is loading. Please wait.

Presentation is loading. Please wait.

WinHEC 2006 Madhurima Pawar Program Manager Microsoft Corporation

Published byPaul Miles Modified over 9 years ago

Similar presentations

Presentation on theme: "WinHEC 2006 Madhurima Pawar Program Manager Microsoft Corporation"— Presentation transcript:

1 WinHEC 2006 Madhurima Pawar Program Manager Microsoft Corporation
4/15/2017 2:43 PM How To Use The Windows Filtering Platform To Integrate With Windows Networking Madhurima Pawar Program Manager Microsoft Corporation © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Filtering Technologies Benefits of Windows Filtering Platform
WinHEC 2006 4/15/2017 2:43 PM Agenda Filtering Technologies Benefits of Windows Filtering Platform Secure Socket APIs © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Filtering Technologies
WinHEC 2006 4/15/2017 2:43 PM Filtering Technologies Pre-Windows Vista technologies Windows Vista technologies TDI filter driver WFP APIs are strongly recommended TDI is on the path to deprecation, but will be supported TDI Interface to communicate with the TCP/IP stack WSK APIs are strongly recommended Firewall hook driver in Windows 2000 allowed managing of network packets Firewall hooks no longer supported LSPs were used for high level application filtering WFP APIs are strongly recommend LSPs will continue to be supported NDIS Shim for non-IP and MAC filtering LWF are strongly recommended © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 WinHEC 2006 4/15/2017 2:43 PM Benefits Of WFP WFP robust, easier to use and provides better performance WFP provides rich functionality for better user experience WFP filters and secures network traffic WFP supports both IPv4 as well as IPv6 traffic Integrated with hardware Offload capabilities in Windows Vista © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 3rd party parental control
WinHEC 2006 4/15/2017 2:43 PM WFP Architecture Firewall Application AV Application WFP APIs Base Filtering Engine (BFE) user ALE Filtering Engine kernel TDI/WSK Stream Layer 3rd party anti-virus Transport Layer 3rd party parental control IPsec Callout APIs Network Layer Callout modules 3rd party IDS Forward Layer 3rd party NAT © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 WFP Layers Layers Data Representations Protocol specific RPC, IKE
WinHEC 2006 4/15/2017 2:43 PM WFP Layers Layers Data Representations Protocol specific RPC, IKE Stream/Data Layer Datagram and streams ALE Layers Control events Transport Layer TCP/UDP IP Packet Layer Network layer traffic and local fragments Forward Layer Forwarded traffic ICMP ICMP error packets Discard Discarded/dropped packets © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Callout A callout extends the capabilities of WFP
WinHEC 2006 4/15/2017 2:43 PM Callout A callout extends the capabilities of WFP Callouts can be registered at all layers Each callout has a unique GUID Callouts are used for Deep Inspection Packet Modification Stream Modification Data Logging Boot time security © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Callout Callout implements
WinHEC 2006 4/15/2017 2:43 PM Callout Callout implements classifyFn: Filter engine calls classify whenever there is data to be processed flowDeleteFn: Filter engine calls callout to notify when the flow is being terminated notifyFn: Filter engine calls callout about events associated with the callout © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Application Layer Enforcement
WinHEC 2006 4/15/2017 2:43 PM Application Layer Enforcement Maintains connection state for all traffic Filter-based on Local/remote address and port, protocol App ID, user ID, and machine ID IPv4 and IPv6 filtering ALE use case scenarios Port blocking Application filtering Authorization based on user id © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Application Layer Enforcement
WinHEC 2006 4/15/2017 2:43 PM Application Layer Enforcement ALE Layers FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT for authorizing port assignments, bind request etc ALE_AUTH_LISTEN for authorizing TCP listen ALE_AUTH_RECV_ACCEPT for authorizing all incoming traffic ALE_AUTH_CONNECT for authorizing all outgoing traffic ALE_FLOW_ESTABLISHED for receiving notification on established flow Filtering actions Block Permit Pend Continue Modify session timeout for UDP, broadcast, and multicast traffic © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Do you wish to grant Foo.exe access to the network?
WinHEC 2006 4/15/2017 2:43 PM ALE Pend Do you wish to grant Foo.exe access to the network? Application Foo.exe User Mode Kernel Mode ClassifyOut() ALE Firewall callout Policy store FwpsCompleteOperation0() FwpsPendOperation0() © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Stream Layer Use Case scenario Stream layer sees the TCP stream
WinHEC 2006 4/15/2017 2:43 PM Stream Layer Use Case scenario Web filtering for parental control Content filtering Stream throttling Stream layer sees the TCP stream Filtering options available at stream layer are Local/remote address and port Direction IPv4 and IPv6 filtering © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Stream Layer Layers Filtering actions FWPM_LAYER_STREAM_V4
WinHEC 2006 4/15/2017 2:43 PM Stream Layer Layers FWPM_LAYER_STREAM_V4 FWPM_LAYER_STREAM_V6 Filtering actions Block Permit Continue Pend/un-pend Need more data © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Stream Pend Application ClassifyOut() Stream Layer Firewall callout
WinHEC 2006 4/15/2017 2:43 PM Stream Pend Application Policy store User Mode ClassifyOut() Kernel Mode Stream Layer Firewall callout Policy store actionType = Defer FwpsStreamContinue0() © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Stream Need More Data Application ClassifyOut (200bytes)
WinHEC 2006 4/15/2017 2:43 PM Stream Need More Data Application Policy store User Mode ClassifyOut (200bytes) ClassifyOut (100bytes) Kernel Mode Stream Layer Firewall callout Policy store actionType = Need more data © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Stream Inject Application ClassifyOut (100bytes)
WinHEC 2006 4/15/2017 2:43 PM Stream Inject Application Policy store ClassifyOut (100bytes) ClassifyOut (200bytes) User Mode Kernel Mode Stream Layer Firewall callout Policy store actionType = Need more data 150bytes FwpsStreamInject() © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Packet Modification Use stream layer for data modification
WinHEC 2006 4/15/2017 2:43 PM Packet Modification Use stream layer for data modification Header modification NAT Proxy In place modification is NOT supported Clone original packet, drop original, and re-inject copy Clone + drop + re-inject does not incur buffer copy MAC layer modification Use NDIS LWF © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Packet Modification APIs
WinHEC 2006 4/15/2017 2:43 PM Packet Modification APIs Layers Network, Transport, Forward, Datagram, ALE send/recv Re-inject on send path Re-inject on receive path Before routing Re-inject on forward path Remotely destined © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Filter Arbitration Goals Traffic can always be inspected
WinHEC 2006 4/15/2017 2:43 PM Filter Arbitration Goals Traffic can always be inspected Traffic can be blocked even if the higher priority filter has permitted it Change the action or veto Multiple actions can be performed on the same data Permit and logging Multiple providers can inspect the traffic Firewall + IDS © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Filter Arbitration Design
WinHEC 2006 4/15/2017 2:43 PM Filter Arbitration Design Layers in Filtering Engine are divided into sub-layers Within a sub-layer filters are evaluated in weight order Evaluation stops at first match (permit/block) If a callout returns continue, next matching filter is evaluated Traffic goes through each sub-layer © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Filter Arbitration Features Overriding Veto
WinHEC 2006 4/15/2017 2:43 PM Filter Arbitration Features Overriding A block can override a permit If FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT on filters or FWPS_RIGHT_ACTION_WRITE on callouts is cleared, then action type cannot be over-riden Veto Changing the action without the write action right © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Classification Example
WinHEC 2006 4/15/2017 2:43 PM Classification Example ALE recv/accept Inbound Transport FW MSN.exe -> permit Permit * -> permit Permit FW * -> ids_callout Continue port80 -> block * -> permit Block Permit Continue * -> log_callout Resultant policy blocks inbound to port 80 block © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 3rd party Service starts
WinHEC 2006 4/15/2017 2:43 PM Boot Time Filtering 3rd party Service starts System Boot BFE starts Boot time filters Persistent filters BFE Filters © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Notification Feature support Use Case Scenarios
WinHEC 2006 4/15/2017 2:43 PM Notification Feature support Applications can register to receive notification during the addition/deletion of BFE objects Notification is available for Callout Filters Providers and provider context Layers and sub layers Flow delete Use Case Scenarios Multiple providers can better co-exit on WFP Providers can use the notification to predict the traffic flow Providers can use the notification to provide rich functional support to the user/admin Providers can use the notification to grant exceptions © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Diagnostics Feature Use Case Scenario
WinHEC 2006 4/15/2017 2:43 PM Diagnostics Feature BFE provides a rich set of eventing APIs The event APIs provide rich information around IPsec/IKE failure events, dropped packets. Audit Event APIs to get rich set of audit events Connection start/stop, policy changes Use Case Scenario Applications can build diagnostic support providing rich eventing information to the user/admin Applications can write helper class and plug into the Network Diagnostic Framework for richer diagnostic experience © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 IPsec Configuration Use case WFP APIs can configure
WinHEC 2006 4/15/2017 2:43 PM IPsec Configuration Use case VPN applications Filtering IPsec traffic IPsec management tools WFP APIs can configure IKE policies IPsec policies Filter IPsec at transport layer Applications can guarantee security by Plumbing filter at ALE connect for outbound and ALE accept for inbound layer that references built-in WFP callout © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Secure Socket Architecture
WinHEC 2006 4/15/2017 2:43 PM Secure Socket Architecture IPsecMgmt Anti Virus Socket Application Firewall WFP APIs Socket Application Secure Socket APIs Base Filtering Engine Keying Module Secure Socket API Winsock Winsock user Kernel WSK/TDI ALE Data Logging Stream Layer Transport Layer Filtering Engine Callout APIs IPsec IDS Network Layer NDIS NAT callout © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 WinHEC 2006 4/15/2017 2:43 PM Secure Socket APIs Secure Socket applications can fall in the following buckets P2P application VPN clients (L2TP/IPsec) Line of Business applications Winsock applications can directly call into Secure Socket APIs to secure network connections Secure Socket can be used for Peer authentication (who the peer is) Peer authorization (peer has the right security tokens) Packet encryption Packet integrity protection Other security features offered by IPsec © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Secure Socket Applications
WinHEC 2006 4/15/2017 2:43 PM Secure Socket Applications Secure Sockets are easy to use WSASetSockSecurity(..) Applications using Secure sockets can have either Default policies applied Specify policies applied Group policies applied © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 WFP Scenarios Snap Shot
WinHEC 2006 4/15/2017 2:43 PM WFP Scenarios Snap Shot Scenario WFP Feature support Proxy and Firewalls Inspect, Drop, or Modify Connections Content Filtering Inspect or Drop Connections Deep Content Filtering Modification, Inspect, Drop Connections Virus Scanning Stream Modification Parental Guidance User Logging /Spy ware Modification, Inspect, Drop NAT Packet Modification Data logging/diagnostics Callouts and Event APIs Authorization and security IPsec Application-based filtering ALE Socket applications using secure connection Secure Socket APIs © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Call To Action Use ALE layers to filter on control events
WinHEC 2006 4/15/2017 2:43 PM Call To Action Use ALE layers to filter on control events Using data path can have negative performance impact Use sub-layers to avoid arbitration conflicts Use NDIS LWF for MAC/NetBIOS filtering © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 WFP Partners The following companies have started
WinHEC 2006 4/15/2017 2:43 PM WFP Partners The following companies have started building their internet security products on WFP: © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Resources Join the WFP beta program
WinHEC 2006 4/15/2017 2:43 PM Resources Join the WFP beta program Go to Choose the Guest ID sign-up option Enter the Guest ID: WFPBeta5 Fill out the WFP beta program sign up survey Contact for questions about the Windows Filtering Platform WFP development white paper microsoft.com © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34 WinHEC 2006 4/15/2017 2:43 PM © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 WinHEC 2006 4/15/2017 2:43 PM © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "WinHEC 2006 Madhurima Pawar Program Manager Microsoft Corporation"

Similar presentations

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)

Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)
Feature: Identity Management - Login © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

Feature: Identity Management - Login © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.

1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.
Feature: Reprint Outstanding Transactions Report © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product.

Feature: Reprint Outstanding Transactions Report © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product.
Feature: Purchase Requisitions - Requester © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Feature: Purchase Requisitions - Requester © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Windows Filtering Platform Enhancements in Windows 7

Windows Filtering Platform Enhancements in Windows 7
Rob Williams Program Manager Microsoft Corporation.

Rob Williams Program Manager Microsoft Corporation.
Feature: Purchase Order Prepayments II © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.

Feature: Purchase Order Prepayments II © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
Feature: OLE Notes Migration Utility

Feature: OLE Notes Migration Utility
Feature: Web Client Keyboard Shortcuts © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.

Feature: Web Client Keyboard Shortcuts © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
Khaja Ahmed Architect Windows Networking Microsoft Corporation.

Khaja Ahmed Architect Windows Networking Microsoft Corporation.
Feature: SmartList Usability Enhancements © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Feature: SmartList Usability Enhancements © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Session 1.

Session 1.
Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Similar presentations

Ads by Google