Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jayesh Mowjee Security Consultant Microsoft Session Code: SIA 201.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Jayesh Mowjee Security Consultant Microsoft Session Code: SIA 201."— Presentation transcript:

1

2 Jayesh Mowjee Security Consultant Microsoft Session Code: SIA 201

3 Fundamentally Secure Platform Windows 7 Enterprise Security Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable. Protect Data from Unauthorized Viewing Securing Anywhere Access Protect Users & Infrastructure

4 Windows Vista Foundation Enhanced Auditing Make the system work well for standard users Administrators use full privilege only for administrative tasks File and registry virtualization helps applications that are not UAC compliant Streamlined User Account Control XML based Granular audit categories Detailed collection of audit results Simplified compliance management Fundamentally Secure Platform Security Development Lifecycle process Kernel Patch Protection Windows Service Hardening DEP & ASLR Internet Explorer 8 inclusive Mandatory Integrity Controls

5 User Account Control User provides explicit consent before using elevated privilege Disabling UAC removes protections, not just consent prompt Users can do even more as a standard user Administrators will see fewer UAC Elevation Prompts Reduce the number of OS applications and tasks that require elevation Re-factor applications into elevated/non-elevated pieces Flexible prompt behavior for administrators System Works for Standard User All users, including administrators, run as Standard User by default Administrators use full privilege only for administrative tasks or applications

6 Desktop Auditing Simplified configuration results in lower TCO Demonstrate why a person has access to specific information Understand why a person has been denied access to specific information Track all changes made by specific people or groups Granular auditing complex to configure Auditing access and privilege use for a group of users New XML based events Fine grained support for audit of administrative privilege Simplified filtering of “noise” to find the event you’re looking for Tasks tied to events

7 UAC & Audit

8 Network Security DirectAccess Help ensure that only “healthy” machines can access corporate data Enable “unhealthy” machines to get clean before they gain access Network Access Protection Security enhanced, seamless, always on connection to corporate network Improved management of remote users Helping Secure Anywhere Access Policy based network segmentation for more secure and isolated logical networks Multi-Home Firewall Profiles DNSSec Support

9 Network Access Protection Health policy validation and remediation Helps keep mobile, desktop and server devices in compliance Reduces risk from unauthorized systems on the network Remediation Servers Example: Update Restricted Network Windows Client Policy compliant NPS DHCP, VPN Switch/Router Policy Servers such as: Update, AV Corporate Network Not policy compliant

10 Remote Access for Mobile Workers Access Information Virtually Anywhere Same experience accessing corporate resources inside and outside the office Seamless connection increases productivity of mobile users Easy to service mobile PCs and distribute updates and polices Difficult for users to access corporate resources from outside the office Challenging for IT to manage, update mobile PCs while disconnected from company network

11 AppLocker TM Data Recovery Help protect users against social engineering and privacy exploits Help protect users against browser based exploits Help protect users against web server exploits Internet Explorer 8 File back up and restore CompletePC ™ image- based backup System Restore Volume Shadow Copies Volume Revert Help Protect Users & Infrastructure Enables application standardization within an organization without increasing TCO Support compliance enforcement

12 Application Control Eliminate unwanted/unknown applications in your network Enforce application standardization within your organization Easily create and manage flexible rules using Group Policy Users can install and run non- standard applications Even standard users can install some types of software Unauthorized applications may: Introduce malware Increase helpdesk calls Reduce user productivity Undermine compliance efforts

13 AppLocker Simple Rule Structure: Allow, Exception & DenySimple Rule Structure: Allow, Exception & Deny Publisher RulesPublisher Rules Product Publisher, Name, Filename & VersionProduct Publisher, Name, Filename & Version Multiple PoliciesMultiple Policies Executables, installers, scripts & DLLsExecutables, installers, scripts & DLLs Rule creation tools & wizardRule creation tools & wizard Including PowerShell cmdletsIncluding PowerShell cmdlets Audit only modeAudit only mode SKU AvailabilitySKU Availability AppLocker – EnterpriseAppLocker – Enterprise Legacy SRP – Business & EnterpriseLegacy SRP – Business & Enterprise

14 AppLocker

15 Social Engineering & Exploits Reduce unwanted communications Social Engineering & Exploits Reduce unwanted communications Freedom from intrusion International Domain Names Pop-up Blocker Increased usability Choice and control Clear notice of information use Provide only what is needed Choice and control Clear notice of information use Provide only what is needed Control of information User-friendly, discoverable notices P3P-enabled cookie controls Delete Browsing History InPrivate™ Browsing & Filtering Browser & Web Server Exploits Protection from deceptive websites, malicious code, online fraud, identity theft Browser & Web Server Exploits Protection from deceptive websites, malicious code, online fraud, identity theft Protection from harm Secure Development Lifecycle Extended Validation (EV) SSL certs SmartScreen ® Filter Domain Highlighting XSS Filter/ DEP/NX ClickJacking Prevention ActiveX® Controls Internet Explorer 8 Security

16 RMSBitLocker User-based file and folder encryption Ability to store EFS keys on a smart card EFS Easier to configure and deploy Roam protected data between work and home Share protected data with co-workers, clients, partners, etc. Help Protect Data Policy definition and enforcement Helps protect information wherever it travels Integrated RMS Client

17 BitLocker Extend BitLocker drive encryption to removable devices Create group policies to mandate the use of encryption and block unencrypted drives Simplify BitLocker setup and configuration of primary hard drive Dual partition configuration of primary hard drive for IT End user friendliness and discoverability Corporate control over ubiquitous, cheap, small, high capacity removable storage devices +

18 BitLocker BitLocker EnhancementsBitLocker Enhancements Automatic 100 Mb hidden boot partitionAutomatic 100 Mb hidden boot partition New Key ProtectorsNew Key Protectors Domain Recovery Agent (DRA)Domain Recovery Agent (DRA) Smart card – data volumes onlySmart card – data volumes only BitLocker To GoBitLocker To Go Support for FAT*Support for FAT* Protectors: DRA, passphrase, smart card and/or auto-unlockProtectors: DRA, passphrase, smart card and/or auto-unlock Management: protector configuration, encryption enforcementManagement: protector configuration, encryption enforcement Read-only access on Windows Vista & Windows XPRead-only access on Windows Vista & Windows XP SKU AvailabilitySKU Availability Encrypting – EnterpriseEncrypting – Enterprise Unlocking – AllUnlocking – All

19 BitLocker

20 Fundamentally Secure Platform Protect Users & Infrastructure Windows Vista Foundation Streamlined User Account Control Enhanced Auditing Helping Secure Anywhere Access Windows 7 Enterprise Security Building upon the security foundations of Windows Vista ®, Windows ® 7 provides IT Professionals security features that are simple to use, manageable, and valuable. Help Protect Data Network Security Network Access Protection DirectAccess TM AppLocker TM Internet Explorer® 8 Data Recovery RMSEFS BitLocker ™ & BitLocker To Go TM

21

22 www.microsoft.com/teched Sessions On-Demand & Community http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification & Training Resources Resources

23 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Jayesh Mowjee Security Consultant Microsoft Session Code: SIA 201."

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft

Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft
WCL317 Disclaimer The information in this presentation relates to a pre-released product which may be substantially modified before it’s commercially.

WCL317 Disclaimer The information in this presentation relates to a pre-released product which may be substantially modified before it’s commercially.
Benefits, Risks and Service Desk Impact. Robert Half Technology Kelly O’Connell Robert Half International Branch Manager 2/11/2010.

Benefits, Risks and Service Desk Impact. Robert Half Technology Kelly O’Connell Robert Half International Branch Manager 2/11/2010.
Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation

Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.

Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
Virtual techdays INDIA │ 9-11 February 2011 Safe Browsing Experience for your Home & Office M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation.

Virtual techdays INDIA │ 9-11 February 2011 Safe Browsing Experience for your Home & Office M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation.
Optimizing Client Security by Using Windows Vista.

Optimizing Client Security by Using Windows Vista.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Rob Hwacinski Sr. Program Manager Lead Microsoft Corporation WEM206 Ashwin Kulkarni Sr. Product Manager Microsoft Corporation.

Rob Hwacinski Sr. Program Manager Lead Microsoft Corporation WEM206 Ashwin Kulkarni Sr. Product Manager Microsoft Corporation.
Windows Optimized Desktop: Enhance Security & Control.

Windows Optimized Desktop: Enhance Security & Control.
Virtual techdays Desktop Security with Windows 7 AppLocker & BitLocker to Go Aviraj Ajgekar│ Technology Evangelist │Microsoft Corporation Blog: http://blogs.technet.com/aviraj.

Virtual techdays Desktop Security with Windows 7 AppLocker & BitLocker to Go Aviraj Ajgekar│ Technology Evangelist │Microsoft Corporation Blog:
Session 2 – Security and Application Compatibility NameTitleCompany Your City MVP – Product Arrea

Session 2 – Security and Application Compatibility NameTitleCompany Your City MVP – Product Arrea
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Similar presentations

Ads by Google