Your SlideShare is downloading. ×
0
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Ramnish Singh Platform Security Briefing

1,975

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,975
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
40
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • LEAD: Who is responsible for driving the evolution of the threats that impact your business?It started with those that were curious and wanted personal fame in hacking into different systems and networks.Then, the motivation moved to those that found a sport in CyberTrespassing and those that look at financial gains from CyberThief. As more individuals made money, the group began to grow larger and larger.Now we are finding experts and specialist that focus on large hacking efforts gaining access to sensitive data that they can sell on the black market. We are also seeing CyberSpy Specialist with national interests at stake.<CLICK>Vandals are the largest group.<CLICK>We see Theives driving the largest area where money is lost<CLICK>The largest segment of spend is focused defending national interests.<CLICK>The fastest growing segment are the experts that are in the business of stealing your business assets.????? Customer QuestionsAre you seeing security threats evolve before the attacked technology is mainstreamed?Why do you think this is happening?
  • LEAD: Engineering Excellence is focused upon providing fundamentally secure platforms for our customers. They should be secure by design, secure by default, and remain secure after deployment.???? Customer QuestionsWhat kind of security configuration management do you utilize to deploy servers? Desktops?Are you using Group Policy to keep your platforms secure after they are deployed?What is your platform patching strategy?
  • Transcript

    • 1. Platform Security Briefing<br />Ramnish Singh<br />PMP, CISSP, Microsoft Certified Architect (Infrastructure)<br />MCITP (Windows 2008),MCTS (Windows Server,Vista, Exchange), MCSE (Windows 2003, 2000, NT), MCT<br />Cisco Certified Design Professional, Cisco Certified Network Professional, Sun CSA<br />IT Advisor | Microsoft Corporation<br />Blog Address (optional) | Email (optional)<br />
    • 2.
    • 3.
    • 4. Security Versus Access<br />Demand for access<br />Escalating threats<br />23 million branch offices WW(IDC, 2006)<br />3.6 billion mobile users WW by 2010 (Infonetics, 2007)<br />85% of companies will have WLANs by 2010 (Infonetics, 2006)<br />8x increase in phishing sites in past year (AWG, 2006)<br />One message-based Trojan attack per day in 2006 vs. one per week in 2005 (Message Labs, 2006)<br />Strong indication of increase in profit-motivated attacks (Multiple sources)<br />
    • 5. Evolving Threat Landscape<br />Local Area Networks<br />First PC virus<br />Boot sector viruses<br />Create notorietyor cause havoc<br />Slow propagation<br />16-bit DOS<br />Internet Era<br />Macro viruses<br />Script viruses<br />Create notorietyor cause havoc<br />Faster propagation<br />32-bit Windows<br />Hyper jacking<br />Peer to Peer<br />Social engineering<br />Application attacks<br />Financial motivation<br />Targeted attacks<br />64-bit Windows<br />Broadbandprevalent<br />Spyware, Spam<br />Phishing<br />Botnets<br />Rootkits<br />Financial motivation<br />Internet wide impact<br />32-bit Windows<br />1986–1995<br />1995–2000<br />2000–2005<br />2007<br />
    • 6. National Interest<br />Personal Gain<br />Personal Fame<br />Curiosity<br />Largest segment by $ spent on defense<br />Spy<br />Largest area by $ lost<br />Fastest <br />growing <br />segment<br />Thief<br />Largest area by volume<br />Trespasser<br />Author<br />Vandal<br />Undergraduate<br />Script-Kiddy<br />Expert<br />Specialist<br />Evolving Threats<br />
    • 7. 1st known hack...<br />The need for security in communication networks is not new. In the late nineteenth century an American undertaker named AlmonStrowger discovered that he was losing business to his rivals because telephone operators, responsible for the manual connection of call requests, were unfairly diverting calls from the newly bereaved to his competitors. Strowger developed switching systems that led to the introduction of the first automated telephone exchanges in 1897. This enabled users to make their own connections using rotary dialling to signal the required destination.<br />AlmonStrowger<br />
    • 8. Addressing Security Threats<br />Helps turn IT into a business asset not a cost center <br />Supports your day to day security processes <br />Is the Enabler to running your business successfully<br />Technology<br />Data privacy processes to manage data effectively<br />IT security processes to implement, manage, and govern security<br />Financial reporting processes that include security of the business<br />Process<br />Company understands the importance of security in the workplace<br />Individuals know their role with security governance and compliance<br />IT staff has the security skills and knowledge to support your business <br />People<br />
    • 9. Microsoft’s Promises To You<br />Manage Complexity,<br />Achieve Agility<br />Amplifythe Impactof YourPeople<br />ProtectInformation,ControlAccess<br />Advance the Businesswith IT Solutions<br />
    • 10. Delivering On The Promise:Infrastructure Optimization<br />*Source: Microsoft CSO Summit 2007 Registration Survey <br />
    • 11. Core Infrastructure Optimization<br />More Efficient Cost Center<br />Cost Center <br />Strategic Asset<br />Business Enabler<br />Basic<br />No centralized enterprise directory<br />No automated patch management<br />Anti-malwarenot centrally managed<br />Message security for e-mail only<br />No secure coding practices in place<br />Standardized<br />Using enterprise directory for authentication<br />Automated patch management tools deployed<br />Anti-malwareis managed centrally<br />Unified message security in place<br />Rationalized<br />Integrated directory services, PKIin place<br />Formal patch management process<br />Defense in depth threat protection<br />Security extended to remote and mobile workforce<br />Dynamic<br />Full identity lifecycle management.ID Federation,Rights Mgt Services in use<br />Metrics driven update process<br />Client quarantine and access policy enforcement<br />$1320/PC Cost<br />$580/PC Cost<br />$230/PC Cost<br />Source:GCR and IDC data analyzed by Microsoft, 2006<br />
    • 12. Core Infrastructure Optimization Model: Security<br />Basic<br />Standardized<br />Rationalized<br />Dynamic<br />Technology<br />Self provisioning and quarantine capable systems ensure compliance and high availability <br />Automate identity and access management<br />Automatedsystem management <br />Multiple directories for authentication<br />Limited automated software distribution<br />Patch statusof desktopsis unknown<br />No unified directory for access mgmt<br />Self-assessing and continuous improvement<br />Easy, secure access to info from anywhereon Internet<br />SLAs are linkedto business objectives<br />Clearly defined and enforced images, security, best practices<br />CentralAdmin and configurationof security<br />Standard desktop images defined,not adopted by all<br />IT processes undefined<br />Complexity dueto localized processesand minimal central control<br />Process<br />Improve IT Maturity while Gaining ROI<br />IT is astrategic asset<br />Users look to ITas a valued partner to enable new business initiatives<br />IT Staff manages an efficient,controlled environment<br />Users have the right tools,availability, and access to info<br />IT Staff trained in best practices such as MOF,ITIL, etc.<br />Users expect basic services from IT<br />IT staff taxed by operational challenges<br />Users come up with their ownIT solutions<br />People<br />
    • 13. SC information system = {(confidentiality, impact), (integrity, impact), (availability, impact)}<br />where the acceptable values for potential impact are low, moderate, or high. <br />
    • 14. Trustworthy Computing<br />
    • 15. Microsoft Security Strategy<br />
    • 16. LawEnforcement<br />Public Policy<br />VIA<br />GIAIS<br />Microsoft Security Strategy<br />IndustryPartnerships<br />ConsumerAwareness<br />
    • 17. Microsoft SecurityAssessment Toolkit<br />SecurityTools<br />Microsoft Windows VistaSecurity Whitepapers<br />SecurityReadiness<br />Educationand Training<br />Microsoft SecurityIntelligence Report<br />Learning Paths forSecurity Professionals<br />www.microsoft.com/technet/security<br />Microsoft Security Strategy<br />
    • 18. Security Development Lifecycle<br />Design<br />Threat Modeling<br />Standards, best practices, and tools<br />Security Push<br />Final Security Review <br />RTM and Deployment<br />Signoff<br />Security Response<br />Product Inception<br />
    • 19. Priority #1 - Platform Security<br />Security Development Lifecycle<br />Security Response Center<br />Better Updates And Tools<br />
    • 20. Comprehensive Security Portfolio<br />Services<br />Edge<br />Encrypting File System (EFS)<br />Server Applications<br />BitLocker™<br />Information Protection<br />Network Access Protection (NAP)<br />Client and Server OS<br />IdentityManagement<br />Windows<br />CardSpace<br />SystemsManagement<br />Active Directory Federation Services (ADFS)<br />Guidance<br />Developer Tools<br />
    • 21. Security Development Lifecycle (SDL)<br />Kernel Patch Protection<br />Kernel-mode Driver Signing<br />Secure Startup<br />Windows Service Hardening<br />Secure <br />Platform<br />Rights Management Services (RMS) <br />SharePoint, Exchange, Windows Mobile integration<br />Encrypting File System (EFS)<br />Bitlocker<br />Secure <br />Access<br />User Account Control<br />Network Access Protection (NAP)<br />IPv6<br />IPsec<br />Windows CardSpace<br />Native smart card support<br />GINA Re-architecture<br />Certificate Services<br />Credential roaming<br />Windows Defender<br />IE Protected Mode<br />Address Space Layout Randomization (ASLR)<br />Data Execution Prevention (DEP) <br />Bi-directional Firewall<br />Windows Security Center<br />Data <br />Protection<br />Malware<br />Protection<br />
    • 22. Windows Vista SP1 includes<br />Additional Kernel Patch Protection APIs<br />Enhanced Windows Security Center reporting<br />Expanded BitLocker Drive Encryption (BDE) <br />Additional multifactor authentication methods<br />
    • 23. Security Development Lifecycle (SDL)<br />Windows Server Virtualization (Hypervisor)<br />Role Management Tool<br />OS File Integrity<br />Secure <br />Platform<br />Network <br />Protection<br />Network Access Protection (NAP)<br />Server and Domain Isolation with IPsec<br />End-to-end Network Authentication<br />Windows Firewall With Advanced Security <br />On By Default<br />Identity<br />Access<br />Rights Management Services (RMS) <br />Full volume encryption (Bitlocker)<br />USB Device-connection rules with Group Policy<br />Improved Auditing<br />Windows Server Backup<br />Data <br />Protection<br />Read-only Domain Controller (RODC)<br />Active Directory Federation Srvcs. (ADFS)<br />Administrative Role Separation<br />PKI Management Console<br />Online CertificateStatus Protocol<br />
    • 24. Secure <br />Platform<br />Surface Area Configuration tool<br />Password Policy Enforcement; Granular Roles<br />Built in Encryption;Key Mgmt.<br />Auditing – Data Definition Language (DDL)<br />Advanced Spam and Virus Defenses<br />Compliance<br />Business Continuity<br />Trust Center<br />New Document Security Model<br />Open XML File Formats<br />Rich Authentication<br />GranularAccess Control<br />Complianceand Auditing <br />Hierarchical Encryption<br />Document Inspector<br />Information Rights Management<br />Strong Encryption,Digital Signatures<br />Suite-B: For U.S. Government <br />Data <br />Protection<br />Platform Security Progress<br />Essential Security and Mobile Device Mgmt<br />Built-in Protection with Business Continuity<br />Compliance Support<br />EnhancedMessage Filtering<br />
    • 25. Security Threat Landscape Evolution<br />Microsoft Security Strategy<br />Engineering Excellence<br />Security Development Lifecycle<br />Engineering Excellence<br />Security Development Lifecycle<br />
    • 26. Trusted<br />Unhealthy PC<br />Isolated<br />Remediation Server<br />Web Server<br />Infrastructure Servers<br />New Customer<br />Remote Access Gateway<br />Trusted Home<br />Unmanaged Devices<br />MaliciousUsers<br />Network Security<br />Secure Anywhere Access<br />End-to-end security with IPv6 and IPsec<br />Access driven by policy not topology<br />Certificate based multi-factor authentication<br />Health checks and remediation prior to access<br />Policy-driven network access solutions<br />Windows Firewall with advanced filtering<br />Server and Domain Isolation<br />Network Access Protection (NAP)<br />ISA Server 2006<br />Intelligent Application Gateway (2007)<br />Windows Filtering Platform<br />
    • 27. Identity and Access Management<br />Your COMPANYandyour EMPLOYEES<br />Secure and seamlesscross-organizational collaboration<br />Easily managing multiple identities<br />Government sponsored identities (eID)<br />Hardware supported trust platform<br />Disparate directories synchronization<br />Centralized ID controls and mgmt.<br />Embedded identity into applications<br />Policy Governance / Compliance<br />Role Based Permissions<br />Identity and Data Privacy<br />Identity Lifecycle Manager 2007<br />Active Directory Federation Services<br />Active Directory Lightweight Directory Services<br />Windows Certificate Services <br />Windows CardSpace™<br />
    • 28. Edge, server and client protection<br />“Point to Point” Solutions<br />Security of data at rest and in transit<br />Mobile workforce<br />Manageability<br />Corporate<br />Client Protection<br />Server Protection <br />Consumer/ Small Business<br />Simple PC maintenance<br />Anti-Virus <br />Anti-Spyware<br />Anti-Phishing<br />Firewall<br />Performance Tuning<br />Backup and Restore<br />Edge Protection <br />Protection<br />
    • 29. Interoperability<br />Industry Standards<br />Web Services (WS-*)<br />Open document format (XPS)<br />OpenID<br />Partner Products<br />Network Access Protection<br />EV Certificate support in IE7 <br />Windows CardSpace<br />Windows Security Center<br />Industry Partnerships<br />SecureIT Alliance<br />Microsoft SecurityResponse Alliance <br />Interop Vendor Alliance<br />
    • 30. Security Stack Interoperability<br />Integrated security eases defense in depth architecture deployment<br />Adoption of open standards allows cross platform integration<br />Management System<br />System Center, Active Directory GPO<br />Data<br />BitLocker, EFS, RMS, SharePoint, SQL<br />User<br />Active Directory and Identity Lifecycle Mgr<br />Application<br />SDL process, IIS, Visual Studio, and .NET<br />Device<br />Forefront Client Security, Exchange MSFP<br />Internal Network<br />Network Access Protection, IPSec<br />Perimeter<br />Forefront Edge and Server Security, NAP<br />
    • 31. Management Systems Integration<br />
    • 32. Engineering Excellence<br />Security Development Lifecycle<br />Microsoft Security Strategy<br />
    • 33. Some hard questions…<br />Who<br />Why<br />What<br />When<br />Where<br />How<br />
    • 34. The lighter side<br />
    • 35. And the press is doing its bit...<br />
    • 36. User Experience<br />Application Platform Optimization Model<br />Development<br />BASIC<br />ADVANCED<br />DYNAMIC<br />STANDARDIZED<br />Infrastructure Optimization<br />SOA and Business Process<br />Data Management<br />Business Intelligence<br />Business Productivity Infrastructure Optimization Model<br />Unified Communications<br />Collaboration<br />IT and Security Process<br />Enterprise Content Management<br />BASIC<br />RATIONALIZED<br />DYNAMIC<br />STANDARDIZED<br />Enterprise Search<br />Business Intelligence<br />Core Infrastructure Optimization Model<br />Identity and Access Management<br />Desktop, Device, and Server Mgmt<br />BASIC<br />RATIONALIZED<br />DYNAMIC<br />STANDARDIZED<br />Security and Networking<br />Data Protection and Recovery<br />
    • 37. Infrastructure OptimizationBuilding a People-Ready Business<br />Model-Based Approach<br />User Experience<br /><ul><li>Provides capability framework to help you build an optimized infrastructure (not Microsoft-specific)
    • 38. Establishes a foundation based on industry analyst, academic, and consortium research
    • 39. Provides guidance and best practices for step-by-step implementation
    • 40. Drives cost reduction, security and efficiency gains
    • 41. Enables agility</li></ul>Application Platform Optimization Model<br />STANDARDIZED<br />BASIC<br />ADVANCED<br />DYNAMIC<br />Development<br />SOA and Business Process<br />Data Management<br />Business Intelligence<br />Business Productivity Infrastructure Optimization Model<br />Unified Communications<br />Collaboration<br />IT and Security Process<br />STANDARDIZED<br />BASIC<br />DYNAMIC<br />RATIONALIZED<br />Enterprise Content Management<br />Enterprise Search<br />Business Intelligence<br />Core Infrastructure Optimization Model<br />Identity and Access Management<br />Desktop, Device, and Server Mgmt<br />BASIC<br />STANDARDIZED<br />DYNAMIC<br />RATIONALIZED<br />Security and Networking<br />Data Protection and Recovery<br />
    • 42. Core Infrastructure Optimization<br />Policy and Compliance<br />Risk Assessment<br />User Awareness<br />Basic<br />Standardized<br />Rationalized<br />Dynamic<br />Identity and Access Management<br />Patch Management<br />Threat and Vulnerability Mitigation<br />Secure Messaging and Collaboration<br />Secure Application Architecture<br />Legacy Platform Migration<br />
    • 43. Solutions<br />Benefits<br />Costs<br />Challenges<br />Two Factor Authentication<br />Secure Remote User<br />Basic to Standardized<br />Enforce Strong Passwords<br />Secure Wireless Access<br />Network Intrusion Detection<br />Optimizing SecurityMoving from Basic to Standardized<br />Developer-focused environment<br />Sophisticated and targeted threats<br />Executive sponsorship<br />Awareness campaign<br />Cultural shift to awareness<br />Able to mitigate current high priority risk<br />Labor intensive to maintain<br />Defense in Depth<br />
    • 44. Solutions<br />Benefits<br />Costs<br />Challenges<br />Standardized to Rationalized<br />Network Segmentation<br />Identity &<br />Access Mgmt<br />2FA: Elevated Access Accts<br />Security Event Monitoring<br />Certificate<br />Provisioning<br />& Renewals<br />Vulnerability<br />Assessments<br />SDL IT<br />Optimizing SecurityMoving from Standardized to Rationalized<br />Evolving and faster threats<br />Ownership largely resided with Security<br />Risk management framework<br />Service manager accountability<br />Accountability closer to business<br />Environmental awareness<br />Improved response<br />Lack of integration between service managers and business<br />Defense in Depth<br />Automate<br />
    • 45. Solutions<br />Benefits<br />Costs<br />Challenges<br />Network Access Protection<br />Rationalized to Dynamic<br />Strong User Authentication<br />User Account Control<br />Bitlocker Drive Encryption<br />Optimizing SecurityMoving from Rationalized to Dynamic<br />Security viewed as a tax to the business<br />Information security governance<br />Information security becomes a strategic asset<br />Culture shift may cause friction<br />Defense in Depth<br />
    • 46. Application Security<br />Authentication<br />Intrusion Detection/Prevention<br />Identity & Access Management<br />Network Firewalls<br />NAC<br />Wireless<br />Email<br />Unified Threat Management<br />Secure Remote Access<br />Antimalware<br />SIMs<br />Mobile Data Security<br />Vulnerability Management<br />Web Security Gateways<br />
    • 47. People<br />Mobile<br />Mobile<br />Office<br />Task<br />Office<br />Contract<br />Task<br />Home<br />Contract Offshore<br />Home<br />
    • 48. Separation Creates Flexibility<br />Data, User Settings<br />Applications<br />OS<br />Hardware<br />Dependencies Create Complexity<br />
    • 49. Mobile<br />
    • 50. Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />Mobile Worker<br />Bitlocker Drive Encryption<br />OPERATING SYSTEM<br />Hardware<br />
    • 51. Mobile Worker<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />OS<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 52. Mobile Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />Applications<br />Anti Virus & Antispyware<br />Network Access Protection<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Group Policy and AGPM <br />Folder Redirection<br />Offline Files<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 53. Mobile Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Network Access Protection<br />Data, User Settings<br />Applications<br />Anti Virus & Antispyware<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 54. Mobile Worker<br />RMS Protected Documents<br />Data, User Settings<br />Applications<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />System Monitoring<br />System Management<br />Mobile Device Management<br />Corporate Security Policy<br />OS<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 55. Office<br />
    • 56. Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />Office Worker<br />Bitlocker Drive Encryption<br />OPERATING SYSTEM<br />Hardware<br />
    • 57. Office Worker<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />OS<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 58. Office Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />Applications<br />Anti Virus & Antispyware<br />Network Access Protection<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 59. Office Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Network Access Protection<br />Data, User Settings<br />Applications<br />Anti Virus & Antispyware<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 60. Office Worker<br />RMS Protected Documents<br />Data, User Settings<br />Applications<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />System Monitoring<br />System Management<br />Mobile Device Management<br />Corporate Security Policy<br />OS<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 61. Task<br />
    • 62. Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />Task Worker<br />Bitlocker Drive Encryption<br />OPERATING SYSTEM<br />Hardware<br />
    • 63. Task Worker<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />OS<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 64. Task Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />Applications<br />Anti Virus & Antispyware<br />Network Access Protection<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Group Policy and AGPM <br />Folder Redirection<br />Offline Files<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 65. Task Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Network Access Protection<br />Data, User Settings<br />Applications<br />Anti Virus & Antispyware<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 66. Task Worker<br />RMS Protected Documents<br />Data, User Settings<br />Applications<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />System Monitoring<br />System Management<br />Mobile Device Management<br />Corporate Security Policy<br />OS<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 67. Contract / Offshore<br />
    • 68. Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />Contract / Offshore Worker<br />Bitlocker Drive Encryption<br />OPERATING SYSTEM<br />Hardware<br />
    • 69. Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Network Location Protection<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />OS<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />Contract / Offshore Worker<br />OPERATING SYSTEM<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 70. Contract / Offshore Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />Applications<br />Anti Virus & Antispyware<br />Network Access Protection<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 71. Contract / Offshore Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Network Access Protection<br />Data, User Settings<br />Applications<br />Anti Virus & Antispyware<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 72. Contract / Offshore Worker<br />RMS Protected Documents<br />Data, User Settings<br />Applications<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />System Monitoring<br />System Management<br />Mobile Device Management<br />Corporate Security Policy<br />OS<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 73. Home<br />
    • 74. Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />Home Worker<br />Bitlocker Drive Encryption<br />OPERATING SYSTEM<br />Hardware<br />
    • 75. Home Worker<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />OS<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 76. Home Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Bi-Directional Firewall, Defender, Malicious Software Removal Tool<br />Bitlocker Drive Encryption<br />Security Center & UAC<br />Network Location Protection<br />Applications<br />Anti Virus & Antispyware<br />Network Access Protection<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 77. Home Worker<br />Terminal Server Access<br />RMS Protected Documents<br />Network Access Protection<br />Data, User Settings<br />Applications<br />Anti Virus & Antispyware<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />OS<br />Application (APP-V) & Enterprise Desktop (MED-V) Virtualization <br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 78. Home Worker<br />RMS Protected Documents<br />Data, User Settings<br />Applications<br />Folder Redirection<br />Offline Files<br />Group Policy and AGPM <br />Data Backup<br />System Monitoring<br />System Management<br />Mobile Device Management<br />Corporate Security Policy<br />OS<br />Hardware<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 79. 7 Tips for Secure Client Computing<br />Protect your personal information. It’s valuable<br />Know who you’re dealing with<br />Use anti-virus and firewall and update both regularly<br />Setup your OS and Web Browser properly and update both regularly<br />Protect your password<br />Backup important files<br />Learn who to contact if something goes wrong<br />
    • 80. Technology<br />Internet<br />Intranet Web Server<br />Exchange<br />External Web Server<br />User<br />BRANCH OFFICE<br />DMZ<br />CSS<br />Internal Network<br />Internet<br />SharePoint<br />Active Directory<br />HEAD QUARTERS<br />User<br />Customer<br />
    • 81. Technology – Another View<br />Trusted<br />Unhealthy PC<br />Isolated<br />Remediation Server<br />Web Server<br />Infrastructure Servers<br />New Customer<br />Remote Access Gateway<br />Trusted Home<br />Unmanaged Devices<br />MaliciousUsers<br />
    • 82. OSI Model<br />Application<br />Presentation<br />Session<br />Transport<br />Network<br />Media layers<br />Host layers<br />Data Link<br />Physical<br />
    • 83. Head Office<br />
    • 84. Head Office (Media Layer)<br />Bitlocker Drive Encryption<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 85. Head Office (Media Layer)<br />Bitlocker Drive Encryption<br />Secure Wireless Access<br />Secure Remote Access<br />Network Access Protection<br />Intrusion Detection System<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 86. Head Office (Media Layer)<br />Secure Wireless Access<br />Network Access Protection<br />Secure Remote Access<br />Site-to-Site VPN<br />Address Translation<br />Intrusion Detection System<br />Network<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 87. Head Office (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Transport<br />Firewall Protection<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 88. Head Office (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Active Directory<br />Remote Access Protocols<br />Session<br />Transport<br />Firewall Protection<br />Folder Redirection<br />Offline Files<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 89. Head Office (Host Layer)<br />GINA Protection<br />GINA Protection<br />Terminal Server Access<br />Active Directory<br />Remote Access Protocols<br />Encrypted File System<br />Presentation<br />Session<br />OPERATING SYSTEM<br />Transport<br />Folder Redirection<br />Offline Files<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />CTRL + ALT + DEL<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 90. Head Office (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />GINA Protection<br />Terminal Server Access<br />Encrypted File System<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />Application (APP-V) Virtualization <br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 91. Head Office (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Web<br />DHCP & DNS<br /> Audio Video<br />Messaging<br />Anti Virus & Antispyware<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 92. Head Office (Host Layer)<br />Application<br />Presentation<br />Session<br />Transport<br />Web<br /> Audio Video<br />Messaging<br />DHCP & DNS<br />Identity Management<br />Data Protection<br />Content Management<br />Database<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 93. Branch Office<br />
    • 94. Branch Office (Media Layer)<br />Bitlocker Drive Encryption<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 95. Branch Office (Media Layer)<br />Bitlocker Drive Encryption<br />Secure Wireless Access<br />Secure Remote Access<br />Network Access Protection<br />Intrusion Detection System<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 96. Branch Office (Media Layer)<br />Secure Wireless Access<br />Network Access Protection<br />Secure Remote Access<br />Site-to-Site VPN<br />Address Translation<br />Intrusion Detection System<br />Network<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 97. Branch Office (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Transport<br />Firewall Protection<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 98. Branch Office (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Active Directory<br />Remote Access Protocols<br />Session<br />Transport<br />Firewall Protection<br />Folder Redirection<br />Offline Files<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 99. Branch Office (Host Layer)<br />GINA Protection<br />GINA Protection<br />Terminal Server Access<br />Active Directory<br />Remote Access Protocols<br />Encrypted File System<br />Presentation<br />Session<br />OPERATING SYSTEM<br />Transport<br />Folder Redirection<br />Offline Files<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />CTRL + ALT + DEL<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 100. Branch Office (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />GINA Protection<br />Terminal Server Access<br />Encrypted File System<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />Application (APP-V) Virtualization <br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 101. Branch Office (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Web<br />DHCP & DNS<br /> Audio Video<br />Messaging<br />Anti Virus & Antispyware<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 102. Branch Office (Host Layer)<br />Application<br />Presentation<br />Session<br />Transport<br />Web<br /> Audio Video<br />Messaging<br />DHCP & DNS<br />Identity Management<br />Data Protection<br />Content Management<br />Database<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 103. IntranetExtranet<br />
    • 104. Intranet/Extranet (Media Layer)<br />Bitlocker Drive Encryption<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 105. Intranet/Extranet (Media Layer)<br />Bitlocker Drive Encryption<br />Secure Wireless Access<br />Secure Remote Access<br />Network Access Protection<br />Intrusion Detection System<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 106. Intranet/Extranet (Media Layer)<br />Secure Wireless Access<br />Network Access Protection<br />Secure Remote Access<br />Site-to-Site VPN<br />Address Translation<br />Intrusion Detection System<br />Network<br />Data Link<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />Physical<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 107. Intranet/Extranet (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Transport<br />Firewall Protection<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 108. Intranet/Extranet (Host Layer)<br />IPSec Enabled Protection<br />Server & Domain Isolation<br />Active Directory<br />Remote Access Protocols<br />Session<br />Transport<br />Firewall Protection<br />Folder Redirection<br />Offline Files<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 109. Intranet/Extranet (Host Layer)<br />GINA Protection<br />GINA Protection<br />Terminal Server Access<br />Active Directory<br />Remote Access Protocols<br />Encrypted File System<br />Presentation<br />Session<br />OPERATING SYSTEM<br />Transport<br />Folder Redirection<br />Offline Files<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />CTRL + ALT + DEL<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 110. Intranet/Extranet (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />GINA Protection<br />Terminal Server Access<br />Encrypted File System<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Anti Virus & Antispyware<br />Group Policy and AGPM <br />CTRL + ALT + DEL<br />Application (APP-V) Virtualization <br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 111. Intranet/Extranet (Host Layer)<br />Application<br />Defender, Malicious Software Removal Tool<br />Presentation<br />Session<br />Transport<br />Application Protection<br />Management<br />Web<br />DHCP & DNS<br /> Audio Video<br />Messaging<br />Anti Virus & Antispyware<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 112. Intranet/Extranet (Host Layer)<br />Application<br />Presentation<br />Session<br />Transport<br />Web<br /> Audio Video<br />Messaging<br />DHCP & DNS<br />Identity Management<br />Data Protection<br />Content Management<br />Database<br />Microsoft Enterprise Desktop <br />Virtualization (MED-V)<br />OPERATING SYSTEM<br />End User Benefits<br />Offline Use<br />Flexible Configurations<br />Rich user experience <br />IT Benefits <br />Protection of the local data<br />Easy to migrate user<br />Mitigation of application compatibility issues<br />
    • 113. Remote Access<br />
    • 114. Wired Access<br />ADSL / Cable<br />Power Line<br />Dial-in / ISDN <br />Fiber Optic<br />
    • 115. Wireless Access<br />WiFi<br />GPRS / UMTS / HSPA / LTE<br />Wireless USB<br />Bluetooth<br />WiMAX<br />Satellite<br />
    • 116. Securing Wireless…<br />Internet<br />Wired Enterprise Network<br />
    • 117. VPN security models<br />
    • 118. Direct Access<br />Microsoft Solution<br />Situation Today<br />Direct Access<br />Office<br />Home<br />Home<br />Office<br /><ul><li>New network paradigm enables same experience inside & outside the office
    • 119. Seamless access to network resources increases productivity of mobile users
    • 120. Infrastructure investments also make it easier to service mobile PCs and distribute updates and polices
    • 121. Difficult for users to access corporate resources from outside the office
    • 122. Challenging for IT to manage, update, patch mobile PCs while disconnected from company network</li></li></ul><li>Process<br />
    • 123. Process<br />Application Security <br />Cryptography<br />Access Control <br />Business Continuity & Disaster Recovery<br />Information Security and Risk Management <br />Operations Security <br />Physical (Environmental) Security <br />Security Architecture and Design <br />Telecommunications and Network Security <br />Legal, Regulations, Compliance & Investigations<br />
    • 124. Access Control<br />
    • 125. Application Security<br />
    • 126. Business Continuity<br />Business Continuity Planning Lifecycle<br />
    • 127. Disaster Recovery<br />
    • 128. Cryptography<br />Symmetric-key <br />Asymmetric-key <br />
    • 129. Information Security<br />Administrative <br />Logical <br />Physical <br />
    • 130. Risk Management<br />Risk avoidance<br />Risk reduction<br />Risk retention<br />Risk transfer<br />
    • 131. Operations Security<br />World War II-era poster promoting OPSEC<br />
    • 132. Security Architecture and Design <br />
    • 133. Legal, Regulations, Compliance & Investigations<br />
    • 134. Telecommunications and Network Security<br />
    • 135. Physical Security<br />Key Elements<br />Key Features<br />
    • 136. Security Guidance and Resources<br />Microsoft Security Home Page: www.microsoft.com/security<br />Microsoft Forefront: http://www.microsoft.com/forefront/default.mspx<br />General Information:<br />Microsoft Live Safety Center: http://safety.live.com<br />Microsoft Security Response Center: www.microsoft.com/security/msrc<br />Security Development Lifecycle: http://msdn.microsoft.com/security/sdl<br />Get the Facts on Windows and Linux: www.microsoft.com/getthefacts<br />Anti-Malware:<br />Microsoft OneCare Live: https://beta.windowsonecare.com<br />Microsoft Defender: www.microsoft.com/athome/security/spyware/software<br />Spyware Criteria: www.microsoft.com/athome/security/spyware/software/isv<br />Guidance Centers:<br />Security Guidance Centers: www.microsoft.com/security/guidance<br />Security Guidance for IT Professionals: www.microsoft.com/technet/security<br />The Microsoft Security Developer Center: msdn.microsoft.com/security<br />The Security at Home Consumer Site: www.microsoft.com/athome/security<br />
    • 137. આભાર<br />ধন্যবাদ<br />நன்றி<br />धन्यवाद<br />ಧನ್ಯವಾದಗಳು<br />ధన్యవాదాలు<br />ଧନ୍ୟବାଦ<br />നിങ്ങള്‍‌ക്ക് നന്ദി<br />ਧੰਨਵਾਦ<br />
    • 138. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.<br />The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.<br />

    ×