Your SlideShare is downloading. ×
0
Cryptography

IN THE REAL WORLD
Enhance Security and Control




     Narenda Wicaksono
IT Pro Advisor, Microsoft Indonesia
Windows 7 Enterprise Security
Building upon the security foundations of Windows Vista, Windows 7 provides IT
Professionals...
A. Fundamentally Secure Platform


                 Windows Vista Foundation
                 Streamlined User Account
   ...
B. Securing Anywhere Access

              Network Security
              Network Access Protection
              Direct A...
C. Protect Users & Infrastructure

                 AppLockerTM
                 Internet Explorer
                 Data R...
D. Protect Data from Unauthorized
Viewing
                 RMS
                 EFS
                 BitLocker &
         ...
A. Fundamentally Secure Platform


 Windows Vista   Streamlined User   Enhanced Auditing
  Foundation     Account Control
Streamlined User Account Control

                 Make the system work well for
                 standard users
         ...
User Account Control – Windows 7


Reduce the number of OS applications and tasks that require elevation
Refactor applicat...
B. Securing Anywhere Access


Network Security   Network Access   DirectAccess
                     Protection
Network Security

                   Policy based network
                   segmentation for more
                   secu...
Network Access Protection

                 Ensure that only “healthy”
                 machines can access
              ...
DirectAccess

               Security protected,
               seamless, always on
               connection to corporate...
Network Access Protection
                                                     POLICY
                                    ...
Remote Access for Mobile Workers
Access Information Anywhere




  Difficult for users to access corporate resources from ...
Remote Access for Mobile Workers
Access Information Anywhere




  Same experience accessing corporate resources inside an...
C. Protect Users & Infrastructure



 AppLockerTM   Internet Explorer 8   Data Recovery
AppLockerTM

              Enables application
              standardization within an
              organization without
...
Internet Explorer 8

                  Protect users against social
                  engineering and privacy
            ...
Data Recovery

                File back up and restore
                CompletePC™ image-based
                backup
   ...
Application Control




 Users can install and run non-standard applications
 Even standard users can install some types o...
Application Control




 Eliminate unwanted/unknown applications in your network
 Enforce application standardization with...
AppLocker

 Simple Rule Structure: Allow, Exception & Deny
 Publisher Rules
     Product Publisher, Name, Filename & Versi...
D. Protect Data from Unauthorized Viewing




     RMS           EFS          BitLocker
RMS

      Policy definition
      and enforcement
      Protects information
      wherever it travels
      Integrated R...
EFS

      User-based file and folder
      encryption
      Ability to store EFS keys
      on a smart card
BitLocker

            Easier to configure and
            deploy
            Roam protected data
            between work...
BitLocker


              Worldwide Shipments (000s)
     1200                                                            ...
BitLocker



                                  +
 Extend BitLocker drive encryption to removable devices
 Create group pol...
BitLocker

 BitLocker Enhancements
    Automatic 200 Mb hidden boot partition
    New Key Protectors
        Domain Recove...
Windows 7 Enterprise Security
    Building upon the security foundations of Windows Vista, Windows 7 provides IT
    Profe...
Learning curriculum
eBooks in Bahasa
Indonesia Developer Portal
http://netindonesia.net
IT Professional Portal
http://wss-id.org
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be...
Upcoming SlideShare
Loading in...5
×

Windows 7 security enhancements

1,753

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,753
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
90
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Windows 7 security enhancements"

  1. 1. Cryptography IN THE REAL WORLD
  2. 2. Enhance Security and Control Narenda Wicaksono IT Pro Advisor, Microsoft Indonesia
  3. 3. Windows 7 Enterprise Security Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable.
  4. 4. A. Fundamentally Secure Platform Windows Vista Foundation Streamlined User Account Control Enhanced Auditing
  5. 5. B. Securing Anywhere Access Network Security Network Access Protection Direct AccessTM
  6. 6. C. Protect Users & Infrastructure AppLockerTM Internet Explorer Data Recovery
  7. 7. D. Protect Data from Unauthorized Viewing RMS EFS BitLocker & BitLocker To GoTM
  8. 8. A. Fundamentally Secure Platform Windows Vista Streamlined User Enhanced Auditing Foundation Account Control
  9. 9. Streamlined User Account Control Make the system work well for standard users Administrators use full privilege only for administrative tasks File and registry virtualization helps applications that are not UAC compliant
  10. 10. User Account Control – Windows 7 Reduce the number of OS applications and tasks that require elevation Refactor applications into elevated/non-elevated pieces Flexible prompt behavior for administrators Users can do even more as a standard user Administrators will see fewer UAC Elevation Prompts
  11. 11. B. Securing Anywhere Access Network Security Network Access DirectAccess Protection
  12. 12. Network Security Policy based network segmentation for more secure and isolated logical networks Multi-Home Firewall Profiles DNSSec Support
  13. 13. Network Access Protection Ensure that only “healthy” machines can access corporate data Enable “unhealthy” machines to get clean before they gain access
  14. 14. DirectAccess Security protected, seamless, always on connection to corporate network Improved management of remote users Consistent security for all access scenarios
  15. 15. Network Access Protection POLICY SERVERS such as: Patch, AV Windows DHCP, VPN Client Switch/Router NPS Not Policy Remediation Compliant Servers Example: Patch Restricted Network Health policy validation and remediation Helps keep mobile, desktop and server devices in Policy CORPORATE NETWORK compliance Compliant Reduces risk from unauthorized systems on the network
  16. 16. Remote Access for Mobile Workers Access Information Anywhere Difficult for users to access corporate resources from outside the office Challenging for IT to manage, update, patch mobile PCs while disconnected from company network
  17. 17. Remote Access for Mobile Workers Access Information Anywhere Same experience accessing corporate resources inside and outside the office Seamless connection increases productivity of mobile users Easy to service mobile PCs and distribute updates and polices
  18. 18. C. Protect Users & Infrastructure AppLockerTM Internet Explorer 8 Data Recovery
  19. 19. AppLockerTM Enables application standardization within an organization without increasing TCO Increase security to safeguard against data and privacy loss Support compliance enforcement
  20. 20. Internet Explorer 8 Protect users against social engineering and privacy exploits Protect users against browser based exploits Protect users against web server exploits
  21. 21. Data Recovery File back up and restore CompletePC™ image-based backup System Restore Volume Shadow Copies Volume Revert
  22. 22. Application Control Users can install and run non-standard applications Even standard users can install some types of software Unauthorized applications may: Introduce malware, Increase helpdesk calls, Reduce user productivity, Undermine compliance efforts
  23. 23. Application Control Eliminate unwanted/unknown applications in your network Enforce application standardization within your organization Easily create and manage flexible rules using Group Policy
  24. 24. AppLocker Simple Rule Structure: Allow, Exception & Deny Publisher Rules Product Publisher, Name, Filename & Version Multiple Policies Executables, installers, scripts & DLLs Rule creation tools & wizard Audit only mode SKU Availability AppLocker – Enterprise Legacy SRP – Business & Enterprise
  25. 25. D. Protect Data from Unauthorized Viewing RMS EFS BitLocker
  26. 26. RMS Policy definition and enforcement Protects information wherever it travels Integrated RMS Client Policy-based protection of document libraries in SharePoint
  27. 27. EFS User-based file and folder encryption Ability to store EFS keys on a smart card
  28. 28. BitLocker Easier to configure and deploy Roam protected data between work and home Share protected data with co-workers, clients, partners, etc. Improve compliance and data security
  29. 29. BitLocker Worldwide Shipments (000s) 1200 Removable Solid- State Storage 1000 Shipments 800 600 400 PC 200 Shipments 0 2007 2008 2009 2010 2011 • Gartner “Forecast: USB Flash Drives, Worldwide, 2001-2011” 24 September 2007, Joseph Unsworth • Gartner “Dataquest Insight: PC Forecast Analysis, Worldwide, 1H08” 18 April 2008, Mikako Kitagawa, George Shiffler III
  30. 30. BitLocker + Extend BitLocker drive encryption to removable devices Create group policies to mandate the use of encryption and block unencrypted drives Simplify BitLocker setup and configuration of primary hard drive
  31. 31. BitLocker BitLocker Enhancements Automatic 200 Mb hidden boot partition New Key Protectors Domain Recovery Agent (DRA) Smart card – data volumes only BitLocker To Go Support for FAT* Protectors: DRA, passphrase, smart card and/or auto-unlock Management: protector configuration, encryption enforcement Read-only access on Vista & XP SKU Availability Encrypting – Enterprise Unlocking – All
  32. 32. Windows 7 Enterprise Security Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable. Windows Vista Network Security AppLocker RMS Foundation Network Access Internet Explorer 8 EFS Streamlined UAC Protection Data Recovery BitLocker Enhanced Auditing DirectAccess
  33. 33. Learning curriculum
  34. 34. eBooks in Bahasa
  35. 35. Indonesia Developer Portal http://netindonesia.net
  36. 36. IT Professional Portal http://wss-id.org
  37. 37. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×