MS NAP - Security Day
Upcoming SlideShare
Loading in...5
×
 

MS NAP - Security Day

on

  • 2,106 views

MS NAP - Security Day Son Vu

MS NAP - Security Day Son Vu

Statistics

Views

Total Views
2,106
Views on SlideShare
2,097
Embed Views
9

Actions

Likes
0
Downloads
58
Comments
0

2 Embeds 9

http://static.slideshare.net 6
http://www.slideshare.net 3

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

MS NAP - Security Day MS NAP - Security Day Presentation Transcript

  • Windows Server 2008 – Network Access Protection (NAP) Presented by Vu Nguyen Cao Son EPG Technical Specialist [email_address] www.CaoSonBlog.com
    • Why Security
    • Introducing Network Access Protection
    • Using NAP with DHCP
    • Using NAP with VPN/Ipsec/802.1x
    • Q&A
    Agenda
    • Media
    • Personal Favor
    • I think “it is important and essential to my system”
    • My company have “fund” for security
    Why Security !!!??? – Wrong Way View slide
    • Business Continuty
    Why Security !!!??? – Right Way Risk-based model Defense in Depth Security Control with ISO 27001 Risk Level ROI View slide
  • Risk-based Decision Making Business and IT Teams “ Best Control Solution” Information Security “ Prioritize Risks” Business Owners “ What’s Important” Assess Risks Define Security Requirements Determine Acceptable Risk Design & Build Security Solutions Operate & Support Security Solutions Measure Security Solutions
  • Demo
    • Examining Connection Trace Logs
      • Examine Event Logs
      • Examine Connection Logs
    demonstration Defense in Depth with Microsoft Product
  • Network Access Protection Benefits
    • Enhanced Security
      • All communications are authenticated, authorized & healthy
      • Defense-in-depth on your terms with DHCP, VPN, IPsec, 802.1X
      • Policy-based access that IT Pros can set and control
    • Increased Business Value
      • Preserves user productivity
      • Extends existing investments in Microsoft and 3rd party infrastructure
      • Broad industry partnership
    Risk Level ROI Health and Policy Validation Defense at Multiple Layers Healthy Endpoints Connect Leverage Existing Investments
    • Why Security
    • Introducing Network Access Protection
    • Using NAP with DHCP
    • Using NAP with VPN/Ipsec/802.1x
    • Q&A
    Agenda
  • Network Access Protection Solution
    • Policy Validation
    • Network Restriction
    • Remediation
    • Ongoing Compliance
    Polices, Procedures, and Awareness Data Application Host Internal Network Perimeter
  • NAP Architecture Overview Network Policy Server Quarantine Server (QS) Client Quarantine Agent (QA) Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices and Servers System Health Agent (SHA ) MS and 3rd Parties System Health Validator Enforcement Client (EC) (DHCP, IPSec, 802.1X, VPN)
  • How NAP Works Network Access Requests Corporate Network Restricted Network Windows Client Network Enforment Endpoint NPS Active Directory Health Statements QA SHA EC QS SHV Not Compliant Policy Compliant Remediation Servers
  • Why Microsoft NAP
    • Soft-based solution, free with Windows Server 2008.
    • Integrated into the client operating system (XP SP3, Vista)
    • Intergrated with Core System (SCCM,FCS,WSUS)
    • Integration with 3 rd party security products(Cisco,Juniper,Symantec, Mcafee)
    • NAP + Domain & Server Isolation = Enforment Sec
    • Multiple types of enforcement
    • Why Security
    • Introducing Network Access Protection
    • Using NAP with DHCP
    • Using NAP with VPN/Ipsec/802.1x
    • Q&A
    Agenda
  • NAP with DHCP Requesting access. Here’s my new health status. The client requests and receives updates I need to lease an IP address You are not within the Health Policy requirements Access granted. Here is your new IP address NPS Server Client DHCP Server VPN Server IEEE 802.1X Devices Remediation Servers
  • Demonstration Environment
  • Configuring NAP for DHCP demonstration
    • Why Security
    • Introducing Network Access Protection
    • Using NAP with DHCP
    • Using NAP with VPN/Ipsec/802.1x
    • Q&A
    Agenda
  • NAP with VPN and RRAS RADIUS Messages PEAP Messages NPS Server Client VPN Server Remediation Servers
  • IPsec-based Communication Secure network Boundary network Restricted network IPsec Authenticated Unauthenticated
  • Using NAP with 802.1x Device
    • Most Wireless Security for Enterprise with NAP
    • Interoperation with many 802.1x Switch
    Network Policy Server Authentication Server 802.1x Access Points 802.1x Switch Wireless Clients Active Directory Health Requirement Server Certificate Authority (Optional)
  • Q&A and Thanks You www.CaoSonBlog.com