1 / 28

Security Features in Windows Vista

Security Features in Windows Vista. Chalermrath Kongkangwanchoke Technology Specialist |Core Infrastructure Platform Identity and Access Management | Security | Networking. What Will We Cover?. Security fundamentals Protecting your company’s resources Anti-malware features.

saeran
Télécharger la présentation

Security Features in Windows Vista

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Features in Windows Vista Chalermrath Kongkangwanchoke Technology Specialist |Core Infrastructure Platform Identity and Access Management | Security | Networking

  2. What Will We Cover? • Security fundamentals • Protecting your company’s resources • Anti-malware features

  3. Helpful Experience • Windows user interface • Windows security concepts Level 200

  4. Agenda • Exploring Security Fundamentals • Mitigating Threats and Vulnerabilities • Controlling Identity and Access • Protecting System Information

  5. Windows Vista Fundamentals Secure by Default • Improved SDL • Common Criteria Certification

  6. Windows Vista Service Hardening D D D D Kernel drivers User-mode drivers D D D D • Reduce size of high-risk layers • Segment the services • Increase number of layers Service … Service 1 Service… Service 2 Service A Service 3 Service B

  7. Agenda • Exploring Security Fundamentals • Mitigating Threats and Vulnerabilities • Controlling Identity and Access • Protecting System Information

  8. Internet Explorer 7.0 Social Engineering Protections Protection from Exploits • Unified URL parsing • Code quality improvements (SDLC) • ActiveX opt-in • Protected Mode to prevent malicious software • Phishing filter and colored address bar • Dangerous Settings notification • Secure defaults for IDN

  9. Advanced Malware Protection Admin-Rights Access Install a driver and run Windows Update Change settings, save a picture Install an ActiveX control Redirected settings & files HKLM Program Files IEUser IEAdmin IE6 Exploit can install malware Exploit can install malware User-Rights Access Integrity Control Internet Explorer HKCU My Documents Startup Folder Compact Redirector Change settings, download a picture Temp Internet Files Un-trusted files and settings Cache Web content

  10. ActiveX Opt-in IE7 blocks ActiveX Control User grants permission (opts-in) IE7 ActiveX Control enabled Disabled Controls by default IE7 confirms install

  11. Windows Vista Firewall IPSec

  12. demonstration Demo • Configuring the Windows Firewall • Configure Computer Connection Security • Configure an Inbound Exception

  13. Windows Defender Improved detection and removal Redesigned and simplified user interface Protection for all users

  14. Network Access Protection Fix Up Servers Policy Servers Windows Vista Client DHCP, VPN Switch/Router MSFT Network Policy Server Corporate Network

  15. Agenda • Exploring Security Fundamentals • Mitigating Threats and Vulnerabilities • Controlling Identity and Access • Protecting System Information

  16. Current Challenges

  17. User Account Control Allows system to run as standard user Allows select applications to run in elevated context Fix or remove inappropriate administrative checks Registry and file virtualization provides compatibility

  18. User Account Control Sample

  19. demonstration Demo • Reviewing User Account Control • Use Windows Vista as a Standard User • Customize User Account Control

  20. Integrated Control Control over removable device installation Restart Manager Security Center enhancements

  21. demonstration Demo • Blocking Unauthorized Devices • Block the Installation of a USB Flash Drive

  22. Agenda • Exploring Security Fundamentals • Mitigating Threats and Vulnerabilities • Controlling Identity and Access • Protecting System Information

  23. Windows Vista Data Protection Policy Definition and Enforcement Rights Management Services User-Based File System Encryption Encrypted File System Drive-Level Encryption BitLocker Drive Encryption

  24. BitLocker Drive Encryption • Improved at-rest data protection with full drive encryption • Usability with scalable security protections • Enterprise-ready deployment capabilities • Offline system-tampering resistance • Worry-free hardware repurposing and decommissioning • Integrated disaster recovery features

  25. Trusted Platform Module Encrypted Volume Key Encrypted Data Encrypted Full Volume Encryption Key Cleartext Data TPM Volume Master Key Full Volume Encryption Key

  26. Spectrum of Protection ******* Ease of Use TPM Only Dongle Only TPM & PIN TPM & Dongle Security

  27. Session Summary • Windows Vista is the most secure Windows operating system to date • Windows Vista protects users • Numerous other security improvements help protect data and ease deployment

  28. For More Information Windows Vista Web Site:http://www.microsoft.com/vista Windows Vista TechCenter: http://technet.microsoft.com/en-us/windowsvista/aa905062.aspx

More Related