SlideShare une entreprise Scribd logo

Hackcon 2017

Olav Tvedt
Olav Tvedt

Presentation from Hackcon #12, 2017. Windows Security, Device Guard, Credential Guard

Technologie
1  sur  45
Télécharger pour lire hors ligne
Protecting your critical systems from new and unknown malware, 0-days, and APT
WE DRIVE BUSINESS EVOLUTION FORWARD The ONE solution https://en.wikipedia.org/wiki/Snake_oil
WE DRIVE BUSINESS EVOLUTION FORWARD Modern Users
WE DRIVE BUSINESS EVOLUTION FORWARD Last Weeks Customer Incident
WE DRIVE BUSINESS EVOLUTION FORWARD Luck vs Solution Luck - Honesty - No Judgment - Response time Bad Luck - (Just about)Only local Admin user - User permission Mitigation - Monitoring (ATA) - User Training - Procedures, monitoring and alerts (ATP/ATA)
WE DRIVE BUSINESS EVOLUTION FORWARD Affected Client Bad Luck • USB Backup Disk • Local Admin (Exception) Mitigation • Azure Backup • LAPS • Local Administrator Password Solution • Device Guard https://www.microsoft.com/en-us/download/details.aspx?id=46899
WE DRIVE BUSINESS EVOLUTION FORWARD WHY!!!
WE DRIVE BUSINESS EVOLUTION FORWARD Man vs Machine
WE DRIVE BUSINESS EVOLUTION FORWARD Old School Security o User Education o Traditional best practices o Avoid Exceptions o Etc. Think!!!
WE DRIVE BUSINESS EVOLUTION FORWARD Windows Security History November 2006August 2004 https://en.wikipedia.org/wiki/Timeline_of_Microsoft_Windows
WE DRIVE BUSINESS EVOLUTION FORWARD Windows Vista UAC: • Stopped more than 50% of 2000 backdoors, keyloggers, rootkits, mass mailers, trojan horses, spyware, adware, and various others directly • Less then 5% survived UAV during reboot http://us.norton.com/support/premium_services/malware_removal_guide.pdf
WE DRIVE BUSINESS EVOLUTION FORWARD The Windows 10 Defense Stack PROTECT, DETECT & RESPOND PRE-BREACH POST-BREACH Windows Defender ATP Breach detection investigation & response Device protection Device Health attestation Device Guard Device Control Security policies Information protection Device protection / Drive encryption Enterprise Data Protection Conditional access Threat resistance SmartScreen AppLocker Device Guard Windows Defender Network/Firewall Built-in 2FA Account lockdown Credential Guard Microsoft Passport Windows Hello ;) Identity protection Breach detection investigation & response Device protection Information protection Threat resistance Conditional Access Windows Defender ATP Device integrity Device control BitLocker and BitLocker to Go Windows Information Protection SmartScreen Windows Firewall Microsoft Edge Device Guard Windows Defender Windows Hello ;) Credential Guard Identity protection
WE DRIVE BUSINESS EVOLUTION FORWARD POST-BREACHPRE-BREACH Breach detection investigation & response Device protection Identity protection Information protection Threat resistance Windows 10 Security on Legacy or Modern Devices (Upgraded from Windows 7 or 32-bit Windows 8)
WE DRIVE BUSINESS EVOLUTION FORWARD Dynamic Lock / Goodbye
WE DRIVE BUSINESS EVOLUTION FORWARD Hello (Word) For business 10 Print «Hello World!» 20 Goto 10 Run
WE DRIVE BUSINESS EVOLUTION FORWARD Hello For Business https://technet.microsoft.com/en-us/itpro/windows/keep-secure/hello-identity-verification
WE DRIVE BUSINESS EVOLUTION FORWARD Secure Boot / Bitlocker / BIOS -> UEFI https://msdn.microsoft.com/en-us/windows/hardware/commercialize/manufacture/desktop/secure-boot-overview
Show & Tell
WE DRIVE BUSINESS EVOLUTION FORWARD
The Guards
WE DRIVE BUSINESS EVOLUTION FORWARD VIRTUALIZATION BASED SECURITY Kernel Windows Platform Services Apps Kernel SystemContainer Trustlet#1 Trustlet#2 Trustlet#3 Hypervisor Device Hardware Windows Operating System Hyper-VHyper-V
WE DRIVE BUSINESS EVOLUTION FORWARD Device guard in vbs environment decisive mitigation Kernel Windows Platform Services Apps Kernel SystemContainer DEVICE GUARD Trustlet#2 Trustlet#3 Hypervisor Device Hardware Windows Operating System Hyper-VHyper-V
WE DRIVE BUSINESS EVOLUTION FORWARD Credential Guard Not currently supported on Windows Server2016
WE DRIVE BUSINESS EVOLUTION FORWARD
WE DRIVE BUSINESS EVOLUTION FORWARD
WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard KMCI – Kernel Mode Code Integrity UMCI – User Mode Code Integrity Whitelist ◦ Applications / Apps ◦ Utilities ◦ Drivers Audit / Enforce Lock Policy https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide
WE DRIVE BUSINESS EVOLUTION FORWARD Drivers https://msdn.microsoft.com/en-us/windows/hardware/drivers/dashboard/windows-certified-products-listv
WE DRIVE BUSINESS EVOLUTION FORWARD Certificates and Views 2 314 831 bytes 888 068 bytes
WE DRIVE BUSINESS EVOLUTION FORWARD Exceptions (Known Threats) • Narrator • Wifi • Blacklist whitelisted • Exploit Monday •https://github.com/mattifestation/DeviceGuardBypassMitigationRules
WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard Getting started • Golden Image • Audit Mode • Failed • Drivers • Policy files • Trial and error • Maintaine NB! Sign the policy https://technet.microsoft.com/itpro/windows/keep-secure/requirements-and-deployment-planning-guidelines-for- device-guard
WE DRIVE BUSINESS EVOLUTION FORWARD Group Policy
WE DRIVE BUSINESS EVOLUTION FORWARD Config Manager https://blogs.technet.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with- configuration-manager/
WE DRIVE BUSINESS EVOLUTION FORWARD CMD: Powershell Get-ExecutionPolicy Powershell Set-ExecutionPolicy unrestricted -scope process; ./DG_Readiness_Tool_v2.1.ps1 –ready Powershell Get-ExecutionPolicy Powershell: Get-ExecutionPolicy Set-ExecutionPolicy unrestricted -scope process; ./DG_Readiness_Tool_v2.1.ps1 –ready Get-ExecutionPolicy Script -Capable -Enable –CG -Enable -HVCI
WE DRIVE BUSINESS EVOLUTION FORWARD Management • Group Policy • Intune (Comming) • System Center
WE DRIVE BUSINESS EVOLUTION FORWARD New-CIPolicy -FilePath c:MyRulesMyRule.xml -Level PcaCertificate -ScanPath Set-RuleOption -FilePath c:MyRulesMyRule.xml -Option X https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-code-integrity-policies-policy-rules-and-file- rules#code-integrity-policy-rules
WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard Links Basic: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/introduction-to-device-guard-virtualization- based-security-and-code-integrity-policies#how-device-guard-features-help-protect-against-threats https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide https://github.com/iadgov/Secure-Host-Baseline/tree/master/Credential%20Guard http://www.exploit-monday.com/2016/09/introduction-to-windows-device-guard.html Advanced: https://blogs.msdn.microsoft.com/windows_hardware_certification/2015/05/22/driver-compatibility-with-device- guard-in-windows-10/ https://technet.microsoft.com/en-us/library/mt634481.aspx https://www.youtube.com/watch?v=n_fq1WnoQbI https://github.com/mattifestation/DeviceGuardBypassMitigationRules
WE DRIVE BUSINESS EVOLUTION FORWARD Conclusion
WE DRIVE BUSINESS EVOLUTION FORWARD Machine vs Man
Olav Tvedt Senior Principal Architect Lumagate A/S Blog: olavtvedt.blogspot.com Twitter: OlavTwitt Epost: Olav.Tvedt@Lumagate.com Cloud and Datacenter Management Windows and Devices for IT 31. Mai – www.mvpdagen.no

Recommandé

Vsm 7 8_sasd
Vsm 7 8_sasdVsm 7 8_sasd
Vsm 7 8_sasdDaniel Da Silva Gattai
 
инструкции и утилиты для удаления остатков антивирусных программ
инструкции и утилиты для удаления остатков антивирусных программинструкции и утилиты для удаления остатков антивирусных программ
инструкции и утилиты для удаления остатков антивирусных программbelhonka
 
شهادات تاهلية1
شهادات تاهلية1شهادات تاهلية1
شهادات تاهلية1Salem Salem
 
MTUG - På tide med litt oversikt og kontroll?
MTUG - På tide med litt oversikt og kontroll?MTUG - På tide med litt oversikt og kontroll?
MTUG - På tide med litt oversikt og kontroll?Olav Tvedt
 
ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation Olav Tvedt
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat RansomwareIvanti
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
Magento Application Security [EN]
Magento Application Security [EN]Magento Application Security [EN]
Magento Application Security [EN]Anna Völkl
 

Recommandé

Vsm 7 8_sasd
Vsm 7 8_sasdVsm 7 8_sasd
Vsm 7 8_sasdDaniel Da Silva Gattai
 
инструкции и утилиты для удаления остатков антивирусных программ
инструкции и утилиты для удаления остатков антивирусных программинструкции и утилиты для удаления остатков антивирусных программ
инструкции и утилиты для удаления остатков антивирусных программbelhonka
 
شهادات تاهلية1
شهادات تاهلية1شهادات تاهلية1
شهادات تاهلية1Salem Salem
 
MTUG - På tide med litt oversikt og kontroll?
MTUG - På tide med litt oversikt og kontroll?MTUG - På tide med litt oversikt og kontroll?
MTUG - På tide med litt oversikt og kontroll?Olav Tvedt
 
ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation ALSO Roadshow - Azure and EMS presentation
ALSO Roadshow - Azure and EMS presentation Olav Tvedt
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat RansomwareIvanti
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
Magento Application Security [EN]
Magento Application Security [EN]Magento Application Security [EN]
Magento Application Security [EN]Anna Völkl
 
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...SolarWinds
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Best free tools for w d a
Best free tools for w d aBest free tools for w d a
Best free tools for w d aConcentrated Technology
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database adminConcentrated Technology
 
Care and Feeding of Healthy Computers
Care and Feeding of Healthy ComputersCare and Feeding of Healthy Computers
Care and Feeding of Healthy ComputersLorens Tech Solutions
 
VMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor SecurityVMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor SecurityVMworld
 
QH-v22.pdf
QH-v22.pdfQH-v22.pdf
QH-v22.pdfQUICK HEAL TECHNOLOGIES LIMITED
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise ApplicationsDaniel Oh
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
ppt_rs.jpg
ppt_rs.jpgppt_rs.jpg
ppt_rs.jpgwebhostingguy
 
Sec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - finalSec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - finalJosh Bregman
 
DR Planning and Testing
DR Planning and TestingDR Planning and Testing
DR Planning and TestingJason Dea
 
SecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot ArmySecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot Armyconjur_inc
 
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...eG Innovations
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
Disaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, BackupDisaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, BackupTechSoup
 
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle VirtualboxEBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualboxjpiwowar
 
Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015VMUG IT
 
KTC Profile-august
KTC Profile-augustKTC Profile-august
KTC Profile-augustKTC Host
 
Free tools for win server administration
Free tools for win server administrationFree tools for win server administration
Free tools for win server administrationConcentrated Technology
 
MVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothingMVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothingOlav Tvedt
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Olav Tvedt
 

Contenu connexe

Similaire à Hackcon 2017

Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...SolarWinds
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Care and Feeding of Healthy Computers
Care and Feeding of Healthy ComputersCare and Feeding of Healthy Computers
Care and Feeding of Healthy ComputersLorens Tech Solutions
 
VMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor SecurityVMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor SecurityVMworld
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise ApplicationsDaniel Oh
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
Sec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - finalSec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - finalJosh Bregman
 
DR Planning and Testing
DR Planning and TestingDR Planning and Testing
DR Planning and TestingJason Dea
 
SecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot ArmySecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot Armyconjur_inc
 
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...eG Innovations
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
Disaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, BackupDisaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, BackupTechSoup
 
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle VirtualboxEBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualboxjpiwowar
 
Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015VMUG IT
 
KTC Profile-august
KTC Profile-augustKTC Profile-august
KTC Profile-augustKTC Host
 
Free tools for win server administration
Free tools for win server administrationFree tools for win server administration
Free tools for win server administrationConcentrated Technology
 

Similaire à Hackcon 2017 (20)

Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
Managing Storage in Virtualized Environments: Fighting Bottlenecks Hotspots a...
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016
 
Best free tools for w d a
Best free tools for w d aBest free tools for w d a
Best free tools for w d a
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database admin
 
Care and Feeding of Healthy Computers
Care and Feeding of Healthy ComputersCare and Feeding of Healthy Computers
Care and Feeding of Healthy Computers
 
VMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor SecurityVMworld 2014: ESXi Hypervisor Security
VMworld 2014: ESXi Hypervisor Security
 
QH-v22.pdf
QH-v22.pdfQH-v22.pdf
QH-v22.pdf
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Application
 
ppt_rs.jpg
ppt_rs.jpgppt_rs.jpg
ppt_rs.jpg
 
Sec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - finalSec devops 2.0 managing your robot army - final
Sec devops 2.0 managing your robot army - final
 
DR Planning and Testing
DR Planning and TestingDR Planning and Testing
DR Planning and Testing
 
SecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot ArmySecDevOps 2.0 - Managing Your Robot Army
SecDevOps 2.0 - Managing Your Robot Army
 
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
Citrix XenMobile and ShareFile Performance - 5 Steps for a Better BYOD Experi...
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-release
 
Disaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, BackupDisaster Planning Backup, Backup, Backup
Disaster Planning Backup, Backup, Backup
 
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle VirtualboxEBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
EBS in an hour: Build a Vision instance - FAST - in Oracle Virtualbox
 
Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015Presentazione SimpliVity @ VMUGIT UserCon 2015
Presentazione SimpliVity @ VMUGIT UserCon 2015
 
KTC Profile-august
KTC Profile-augustKTC Profile-august
KTC Profile-august
 
Free tools for win server administration
Free tools for win server administrationFree tools for win server administration
Free tools for win server administration
 

Plus de Olav Tvedt

MVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothingMVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothingOlav Tvedt
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Olav Tvedt
 
SharePoint Conference - Secure the data, not the device
SharePoint Conference - Secure the data, not the deviceSharePoint Conference - Secure the data, not the device
SharePoint Conference - Secure the data, not the deviceOlav Tvedt
 
NIC - Securing one drive and its content
NIC - Securing one drive and its contentNIC - Securing one drive and its content
NIC - Securing one drive and its contentOlav Tvedt
 
NIC - Lets put the business into one drive
NIC - Lets put the business into one driveNIC - Lets put the business into one drive
NIC - Lets put the business into one driveOlav Tvedt
 
Securing the weakest link adding security layers while keeping the use
Securing the weakest link adding security layers while keeping the useSecuring the weakest link adding security layers while keeping the use
Securing the weakest link adding security layers while keeping the useOlav Tvedt
 
The Windows 10 tips you wished you knew last week
The Windows 10 tips you wished you knew last weekThe Windows 10 tips you wished you knew last week
The Windows 10 tips you wished you knew last weekOlav Tvedt
 
What’s new for SMBs in fall creators update
What’s new for SMBs in fall creators updateWhat’s new for SMBs in fall creators update
What’s new for SMBs in fall creators updateOlav Tvedt
 
Let's put the business into onedrive for business
Let's put the business into onedrive for businessLet's put the business into onedrive for business
Let's put the business into onedrive for businessOlav Tvedt
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Microsoft Windows 10 Bootcamp - Windows as a service
Microsoft Windows 10 Bootcamp - Windows as a serviceMicrosoft Windows 10 Bootcamp - Windows as a service
Microsoft Windows 10 Bootcamp - Windows as a serviceOlav Tvedt
 
Microsoft Windows 10 Bootcamp - MDT Offline media
Microsoft Windows 10 Bootcamp - MDT Offline mediaMicrosoft Windows 10 Bootcamp - MDT Offline media
Microsoft Windows 10 Bootcamp - MDT Offline mediaOlav Tvedt
 
Microsoft Windows 10 Bootcamp - Active directory
Microsoft Windows 10 Bootcamp - Active directoryMicrosoft Windows 10 Bootcamp - Active directory
Microsoft Windows 10 Bootcamp - Active directoryOlav Tvedt
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementOlav Tvedt
 
Modern Workplace Summit 2015 - Surface and offline media
Modern Workplace Summit 2015 - Surface and offline mediaModern Workplace Summit 2015 - Surface and offline media
Modern Workplace Summit 2015 - Surface and offline mediaOlav Tvedt
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide DeckOlav Tvedt
 
Ms @ evry rs june 2015 slidehide
Ms @ evry rs june 2015 slidehideMs @ evry rs june 2015 slidehide
Ms @ evry rs june 2015 slidehideOlav Tvedt
 
Win 10 frokost seminar
Win 10 frokost seminarWin 10 frokost seminar
Win 10 frokost seminarOlav Tvedt
 
Ignite - The 15 minute deploying surface (pro) guide
Ignite - The 15 minute deploying surface (pro) guideIgnite - The 15 minute deploying surface (pro) guide
Ignite - The 15 minute deploying surface (pro) guideOlav Tvedt
 

Plus de Olav Tvedt (20)

MVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothingMVP Dagen 2021 - Money for nothing
MVP Dagen 2021 - Money for nothing
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...
 
SharePoint Conference - Secure the data, not the device
SharePoint Conference - Secure the data, not the deviceSharePoint Conference - Secure the data, not the device
SharePoint Conference - Secure the data, not the device
 
NIC - Securing one drive and its content
NIC - Securing one drive and its contentNIC - Securing one drive and its content
NIC - Securing one drive and its content
 
NIC - Lets put the business into one drive
NIC - Lets put the business into one driveNIC - Lets put the business into one drive
NIC - Lets put the business into one drive
 
Securing the weakest link adding security layers while keeping the use
Securing the weakest link adding security layers while keeping the useSecuring the weakest link adding security layers while keeping the use
Securing the weakest link adding security layers while keeping the use
 
The Windows 10 tips you wished you knew last week
The Windows 10 tips you wished you knew last weekThe Windows 10 tips you wished you knew last week
The Windows 10 tips you wished you knew last week
 
What’s new for SMBs in fall creators update
What’s new for SMBs in fall creators updateWhat’s new for SMBs in fall creators update
What’s new for SMBs in fall creators update
 
Let's put the business into onedrive for business
Let's put the business into onedrive for businessLet's put the business into onedrive for business
Let's put the business into onedrive for business
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Bsm mw10
Bsm mw10Bsm mw10
Bsm mw10
 
Microsoft Windows 10 Bootcamp - Windows as a service
Microsoft Windows 10 Bootcamp - Windows as a serviceMicrosoft Windows 10 Bootcamp - Windows as a service
Microsoft Windows 10 Bootcamp - Windows as a service
 
Microsoft Windows 10 Bootcamp - MDT Offline media
Microsoft Windows 10 Bootcamp - MDT Offline mediaMicrosoft Windows 10 Bootcamp - MDT Offline media
Microsoft Windows 10 Bootcamp - MDT Offline media
 
Microsoft Windows 10 Bootcamp - Active directory
Microsoft Windows 10 Bootcamp - Active directoryMicrosoft Windows 10 Bootcamp - Active directory
Microsoft Windows 10 Bootcamp - Active directory
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
 
Modern Workplace Summit 2015 - Surface and offline media
Modern Workplace Summit 2015 - Surface and offline mediaModern Workplace Summit 2015 - Surface and offline media
Modern Workplace Summit 2015 - Surface and offline media
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck
 
Ms @ evry rs june 2015 slidehide
Ms @ evry rs june 2015 slidehideMs @ evry rs june 2015 slidehide
Ms @ evry rs june 2015 slidehide
 
Win 10 frokost seminar
Win 10 frokost seminarWin 10 frokost seminar
Win 10 frokost seminar
 
Ignite - The 15 minute deploying surface (pro) guide
Ignite - The 15 minute deploying surface (pro) guideIgnite - The 15 minute deploying surface (pro) guide
Ignite - The 15 minute deploying surface (pro) guide
 

Dernier

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Dernier (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Hackcon 2017

  • 1. Protecting your critical systems from new and unknown malware, 0-days, and APT
  • 2. WE DRIVE BUSINESS EVOLUTION FORWARD The ONE solution https://en.wikipedia.org/wiki/Snake_oil
  • 3. WE DRIVE BUSINESS EVOLUTION FORWARD Modern Users
  • 4. WE DRIVE BUSINESS EVOLUTION FORWARD Last Weeks Customer Incident
  • 5. WE DRIVE BUSINESS EVOLUTION FORWARD Luck vs Solution Luck - Honesty - No Judgment - Response time Bad Luck - (Just about)Only local Admin user - User permission Mitigation - Monitoring (ATA) - User Training - Procedures, monitoring and alerts (ATP/ATA)
  • 6. WE DRIVE BUSINESS EVOLUTION FORWARD Affected Client Bad Luck • USB Backup Disk • Local Admin (Exception) Mitigation • Azure Backup • LAPS • Local Administrator Password Solution • Device Guard https://www.microsoft.com/en-us/download/details.aspx?id=46899
  • 7. WE DRIVE BUSINESS EVOLUTION FORWARD WHY!!!
  • 8. WE DRIVE BUSINESS EVOLUTION FORWARD Man vs Machine
  • 9. WE DRIVE BUSINESS EVOLUTION FORWARD Old School Security o User Education o Traditional best practices o Avoid Exceptions o Etc. Think!!!
  • 10. WE DRIVE BUSINESS EVOLUTION FORWARD Windows Security History November 2006August 2004 https://en.wikipedia.org/wiki/Timeline_of_Microsoft_Windows
  • 11. WE DRIVE BUSINESS EVOLUTION FORWARD Windows Vista UAC: • Stopped more than 50% of 2000 backdoors, keyloggers, rootkits, mass mailers, trojan horses, spyware, adware, and various others directly • Less then 5% survived UAV during reboot http://us.norton.com/support/premium_services/malware_removal_guide.pdf
  • 12. WE DRIVE BUSINESS EVOLUTION FORWARD The Windows 10 Defense Stack PROTECT, DETECT & RESPOND PRE-BREACH POST-BREACH Windows Defender ATP Breach detection investigation & response Device protection Device Health attestation Device Guard Device Control Security policies Information protection Device protection / Drive encryption Enterprise Data Protection Conditional access Threat resistance SmartScreen AppLocker Device Guard Windows Defender Network/Firewall Built-in 2FA Account lockdown Credential Guard Microsoft Passport Windows Hello ;) Identity protection Breach detection investigation & response Device protection Information protection Threat resistance Conditional Access Windows Defender ATP Device integrity Device control BitLocker and BitLocker to Go Windows Information Protection SmartScreen Windows Firewall Microsoft Edge Device Guard Windows Defender Windows Hello ;) Credential Guard Identity protection
  • 13. WE DRIVE BUSINESS EVOLUTION FORWARD POST-BREACHPRE-BREACH Breach detection investigation & response Device protection Identity protection Information protection Threat resistance Windows 10 Security on Legacy or Modern Devices (Upgraded from Windows 7 or 32-bit Windows 8)
  • 14. WE DRIVE BUSINESS EVOLUTION FORWARD Dynamic Lock / Goodbye
  • 15. WE DRIVE BUSINESS EVOLUTION FORWARD Hello (Word) For business 10 Print «Hello World!» 20 Goto 10 Run
  • 16. WE DRIVE BUSINESS EVOLUTION FORWARD Hello For Business https://technet.microsoft.com/en-us/itpro/windows/keep-secure/hello-identity-verification
  • 17. WE DRIVE BUSINESS EVOLUTION FORWARD Secure Boot / Bitlocker / BIOS -> UEFI https://msdn.microsoft.com/en-us/windows/hardware/commercialize/manufacture/desktop/secure-boot-overview
  • 19. WE DRIVE BUSINESS EVOLUTION FORWARD
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 27. WE DRIVE BUSINESS EVOLUTION FORWARD VIRTUALIZATION BASED SECURITY Kernel Windows Platform Services Apps Kernel SystemContainer Trustlet#1 Trustlet#2 Trustlet#3 Hypervisor Device Hardware Windows Operating System Hyper-VHyper-V
  • 28. WE DRIVE BUSINESS EVOLUTION FORWARD Device guard in vbs environment decisive mitigation Kernel Windows Platform Services Apps Kernel SystemContainer DEVICE GUARD Trustlet#2 Trustlet#3 Hypervisor Device Hardware Windows Operating System Hyper-VHyper-V
  • 29. WE DRIVE BUSINESS EVOLUTION FORWARD Credential Guard Not currently supported on Windows Server2016
  • 30. WE DRIVE BUSINESS EVOLUTION FORWARD
  • 31. WE DRIVE BUSINESS EVOLUTION FORWARD
  • 32. WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard KMCI – Kernel Mode Code Integrity UMCI – User Mode Code Integrity Whitelist ◦ Applications / Apps ◦ Utilities ◦ Drivers Audit / Enforce Lock Policy https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide
  • 33. WE DRIVE BUSINESS EVOLUTION FORWARD Drivers https://msdn.microsoft.com/en-us/windows/hardware/drivers/dashboard/windows-certified-products-listv
  • 34. WE DRIVE BUSINESS EVOLUTION FORWARD Certificates and Views 2 314 831 bytes 888 068 bytes
  • 35. WE DRIVE BUSINESS EVOLUTION FORWARD Exceptions (Known Threats) • Narrator • Wifi • Blacklist whitelisted • Exploit Monday •https://github.com/mattifestation/DeviceGuardBypassMitigationRules
  • 36. WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard Getting started • Golden Image • Audit Mode • Failed • Drivers • Policy files • Trial and error • Maintaine NB! Sign the policy https://technet.microsoft.com/itpro/windows/keep-secure/requirements-and-deployment-planning-guidelines-for- device-guard
  • 37. WE DRIVE BUSINESS EVOLUTION FORWARD Group Policy
  • 38. WE DRIVE BUSINESS EVOLUTION FORWARD Config Manager https://blogs.technet.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with- configuration-manager/
  • 39. WE DRIVE BUSINESS EVOLUTION FORWARD CMD: Powershell Get-ExecutionPolicy Powershell Set-ExecutionPolicy unrestricted -scope process; ./DG_Readiness_Tool_v2.1.ps1 –ready Powershell Get-ExecutionPolicy Powershell: Get-ExecutionPolicy Set-ExecutionPolicy unrestricted -scope process; ./DG_Readiness_Tool_v2.1.ps1 –ready Get-ExecutionPolicy Script -Capable -Enable –CG -Enable -HVCI
  • 40. WE DRIVE BUSINESS EVOLUTION FORWARD Management • Group Policy • Intune (Comming) • System Center
  • 41. WE DRIVE BUSINESS EVOLUTION FORWARD New-CIPolicy -FilePath c:MyRulesMyRule.xml -Level PcaCertificate -ScanPath Set-RuleOption -FilePath c:MyRulesMyRule.xml -Option X https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-code-integrity-policies-policy-rules-and-file- rules#code-integrity-policy-rules
  • 42. WE DRIVE BUSINESS EVOLUTION FORWARD Device Guard Links Basic: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/introduction-to-device-guard-virtualization- based-security-and-code-integrity-policies#how-device-guard-features-help-protect-against-threats https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide https://github.com/iadgov/Secure-Host-Baseline/tree/master/Credential%20Guard http://www.exploit-monday.com/2016/09/introduction-to-windows-device-guard.html Advanced: https://blogs.msdn.microsoft.com/windows_hardware_certification/2015/05/22/driver-compatibility-with-device- guard-in-windows-10/ https://technet.microsoft.com/en-us/library/mt634481.aspx https://www.youtube.com/watch?v=n_fq1WnoQbI https://github.com/mattifestation/DeviceGuardBypassMitigationRules
  • 43. WE DRIVE BUSINESS EVOLUTION FORWARD Conclusion
  • 44. WE DRIVE BUSINESS EVOLUTION FORWARD Machine vs Man
  • 45. Olav Tvedt Senior Principal Architect Lumagate A/S Blog: olavtvedt.blogspot.com Twitter: OlavTwitt Epost: Olav.Tvedt@Lumagate.com Cloud and Datacenter Management Windows and Devices for IT 31. Mai – www.mvpdagen.no