SlideShare une entreprise Scribd logo

Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features

Télécharger en tant que PPTX, PDF
Microsoft TechNet - Belgium and Luxembourg
Microsoft TechNet - Belgium and Luxembourg

More info on http://techdays.be.

1  sur  17
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features Marcus Murray & Hasain Alshakarti Truesec Security Team, MVP-Enterprise Security x2
Marcus Murray Hasain Alshakarti
So.. What are the new security features in Windows 8 & Server 2012?
Secure boot/Measured boot/Early Malware detection Client User Web rv
Bitlocker enhancement This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware. • Enhancements: Client – Bitlocker Network unlock – New protectors User •For NKP, the win8 client should be using UEFI 2.3.1 BitLocker Network Unlock has the following software and hardware requirements that must be met before you can use it: Client computer requirements •A DHCP driver that is implemented in the UEFI firmware •Trusted Platform Module (TPM) 1.2 or TPM 2.0 •BitLocker enabled on the operating system volume Windows Deployment Services server requirements •BitLocker Network Unlock feature installed (only available in windows server 2012) •2,048-bit RSA public/private key pair X.509 certificate present in FVENKP certificate store Domain controller requirements •Copy of the BitLocker Network Unlock Certificate from the Windows Deployment Services server on the domain controller to set Group Policy settings for Network Unlock. (2012 server
Virtual smartcard Client User Web Srv
Claims Client User Client User Web Srv
Dynamic access control
Data classification Secret stuff.doc Project X.doc Public statement.doc Required Clearance: Required Clearance: Required Clearance: Restricted Internal Use Public Confidentiality: Confidentiality: Confidentiality: High Moderate Low http://www.microsoft.com/en- us/download/details.aspx?id=27123
Dnssec Client User Client User Web Srv
Unified Remote access Client User Client User Web Srv
Powershell remoting Client User Client User Web Srv
FGPP Ui
Improved Security Audit • Advanced Security Audit Client Policy Step-by-Step Guide User <http://technet.microsoft.com/en- Client us/library/dd408940(v=ws.10).aspx> User Web Srv
Marcus Murray Hasain Alshakarti
Thank you for listening! 

Recommandé

Weblogic server
Weblogic serverWeblogic server
Weblogic server
Smartittrainings
 
Weblogic online training
Weblogic online trainingWeblogic online training
Weblogic online training
Smartittrainings
 
Lession 3
Lession 3Lession 3
Lession 3
Vietfreelancer Expert
 
Virtualization security
Virtualization securityVirtualization security
Virtualization security
Ahmed Nour
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
Jason Chan
 
Virtualization Security
Virtualization SecurityVirtualization Security
Virtualization Security
syrinxtech
 
Lession 5
Lession 5Lession 5
Lession 5
Vietfreelancer Expert
 
Active Directory and Virtualization
Active Directory and VirtualizationActive Directory and Virtualization
Active Directory and Virtualization
Aniket Pandey
 

Recommandé

Weblogic server
Weblogic serverWeblogic server
Weblogic server
Smartittrainings
 
Weblogic online training
Weblogic online trainingWeblogic online training
Weblogic online training
Smartittrainings
 
Lession 3
Lession 3Lession 3
Lession 3
Vietfreelancer Expert
 
Virtualization security
Virtualization securityVirtualization security
Virtualization security
Ahmed Nour
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
Jason Chan
 
Virtualization Security
Virtualization SecurityVirtualization Security
Virtualization Security
syrinxtech
 
Lession 5
Lession 5Lession 5
Lession 5
Vietfreelancer Expert
 
Active Directory and Virtualization
Active Directory and VirtualizationActive Directory and Virtualization
Active Directory and Virtualization
Aniket Pandey
 
Streaming multimedia application for mobile devices for audio & video
Streaming multimedia application for mobile devices for audio & videoStreaming multimedia application for mobile devices for audio & video
Streaming multimedia application for mobile devices for audio & video
Mike Taylor
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Data power v7 update - Ravi Katikala
Data power v7 update - Ravi KatikalaData power v7 update - Ravi Katikala
Data power v7 update - Ravi Katikala
floridawusergroup
 
move-anti-virus
move-anti-virusmove-anti-virus
move-anti-virus
Aakash Chaturvedi
 
Server 2008 Project
Server 2008 ProjectServer 2008 Project
Server 2008 Project
wsolomoniv
 
siva profile
siva profilesiva profile
siva profile
sivakumar v
 
ActiveManage product brief 2002
ActiveManage product brief 2002ActiveManage product brief 2002
ActiveManage product brief 2002
Vinny Pasceri
 
Why Security Teams should care about VMware
Why Security Teams should care about VMwareWhy Security Teams should care about VMware
Why Security Teams should care about VMware
JJDiGeronimo
 
Maintaining and Troubleshooting your XenApp 7.5 Environment
Maintaining and Troubleshooting your XenApp 7.5 EnvironmentMaintaining and Troubleshooting your XenApp 7.5 Environment
Maintaining and Troubleshooting your XenApp 7.5 Environment
David McGeough
 
V mware course contents copy
V mware course contents copyV mware course contents copy
V mware course contents copy
Rakesh Puppala
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
Shilpin Pvt. Ltd.
 
The WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems OverviewThe WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems Overview
Nick Owen
 
Wallix AdminBastion - Privileged User Management &amp; Access Control
Wallix AdminBastion - Privileged User Management &amp; Access ControlWallix AdminBastion - Privileged User Management &amp; Access Control
Wallix AdminBastion - Privileged User Management &amp; Access Control
zayedalji
 
Class Project: Security in Microsoft Azure
Class Project: Security in Microsoft AzureClass Project: Security in Microsoft Azure
Class Project: Security in Microsoft Azure
saitoserge
 
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan ShettyTrack 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
EMC Forum India
 
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
Radu Vunvulea
 
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONSADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
elliando dias
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security Enhancements
Presentologics
 
Maintaining and Troubleshooting your XenDesktop 7.5 Environment
Maintaining and Troubleshooting your XenDesktop 7.5 EnvironmentMaintaining and Troubleshooting your XenDesktop 7.5 Environment
Maintaining and Troubleshooting your XenDesktop 7.5 Environment
David McGeough
 
BizTalk Operations Management
BizTalk Operations ManagementBizTalk Operations Management
BizTalk Operations Management
clineer
 
Dell Webinar 2014-06-24: Subqueries For Superheroes
Dell Webinar 2014-06-24: Subqueries For SuperheroesDell Webinar 2014-06-24: Subqueries For Superheroes
Dell Webinar 2014-06-24: Subqueries For Superheroes
Tracy McKibben
 
HTTP 완벽가이드- 19장 배포시스템
HTTP 완벽가이드- 19장 배포시스템HTTP 완벽가이드- 19장 배포시스템
HTTP 완벽가이드- 19장 배포시스템
박 민규
 

Contenu connexe

Tendances

Data power v7 update - Ravi Katikala
Data power v7 update - Ravi KatikalaData power v7 update - Ravi Katikala
Data power v7 update - Ravi Katikala
floridawusergroup
 
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan ShettyTrack 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
EMC Forum India
 
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONSADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
elliando dias
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security Enhancements
Presentologics
 
BizTalk Operations Management
BizTalk Operations ManagementBizTalk Operations Management
BizTalk Operations Management
clineer
 

Tendances (20)

Streaming multimedia application for mobile devices for audio & video
Streaming multimedia application for mobile devices for audio & videoStreaming multimedia application for mobile devices for audio & video
Streaming multimedia application for mobile devices for audio & video
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
 
Data power v7 update - Ravi Katikala
Data power v7 update - Ravi KatikalaData power v7 update - Ravi Katikala
Data power v7 update - Ravi Katikala
 
move-anti-virus
move-anti-virusmove-anti-virus
move-anti-virus
 
Server 2008 Project
Server 2008 ProjectServer 2008 Project
Server 2008 Project
 
siva profile
siva profilesiva profile
siva profile
 
ActiveManage product brief 2002
ActiveManage product brief 2002ActiveManage product brief 2002
ActiveManage product brief 2002
 
Why Security Teams should care about VMware
Why Security Teams should care about VMwareWhy Security Teams should care about VMware
Why Security Teams should care about VMware
 
Maintaining and Troubleshooting your XenApp 7.5 Environment
Maintaining and Troubleshooting your XenApp 7.5 EnvironmentMaintaining and Troubleshooting your XenApp 7.5 Environment
Maintaining and Troubleshooting your XenApp 7.5 Environment
 
V mware course contents copy
V mware course contents copyV mware course contents copy
V mware course contents copy
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
 
The WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems OverviewThe WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems Overview
 
Wallix AdminBastion - Privileged User Management &amp; Access Control
Wallix AdminBastion - Privileged User Management &amp; Access ControlWallix AdminBastion - Privileged User Management &amp; Access Control
Wallix AdminBastion - Privileged User Management &amp; Access Control
 
Class Project: Security in Microsoft Azure
Class Project: Security in Microsoft AzureClass Project: Security in Microsoft Azure
Class Project: Security in Microsoft Azure
 
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan ShettyTrack 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
Track 1 Virtualizing Critical Applications with VMWARE VISPHERE by Roshan Shetty
 
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
Network isolated inside a cloud environment Radu Vunvulea DevTalks 2017 Cluj ...
 
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONSADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
ADDRESSING TOMORROW'S SECURITY REQUIREMENTS IN ENTERPRISE APPLICATIONS
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security Enhancements
 
Maintaining and Troubleshooting your XenDesktop 7.5 Environment
Maintaining and Troubleshooting your XenDesktop 7.5 EnvironmentMaintaining and Troubleshooting your XenDesktop 7.5 Environment
Maintaining and Troubleshooting your XenDesktop 7.5 Environment
 
BizTalk Operations Management
BizTalk Operations ManagementBizTalk Operations Management
BizTalk Operations Management
 

En vedette

Storage networking fcf_co_eiscsivsn_technology
Storage networking fcf_co_eiscsivsn_technologyStorage networking fcf_co_eiscsivsn_technology
Storage networking fcf_co_eiscsivsn_technology
EMC
 
Evaluation for media
Evaluation for mediaEvaluation for media
Evaluation for media
loousmith
 
Animal ppt sarah burress
Animal ppt sarah burressAnimal ppt sarah burress
Animal ppt sarah burress
Sarah_Burress
 
Sonderheft big data ebook_englisch
Sonderheft big data ebook_englischSonderheft big data ebook_englisch
Sonderheft big data ebook_englisch
EMC
 
02 allocative efficiency
02 allocative efficiency02 allocative efficiency
02 allocative efficiency
Travis Klein
 
Snapshot of-juxt-india-online-landscape-2010-press
Snapshot of-juxt-india-online-landscape-2010-pressSnapshot of-juxt-india-online-landscape-2010-press
Snapshot of-juxt-india-online-landscape-2010-press
man_jyoti
 
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
Adaptec by PMC
 

En vedette (15)

Dell Webinar 2014-06-24: Subqueries For Superheroes
Dell Webinar 2014-06-24: Subqueries For SuperheroesDell Webinar 2014-06-24: Subqueries For Superheroes
Dell Webinar 2014-06-24: Subqueries For Superheroes
 
HTTP 완벽가이드- 19장 배포시스템
HTTP 완벽가이드- 19장 배포시스템HTTP 완벽가이드- 19장 배포시스템
HTTP 완벽가이드- 19장 배포시스템
 
Day 3
Day 3Day 3
Day 3
 
Year 2070
Year 2070Year 2070
Year 2070
 
Mobile Research Goes To The Game - Paper
Mobile Research Goes To The Game - PaperMobile Research Goes To The Game - Paper
Mobile Research Goes To The Game - Paper
 
Storage networking fcf_co_eiscsivsn_technology
Storage networking fcf_co_eiscsivsn_technologyStorage networking fcf_co_eiscsivsn_technology
Storage networking fcf_co_eiscsivsn_technology
 
Wed thurs reform
Wed thurs reformWed thurs reform
Wed thurs reform
 
Mon start of ww1
Mon start of ww1Mon start of ww1
Mon start of ww1
 
BPR meets ST
BPR meets STBPR meets ST
BPR meets ST
 
Evaluation for media
Evaluation for mediaEvaluation for media
Evaluation for media
 
Animal ppt sarah burress
Animal ppt sarah burressAnimal ppt sarah burress
Animal ppt sarah burress
 
Sonderheft big data ebook_englisch
Sonderheft big data ebook_englischSonderheft big data ebook_englisch
Sonderheft big data ebook_englisch
 
02 allocative efficiency
02 allocative efficiency02 allocative efficiency
02 allocative efficiency
 
Snapshot of-juxt-india-online-landscape-2010-press
Snapshot of-juxt-india-online-landscape-2010-pressSnapshot of-juxt-india-online-landscape-2010-press
Snapshot of-juxt-india-online-landscape-2010-press
 
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
Adaptec by PMC Zero-Maintenance Cache Protection (ZMCP)
 

Similaire à Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features

Entitlement and Compliance Management: Trends and 2012 Vision
Entitlement and Compliance Management: Trends and 2012 VisionEntitlement and Compliance Management: Trends and 2012 Vision
Entitlement and Compliance Management: Trends and 2012 Vision
Flexera
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...
solarisyourep
 
VMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and FlexibilityVMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and Flexibility
Paulo Freitas
 
Sun/Oracle Desktop Virtualization
Sun/Oracle Desktop VirtualizationSun/Oracle Desktop Virtualization
Sun/Oracle Desktop Virtualization
selghaly
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat Security Conference
 
Microsoft System Center 2012 R2 Overview - Presented by Atidan
Microsoft System Center 2012 R2 Overview - Presented by AtidanMicrosoft System Center 2012 R2 Overview - Presented by Atidan
Microsoft System Center 2012 R2 Overview - Presented by Atidan
David J Rosenthal
 

Similaire à Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features (20)

VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
 
Entitlement and Compliance Management: Trends and 2012 Vision
Entitlement and Compliance Management: Trends and 2012 VisionEntitlement and Compliance Management: Trends and 2012 Vision
Entitlement and Compliance Management: Trends and 2012 Vision
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...
 
Resume
ResumeResume
Resume
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
 
VMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and FlexibilityVMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and Flexibility
 
f5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdff5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdf
 
vBrownbag EMEA VCAP6-DCV Design Objcetive 2.7 on Security in Logical Designs
vBrownbag EMEA VCAP6-DCV Design Objcetive 2.7 on Security in Logical DesignsvBrownbag EMEA VCAP6-DCV Design Objcetive 2.7 on Security in Logical Designs
vBrownbag EMEA VCAP6-DCV Design Objcetive 2.7 on Security in Logical Designs
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?
 
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
 
PHD Virtual Backup v7.0 for Hyper-V
PHD Virtual Backup v7.0 for Hyper-VPHD Virtual Backup v7.0 for Hyper-V
PHD Virtual Backup v7.0 for Hyper-V
 
Sun/Oracle Desktop Virtualization
Sun/Oracle Desktop VirtualizationSun/Oracle Desktop Virtualization
Sun/Oracle Desktop Virtualization
 
Windows 7 For Itpro
Windows 7 For ItproWindows 7 For Itpro
Windows 7 For Itpro
 
Get ready for tomorrow, today!
Get ready for tomorrow, today!Get ready for tomorrow, today!
Get ready for tomorrow, today!
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPN
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
 
Websphere - Introduction to SSL part 1
Websphere - Introduction to SSL part 1Websphere - Introduction to SSL part 1
Websphere - Introduction to SSL part 1
 
Vmw edition-comparison
Vmw edition-comparisonVmw edition-comparison
Vmw edition-comparison
 
Microsoft System Center 2012 R2 Overview - Presented by Atidan
Microsoft System Center 2012 R2 Overview - Presented by AtidanMicrosoft System Center 2012 R2 Overview - Presented by Atidan
Microsoft System Center 2012 R2 Overview - Presented by Atidan
 

Plus de Microsoft TechNet - Belgium and Luxembourg

Plus de Microsoft TechNet - Belgium and Luxembourg (20)

Windows 10: all you need to know!
Windows 10: all you need to know!Windows 10: all you need to know!
Windows 10: all you need to know!
 
Configuration Manager 2012 – Compliance Settings 101 - Tim de Keukelaere
Configuration Manager 2012 – Compliance Settings 101 - Tim de KeukelaereConfiguration Manager 2012 – Compliance Settings 101 - Tim de Keukelaere
Configuration Manager 2012 – Compliance Settings 101 - Tim de Keukelaere
 
Windows 8.1 a closer look
Windows 8.1 a closer lookWindows 8.1 a closer look
Windows 8.1 a closer look
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Deploying and managing ConfigMgr Clients
Deploying and managing ConfigMgr ClientsDeploying and managing ConfigMgr Clients
Deploying and managing ConfigMgr Clients
 
Self Service BI anno 2013 – Where Do We Come From and Where Are We Going?
Self Service BI anno 2013 – Where Do We Come From and Where Are We Going?Self Service BI anno 2013 – Where Do We Come From and Where Are We Going?
Self Service BI anno 2013 – Where Do We Come From and Where Are We Going?
 
Hands on with Hyper-V Clustering Maintenance Mode & Cluster Aware Updating
Hands on with Hyper-V Clustering Maintenance Mode & Cluster Aware UpdatingHands on with Hyper-V Clustering Maintenance Mode & Cluster Aware Updating
Hands on with Hyper-V Clustering Maintenance Mode & Cluster Aware Updating
 
SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012SCEP 2012 inside SCCM 2012
SCEP 2012 inside SCCM 2012
 
Jump start your application monitoring with APM
Jump start your application monitoring with APMJump start your application monitoring with APM
Jump start your application monitoring with APM
 
What’s new in Lync Server 2013: Persistent Chat
What’s new in Lync Server 2013: Persistent ChatWhat’s new in Lync Server 2013: Persistent Chat
What’s new in Lync Server 2013: Persistent Chat
 
What's new for Lync 2013 Clients & Devices
What's new for Lync 2013 Clients & DevicesWhat's new for Lync 2013 Clients & Devices
What's new for Lync 2013 Clients & Devices
 
Office 365 ProPlus: Click-to-run deployment and management
Office 365 ProPlus: Click-to-run deployment and managementOffice 365 ProPlus: Click-to-run deployment and management
Office 365 ProPlus: Click-to-run deployment and management
 
Office 365 Identity Management options
Office 365 Identity Management options Office 365 Identity Management options
Office 365 Identity Management options
 
SharePoint Installation and Upgrade: Untangling Your Options
SharePoint Installation and Upgrade: Untangling Your Options SharePoint Installation and Upgrade: Untangling Your Options
SharePoint Installation and Upgrade: Untangling Your Options
 
The application model in real life
The application model in real lifeThe application model in real life
The application model in real life
 
Microsoft private cloud with Cisco and Netapp - Flexpod solution
Microsoft private cloud with Cisco and Netapp - Flexpod solutionMicrosoft private cloud with Cisco and Netapp - Flexpod solution
Microsoft private cloud with Cisco and Netapp - Flexpod solution
 
Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise
 
Moving from Device Centric to a User Centric Management
Moving from Device Centric to a User Centric Management Moving from Device Centric to a User Centric Management
Moving from Device Centric to a User Centric Management
 
Network Management in System Center 2012 SP1 - VMM
Network Management in System Center 2012 SP1 - VMM Network Management in System Center 2012 SP1 - VMM
Network Management in System Center 2012 SP1 - VMM
 

Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features

  • 1. Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features Marcus Murray & Hasain Alshakarti Truesec Security Team, MVP-Enterprise Security x2
  • 2. Marcus Murray Hasain Alshakarti
  • 3. So.. What are the new security features in Windows 8 & Server 2012?
  • 4. Secure boot/Measured boot/Early Malware detection Client User Web rv
  • 5. Bitlocker enhancement This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware. • Enhancements: Client – Bitlocker Network unlock – New protectors User •For NKP, the win8 client should be using UEFI 2.3.1 BitLocker Network Unlock has the following software and hardware requirements that must be met before you can use it: Client computer requirements •A DHCP driver that is implemented in the UEFI firmware •Trusted Platform Module (TPM) 1.2 or TPM 2.0 •BitLocker enabled on the operating system volume Windows Deployment Services server requirements •BitLocker Network Unlock feature installed (only available in windows server 2012) •2,048-bit RSA public/private key pair X.509 certificate present in FVENKP certificate store Domain controller requirements •Copy of the BitLocker Network Unlock Certificate from the Windows Deployment Services server on the domain controller to set Group Policy settings for Network Unlock. (2012 server
  • 6. Virtual smartcard Client User Web Srv
  • 7. Claims Client User Client User Web Srv
  • 9. Data classification Secret stuff.doc Project X.doc Public statement.doc Required Clearance: Required Clearance: Required Clearance: Restricted Internal Use Public Confidentiality: Confidentiality: Confidentiality: High Moderate Low http://www.microsoft.com/en- us/download/details.aspx?id=27123
  • 10. Dnssec Client User Client User Web Srv
  • 11. Unified Remote access Client User Client User Web Srv
  • 12. Powershell remoting Client User Client User Web Srv
  • 14. Improved Security Audit • Advanced Security Audit Client Policy Step-by-Step Guide User <http://technet.microsoft.com/en- Client us/library/dd408940(v=ws.10).aspx> User Web Srv
  • 15.
  • 16. Marcus Murray Hasain Alshakarti
  • 17. Thank you for listening! 