Slide1 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 19

Security Overview for Microsoft Infrastructures PowerPoint PPT Presentation


Security Overview for Microsoft Infrastructures. Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security Solutions, Feb 4 th , 2003. Agenda. Threats – How you are attacked and from where

Related searches for Security Overview for Microsoft Infrastructures

Download Presentation

Security Overview for Microsoft Infrastructures

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

Security Overview for Microsoft Infrastructures

Fred Baumhardt and James Noyce

Infrastructure Solutions and Security Solutions Teams

Microsoft Security Solutions, Feb 4th, 2003


Agenda l.jpg

Agenda

  • Threats – How you are attacked and from where

  • Application Level Attacks – the new Security Battleground

  • Overview of Microsoft Server Security Technologies and Tools

  • Management and Operations as a Defensive Mechanism


The three phases of hacking l.jpg

The Three Phases of Hacking

  • Information Gathering and Intelligence

  • Analysis of Collected Information

  • Probing and Compromise


Management as a security tool l.jpg

Management as a Security Tool

  • Detect unauthorised activity on your infrastructure

  • Prevent misconfiguration of systems

  • Ensure system vulnerabilities are captured and addressed


Security management tools l.jpg

Analysis

Microsoft Baseline Security Analyser (MBSA)

Systems Management Server (SMS)

Software Update Services Feature Pack

Microsoft Software Update Services (MSUS)

Security Configuration and Analysis snap-in

RSoP

Management

Group Policy Management Console (GPMC)

Microsoft Operations Manager (MOM)

Microsoft Audit Collection System (MACS)

Systems Management Server (SMS)

Software Update Services Feature Pack

Microsoft Software Update Services (MSUS)

Security Management Tools


Infrastructure tools l.jpg

Infrastructure Tools

  • Snort – Free to Download – even on Windows – www.snort.org

  • MBSA – Scans most MS Server products and windows clients

  • SUS – Patch management solution

  • MOM-MACS-SMS

  • IPSEC – within Windows

  • IISLockdown – URLScan

  • ISA Server with Feature Pack1


Mbsa version 1 1 l.jpg

MBSA Version 1.1

The following new features are included with MBSA V1.1:

  • Exchange and Windows Media Player security update detection

  • Full HFNetChk integration into MBSACLI.exe

  • Incorporation of the latest HFNetChk engine code

  • Support for Software Update Services (SUS) during security update scanning

  • Detection for multiple SQL Server instances


Software update services l.jpg

Software Update Services

  • Address Patch Management concerns

    • Windows keeps itself up-to-date with the latest critical & security updates

    • IT administrators can automatically deploy Windows Update content

    • IT administrator gains control over what patches are applied to a system

    • Leverage Windows Update web-based infrastructure


System management server software update services feature pack l.jpg

System Management Server Software Update Services Feature Pack

  • Security patch inventory

  • Office patch inventory

  • Patch distribution

  • Web reporting


Recommendations for customers l.jpg

Recommendations for Customers

  • Microsoft’s “A” recommendation for which tool to use:

  • **Small Business that work with a VAP should also consider SUS

  • Official external positioning is available at:

    http://www.microsoft.com/windows2000/windowsupdate/sus/suschoosing.asp


Gpmc overview l.jpg

GPMC Overview

  • What is the GPMC?

    • New admin tool for managing Group Policy:

      • Set of scriptable objects for managing GP

      • MMC Snap-in, built on these objects

    • Standalone web release shortly after Windows .NET Server RTM

  • GPMC Design goals

    • Unify management of Group Policy

    • Address key deployment issues

    • Provide better UI for visualization

    • Enable programmatic access to GP


Microsoft operations manager l.jpg

Microsoft Operations Manager

  • Operations Management – event and performance management

    • Built on Microsoft management services

  • Microsoft solution manages Windows 2000, Exchange, SQL Server, and other Microsoft apps

    • Base Management Pack

    • Application Management Pack

  • Heterogeneous and value-add solutions from third parties extend this offering


Security management pack a set of security xmp s for mom l.jpg

Security Management Pack:A set of Security XMP’s for MOM

  • Centralizes Windows security management in MOM

  • Out-of-the-box security rules, knowledge, response actions, reports

  • Includes:

    • XMP for Anti-Virus Applications

    • XMP for Microsoft Windows Security

    • XMP for NetIQ Security Analyzer


Microsoft audit collection services l.jpg

Microsoft Audit Collection Services

  • Client-Server application to collect security events in real time and store them in a SQL database

  • MACS is NOT a security management application (No user interface)


Macs mom l.jpg

MACS & MOM

  • MACS is a security event collection tool- no management capability

  • MOM complements MACS- MOM adds management, alerting, support for other logs

  • MACS v2 will likely be integrated with MOM v2

  • MACS v1 will ship with MOM management pack


Services l.jpg

Services

  • Security is not just about technology

  • Crucial to bring in expertise and knowledge transfer into your organisation

  • SMB can use service templates and learn from them – such as MSA -


Service offerings l.jpg

Service Offerings

  • Microsoft Solution for Management

    • Allows customers to prioritize, test and deploy Patches to their environment.

    • Delivers proven best practices and infrastructure for managing high volumes of patch deployments into a Microsoft tools and technology environment.

    • Enables customers to improve their quality of service while reducing total cost of ownership


Next steps l.jpg

Next Steps

  • Review your systems

  • Web resources

    http://www.microsoft.com/technet/security/prodtech/windows/secwin2k/default.asp

    http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=F937A913-F26E-49B5-A21E-20BA5930238D

    http://www.microsoft.com/technet/itsolutions/msm/default.asp

    http://www.microsoft.com/technet/security/issues/w2kccscg/default.asp

    http://www.microsoft.com/windows2000/technologies/security/default.asp


  • Login