Microsoft windows vista sirt roundtable discussion january 12 2007
Download
1 / 16

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007 - PowerPoint PPT Presentation


  • 375 Views
  • Updated On :

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007. Harvard Townsend Interim University IT Security Officer harv@k-state.edu 532-2985 College Court 114. Agenda. Vista versions – their features and availability Security features Trend Micro and Vista

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007' - Patman


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Microsoft windows vista sirt roundtable discussion january 12 2007 l.jpg

Microsoft Windows VistaSIRT Roundtable DiscussionJanuary 12, 2007

Harvard Townsend

Interim University IT Security Officer

harv@k-state.edu

532-2985

College Court 114


Agenda l.jpg
Agenda

  • Vista versions – their features and availability

  • Security features

  • Trend Micro and Vista

  • SIRT recommendations for deployment

  • Microsoft seminar Feb. 6 in Union 212

  • Other issues

  • Q&A

Windows Vista


Versions l.jpg
Versions

http://www.microsoft.com/windowsvista/getready/editions/default.mspx

  • Starter – not available in US

  • Home Basic – limited functionality

  • Home Premium – minimum for K-State home use

  • Business – minimum for K-State computers

  • Ultimate – $$$ (business+multimedia tools)

  • Enterprise – not available retail; volume license customers with Software Assurance only)

Windows Vista


Availability l.jpg
Availability

  • Developers – available now; could order Business version from SHI since November

  • Retail consumers (i.e., ship with new Dell, etc. computers) – January 30

  • Can pre-order from SHI now (and amazon.com)

  • Dell, Gateway, HP offer Vista “Express Upgrade” with new computer purchase (usually only a shipping fee added) until March 15

  • Union Computer Store doesn’t know pricing yet or when it will be available

Windows Vista


Vista security l.jpg
Vista Security

  • “SD3” – security by design, default, and deployment

  • Is more secure, but…

    • Vulnerabilities already identified (selling for $50K)

    • Still susceptible to social engineering, “stupid user” attacks (click-happy users)

  • Extent of damage can be limited with “User Account Control” (UAC)

    • Users don’t have admin control by default

    • Can perform common tasks w/o admin rights

    • Administrator Approval Mode prompts user before performing admin task like installing software

    • Many control settings (is good, but more complicated)

    • Some applications may break with UAC

Windows Vista


Other vista security features l.jpg
Other Vista Security Features

  • Windows Defender built in

    • Real-time spyware protection

    • Updates managed by WSUS or Windows Update

    • Prompts user if a program tries to modify a protected area of the Vista kernel (“PatchGuard” locks kernel)

    • SIRT will re-evaluate Spybot recommendation

  • Windows Firewall

    • Filters both inbound and outbound traffic

    • Different rulesets depending on type of network connection

  • Windows Security Center more user oriented and comprehensive

Windows Vista


Other vista security features7 l.jpg
Other Vista Security Features

  • Malicious Software Removal Tool

    • cleans up malware missed by antivirus software

    • New version monthly via WSUS, Windows Update

    • Similar to Trend OfficeScan Damage Cleanup Services

  • Software Restriction Policies

    • Control environment in which applications can operate

    • Similar to Windows XP Pro

  • Internet Explorer 7 security features

  • Group Policies easier to work with, but voluminous

Windows Vista


Other vista security features8 l.jpg
Other Vista Security Features

  • BitLocker

    • Encrypts entire Windows volume (but leaves system volume unencrypted)

    • Cannot boot Linux and look at Windows files

    • Prompts for PIN or uses USB token at boot-up

    • Can store encryption keys and protect integrity of boot code with TPM chip

    • Don’t lose your PIN or USB key!

    • Affects performance of the computer

    • Only in Ultimate and Enterprise versions

Windows Vista


Other vista security features9 l.jpg
Other Vista Security Features

  • Encrypting File System (EFS)

    • Encrypt individual files and/or folders

    • Can store decryption key on smartcard

    • Can generate recovery key

    • If use with BitLocker, EFS keys protected (hacker can’t get password hash to try brute force cracking)

    • Can encrypt multiple drives and network shares

    • Available in Business, Ultimate, and Enterprise versions

Windows Vista


Other vista security features10 l.jpg
Other Vista Security Features

  • Rights Management Services

    • Protect info in transit (e-mail, docs, web content)

    • Requires a server

    • Application has to be RMS-compatible

  • Device Control

    • Prevent users from installing certain devices, like USB flash drive or other removable storage

    • Can turn off AutoPlay or AutoRun

Windows Vista


Vista security11 l.jpg
Vista Security

  • Windows Vista Security Guide:

    http://www.microsoft.com/technet/windowsvista/security/guide.mspx

  • VERY useful document – get it, study it

  • Chapters on:

    • Implementing the Security Baseline (Group Policy)

    • Protecting Against Malware (UAC, Defender, Firewall, Security Center, Malicious Software Removal Tool)

    • Protecting Sensitive Data (BitLocker, EFS, Rights Mgmt, Device Control)

Windows Vista


Trend micro l.jpg
Trend Micro

  • Still need AV software with Vista

  • No OfficeScan client for Vista yet

  • Current version = 7.3

  • Vista-compatible version = 8.0

  • Expected Q207 (April-June?)

  • Cannot run Windows without antivirus/security software

Windows Vista


Sirt recommendations l.jpg
SIRT Recommendations

  • Hold off on deployment until Trend Micro releases a compatible OfficeScan client

  • Use Business version or better for campus computers

  • Use Home Premium or better for personal computers brought to campus

  • Consider implementation plan carefully

  • Test all applications thoroughly

  • Don’t be in any hurry

Windows Vista


Microsoft visit l.jpg
Microsoft Visit

  • At K-State Feb. 6, Union 212

  • Two sessions:

    • 10-11:30 A.M. – general overview of Vista and IE7, general Q&A

    • 1:30-3:30 P.M. – technical details, licensing, security, in-depth Q&A

  • Will be announced in IT Tuesday and sirt-contacts mailing list

Windows Vista


Other issues l.jpg
Other Issues

  • License downgrade? Are probably some options, but unsure of details at this time

  • Can buy XP Pro for another year

  • License activation under Volume License Agreements

    http://www.microsoft.com/technet/windowsvista/plan/volact.mspx

  • Samba broken with default Vista configuration

  • Other applications reported to have problems – test!

  • New user interface – will be challenging transition for some

Windows Vista


Slide16 l.jpg
Q&A?

Windows Vista