scap adoption at microsoft n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SCAP Adoption at Microsoft PowerPoint Presentation
Download Presentation
SCAP Adoption at Microsoft

Loading in 2 Seconds...

play fullscreen
1 / 25

SCAP Adoption at Microsoft - PowerPoint PPT Presentation


  • 641 Views
  • Uploaded on

Accelerating the adoption of Microsoft technologies. SCAP Adoption at Microsoft. Kelly Hengesteg, Principal Group Manager. Agenda. Solution Accelerators Microsoft Security Baselines System Center Configuration Manager Extensions for SCAP Security Compliance Manager Questions.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

SCAP Adoption at Microsoft


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. Accelerating the adoption of Microsoft technologies SCAP Adoption at Microsoft Kelly Hengesteg, Principal Group Manager

    2. Agenda • Solution Accelerators • Microsoft Security Baselines • System Center Configuration Manager Extensions for SCAP • Security Compliance Manager • Questions Microsoft.com/SolutionAccelerators

    3. Solution Accelerator Team • Accelerate the adoption of Microsoft technology in every organization Over 2.55 million downloads a year + 24M SysInternals downloads 4.39M Download page views 58% conversion rate Customer satisfaction 158 NSAT currently NSAT uplift 24 w/use of SA 87% accelerated adoption Partner satisfaction 128 NSAT currently 91% accelerated adoption 60.9% used by Partners Product impact Models Guidance Scripts and Code Scripts Guidance Tools Models Microsoft.com/SolutionAccelerators

    4. How Do We Build Accelerators? Products & Technologies Input Output Best Practices Frameworks • Customers • Partners • Product Groups • Microsoft • Research • Industry Engineering • Solution Accelerators • Partner andMicrosoft Service offerings • Productimprovements • TechNet • Microsoft Learning • Microsoft Press Microsoft.com/SolutionAccelerators

    5. Most Popular Solution Accelerators • Microsoft Deployment Toolkit 2010 • Microsoft Assessment and Planning Toolkit • Security Compliance Management Toolkit • Malware Removal Starter Kit • Infrastructure Planning and Design Guide Series • Microsoft Operations Framework Microsoft.com/SolutionAccelerators

    6. Leverage existing SCCM Infrastructure to meet FDCC mandate System Center Configuration Manager Extensions for SCAP

    7. System Center Configuration Manager Extensions for SCAP Attained NIST recognition for SCCM 2007 as a SCAP-validated tool with FDCC scanning capability June ‘09 • Consume SCAP data streams • Assess a system for compliance • Report results in SCAP format System Center Configuration Manager Extensions for SCAP Enables agencies to take advantage of their existing SCCM infrastructures to meet the reporting requirements of the FDCC mandate Microsoft.com/SolutionAccelerators

    8. Solution Architecture Command line tool that converts SCAP content for FDCC into DCM configuration packs Leverages SCCM 2007 feature of desired configuration management to conduct assessment Deploy SCMDCM script to clients to assess a subset of settings in the FDCC FDCC SCAP content SCCM DCM configuration pack SCCM 2007 SCAP2DCM DCM2SCAP Assesses client compliance Conversion tool Conversion tool SCMDCMscript Command line tool that converts SCCM DCM assessments to SCAP format SCAP reports SCCM DCM report Output logs Admin input Microsoft.com/SolutionAccelerators

    9. Requirements SCAP2DCM & DCM2SCAP conversion tools Current versions of both x86 and x64 Windows Requires Microsoft .NET 2.0 or later SCMDCM script Current versions of 32-bit Windows Packaging • MSI • SCAP2DCM.exe • DCM2SCAP.exe • ScmDcm.exe (packaged in ScmDcm.msi) • Configuration files • Release notes, user guide, FAQ, data mapping documentation Microsoft.com/SolutionAccelerators

    10. Implementation Prerequisites Microsoft.com/SolutionAccelerators

    11. Deploy Microsoft.com/SolutionAccelerators

    12. Scan Microsoft.com/SolutionAccelerators

    13. Security baselines

    14. Background • Started developing security guides in 2002 (Windows 2000 Security Guide) • The goal was to: • Help reduce support costs due to …unsupportable configurations • Reduce the conflicting security guidance available to our customers, drove the creation of the SCRB (Security Content Review Board) today resides in the TwC team • Bring together multiple government agencies to collaborate and produce a unified guide Microsoft.com/SolutionAccelerators

    15. Evolution of the Security Guide Security Guide Threats & Countermeasures Appendix XLSM XML Guidance InternalRepository SCCM DCM Group PolicyObjects Excel listingof settings Security Templates (GPO’s) SCAP Microsoft.com/SolutionAccelerators

    16. Security Compliance Management Toolkit Series An end-to-end solution to help you plan, deploy, and monitor your security baselines. Based on tested guidance by Microsoft security experts Available as a freedownload from Microsoft Microsoft.com/SolutionAccelerators

    17. Security Baseline Portfolio • http://www.microsoft.com/securitycompliance • Available Today Security Compliance Management ToolkitIncludes GPO Accelerator, SCCM DCM configuration packs, and security guidance) • Windows XP Security Baseline • Windows Vista Security Baseline • Windows Server 2003 Security Baseline • Windows Server 2008 Security Baseline • 2007 Office Security Baseline • Windows 7 Security Baseline (just released) • Bit Locker Security Baselines (just released) • Internet Explorer 8.0 Security Baseline (just released) • Hyper-V Security Guide Microsoft.com/SolutionAccelerators

    18. Roadmap FY10 • Exchange Server 2007 Security Baseline • Windows Server 2008 R2 Security Baseline • Hyper-V (R2 refresh) Security Guide • SQL Server 2008 – RBDMS only Baseline Future • Exchange Server 2010 Security Baseline • Office 2010 Security Baseline • Office SharePoint Server 2007 / 2010 Security Baseline

    19. Enabling Baseline Management Security Compliance Manager

    20. Managing Security Baselines • Tool provides: • Exportation of baseline in multiple formats/standards • Classified data (structuralized) • Improved data presentation • Unified experience from security baseline deployment to compliance check • Ability to customize baseline • Compare and merging of baselines Microsoft.com/SolutionAccelerators

    21. Current Requirements Want to see our work in progress? Check out our connect site here, https://connect.microsoft.com/site/sitehome.aspx?SiteID=715 Security Compliance Manager: Enough free disk space/memory Admin must be logged on Windows Installer 2.0 or greater Current versions of both x86 and x64 Windows XP or later Requires Microsoft .NET 2.0 or later Requires SQL Express 2008 or later Microsoft Office 2007 SP2 or later (Word & Excel) Single instance/user mode only Availability: Beta Release early Feb ’10 RTM early April ‘10 Microsoft.com/SolutionAccelerators

    22. demo Security Compliance Manager v.1.0

    23. Future Ideas • Capabilities: • Increase export formats to include System Center Operations Manager (events) • Provide import formats beyond SCM v.1.0 format • System Center Operations Manager packs • System Center Configuration Management DCM packs • SCAP • Provide full authoring mode for new settings and/or events Microsoft.com/SolutionAccelerators

    24. Questions? Follow-up questions contact us at SecWish@microsoft.com or Khengest@microsoft.com Microsoft.com/SolutionAccelerators

    25. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.