Objectives
Download
1 / 17

Objectives - PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on

Objectives. Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline Security Analyzer. Security Configuration Wizard. Security Configuration Wizard (SCW)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Objectives' - emmly


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Objectives
Objectives

  • Windows Firewalls with Advanced Security

  • Bit-Lock

  • Update and maintain your clients using Windows Server Update Service

  • Microsoft Baseline Security Analyzer


Security configuration wizard
Security Configuration Wizard

Security Configuration Wizard (SCW)

Provides a step-by-step wizard for hardening your network servers

Available in Administrative Tools

Security policies can be created for:

Role-based service configuration

Network security

Registry settings

Audit policy

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

2


Windows firewall
Windows Firewall

Allows users to turn the firewall off or on

By default, Windows Firewall is turned on and allows exceptions for programs and ports

Allows you to create exceptions for inbound traffic

Exception

Instruction to open a port briefly, allow a program or service to pass information, and then close the port

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

3


MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

4


MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

5


Windows firewall with advanced security
Windows Firewall with Advanced Security Network Infrastructure Configuration

Used to manage Windows Firewall based on port, services, applications, and protocols

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

6


Windows firewall with advanced security1
Windows Firewall with Advanced Security Network Infrastructure Configuration

Available Nodes:

Inbound rules

Outbound rules

Connection security rules

Monitoring

Available network profiles

Public

Private

Domain

Deploying Windows Firewall Settings via Group Policy

WFAS allows you to import or export firewall policies

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

7


Bitlocker
BitLocker Network Infrastructure Configuration

Provides hard drive–based encryption of servers and Windows Vista computers

Encrypts entire Windows system volume of a computer running Windows Server 2008

Designed to enhance protection against data theft or exposure on computers that are lost or stolen

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

8


Bitlocker continued
BitLocker (continued) Network Infrastructure Configuration

Four authentication modes used by BitLocker

BitLocker with a TPM

BitLocker with Universal Serial Bus (USB) flash drive in place of TPM

BitLocker with a TPM and a personal identification number (PIN)

BitLocker with a TPM and a USB flash drive

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

9


Bitlocker continued1
BitLocker (continued) Network Infrastructure Configuration

Installing BitLocker

Hard drive that supports BitLocker needs to be configured before installing BitLocker

BitLocker requires at least 1.5 GB of unallocated or available drive space

System volume is responsible for maintaining the unencrypted boot information

Boot volume will contain the OS files and be encrypted by BitLocker

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration

10


Updating windows server 2008
Updating Windows Server 2008 Network Infrastructure Configuration

  • Windows Update (in Control Panel)

    • Suite of tools and services for applying updates to systems

    • Responsible for download and install updates from Microsoft

    • Requires access to the Internet


Windows server update services
Windows Server Update Services Network Infrastructure Configuration

  • Benefits:

    • Centralizes the updating tasks for client and server

    • Minimizes effects on the WAN connection

    • Improves network security and reliability

    • Improves installation of relevant updates

    • Targets updates to specific computers and groups

  • Basic requirements before installing WSUS 3.0 SP1

    • Microsoft Internet Information Services (IIS) 7.0

    • Microsoft Report Viewer Redistributable 2005

    • Minimum of 6 GB of free space for storing downloaded updates

    • WSUS requires a database to keep records of updates

      • Internal DB or SQL Sever 2005 SP1 or later

      • Windows authentication (SQL authentication is not supported)


Working with wsus
Working with WSUS Network Infrastructure Configuration

  • WSUS Administrative console allows you to:

    • Generate reports Daily/Weekly reports via email & email when updates are synchronized.

    • Manage updates

    • Monitor the computer through the console

  • WSUSutil.exe: a command-line tool managing WSUS


Windows server update services1
Windows Server Update Services Network Infrastructure Configuration

  • Configuring clients

    • To use the WSUS server for updates

    • Clients must be Windows 2000 SP3 or later

    • By default, client checks for update every 17 – 22 hrs.

  • Approving and deploying updates

    • Using the Update Services console, you can control

      • Which updates are applied

      • Which computers receive the updates

      • When the updates are distributed


Microsoft baseline security analyzer 2 1
Microsoft Baseline Security Analyzer 2.1 Network Infrastructure Configuration

  • A tool to analyze your current security posture

  • MBSA scans for missing security updates for the following products

    • Windows 2000 SP4 and later

    • Microsoft Office XP and later

    • Microsoft Exchange Server 2000 and later

    • Microsoft SQL Server 2000 SP4 and later

  • MBSA

    • Free download from Microsoft

    • Can be used on a local computer or to connect to one or more remote computers on your network

  • Options for running MBSA on remote computers

    • Domain name and IP address range


Microsoft baseline security analyzer continue
Microsoft Baseline Security Analyzer (Continue) Network Infrastructure Configuration

When MBSA scans a computer, it creates a report that is organized into the following areas

Security Assessment

Security Update Scan Results

Windows Scan Results

Internet Information Services (IIS) Scan Results

SQL Server Scan Results

Desktop Application Scan Results

Scanning a computer with MBSA

You can perform MBSA scans using:

The GUI-based tool

The mbsacli.exe command- line tool

Requires Internet connectivity

Can scan computer, remote computer, or groups of remote computers.

17


ad