| I'm guessing you have Windows 7 loaded up by now and have been playing with it for some time. You've overcome the technical hurdle of explaining to your spouse (kids, grandparents, in-laws, etc.) the reason why you and they made the upgrade to Windows 7. Good times. But we all know where the REAL action is…it's in "Big Iron." The server. The infrastructure. That beast that hums with so much pure power it makes you stand back and stare in awe. Why run a laptop with a pitiful 2GB of RAM when you can fire up a massive rack of servers with enough horsepower to run the entire business or government? Your infrastructure guys are in the process of upgrading to Windows Server 2008 R2, and I can't blame them -- it's sweetness in the server room. One of the things I'm particularly fond of in Windows Server 2008 R2 is DirectAccess. Very few things will dramatically change the way you do your security job. This is one of them. Think about the advantages of having all the machines in your domain, connected to the domain, 24/7/365, securely…all without ever having to fire up a VPN client! Users love it because they don't have to open up a separate connection to view an internal site; the help desk loves it because they don't have to troubleshoot a VPN client over the phone with the sales person in Pocatello; and the security guy likes it because he or she is able to push down new A/V signatures and software updates as needed, without having to wait for the sales person to return to the office. Not to mention all IP traffic is routed through proxies, which means outbound traffic rules still work. "But Kai, what about my SSL gateways, my perimeter firewalls, and the fact that I'm running Network Access Protection (NAP)? Heck, I even implemented Server Domain Isolation last year!" My friends, it's okay. You can still continue to use all of these great things; we're just changing the way the traffic comes into your network. Think of DirectAccess as a 5,000 mile/kilometer CAT-5 cable. Plug it into the corporate network. If your users are connected to the Internet, they are connected to you, regardless of physical location. The DirectAccess Design and Deployment Guides can provide more details as to how to implement this in your environment. One last thing. As some of you may know, I'm passionate about protecting children online. At the end of the day, as we leave the office and head home, we are parents, we are uncles, we are aunts, we are grandparents. Everyone knows a child who would benefit from the knowledge you have about Internet safety. Kids really do think that "nothing bad can happen to them" on the Internet, and you can help educate them. I would encourage each of you to take a moment and head over to the Microsoft Consumer Online Safety Education site and share these videos, tools, and techniques with a child today. Have a great November! Kai Axford, MBA, CISSP, MCSEhttp://blogs.technet.com/kaiaxford
Top Stories | | On November 2, Microsoft released the seventh volume of the Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months. Gain a quick summary of the report's findings, and then read the full report for more detailed information. | | | Allow employees to safely and productively use the Internet for business without worrying about malware and other threats. Forefront Threat Management Gateway provides multiple layers of continuously updated protections -- including URL filtering, antimalware inspection, intrusion prevention, application- and network-layer firewall, and HTTP/HTTPS inspection. All of these protections are integrated into a unified, easy-to-manage gateway, reducing the cost and complexity of Web security | | | As announced in July, Microsoft is revising its engine mix on December 1 for Forefront and Antigen products that customers can use to help optimize detection, but that also allow Microsoft to invest in new areas for increasing overall protection for customers. Learn more about the changes, including product-specific instructions, on the Antimalware Engine Notifications and Developments site. | | | Now you can experience even greater antispam support with the Cloudmark Antispam Engine, just released from beta after having undergone extensive internal testing and customer trials. The Cloudmark antispam engine provides a better than 99 percent detection rate and less than 1 in 250,000 false positives (West Coast Labs). It replaces the Mail-Filters SpamCure antispam engine, set to retire on December 1. Be sure to upgrade to the latest service pack releases before December 1 to continue your antispam defenses and have access to the new Cloudmark engine. | | | Make sure you're up to date on Antigen 8.0 end-of-life plans and associated engine revisions, including information on upcoming engine changes occurring later this year and what you need to know in order to maintain continued security protection. |
Security Guidance | | In this article, Microsoft Group Policy MVP Jeremy Moskowitz takes a look at five policy setting areas and shows you how they can deliver settings you might use to help make your world more secure. | | | Learn about the enhancements in Windows Server 2008 R2 and Windows 7 that increase the level of detail in security-auditing logs and simplify the deployment and management of auditing policies. | | | Learn about the changes available in Windows Server 2008 R2 with Remote Server Administration Tools (RSAT), from the ability to manage Group Policy from the Windows PowerShell command line to additional types of Group Policy preferences and improvements to starter Group Policy Objects (GPOs). | | | This white paper provides information about the communication that flows between features in Windows Server 2008 and sites on the Internet, and it describes steps to take to limit, control, or prevent that communication in an organization with many users. | | | Get the guidance and tools you need to help you efficiently create, deploy, and maintain a secure environment for a variety of servers running Windows Server 2008. | | | This guide provides actionable guidance for designing a DirectAccess infrastructure. The guide's easy-to-follow, four-step process gives a straightforward explanation of the infrastructure required for clients to be connected from the Internet to resources on the corporate network, whether or not the organization has begun deploying IPv6. | | | There are many tools in Windows Server 2008 that you can use to help keep your computers secure. This discussion focuses on three tools that you can use alone or together to manage the security policies on your servers: the Security Configuration Wizard (SCW) and the Scwcmd command-line tool, the Security Templates snap-in, and the Security Configuration and Analysis snap-in. | | | You can use Windows security and system logs to record and store collected security events so that you can track key system and network activities to monitor potentially harmful behaviors and to mitigate those risks. The information in this download can help you analyze the data included in event-log data. | | | Download the latest SDL process guidance, which includes SDL for agile development, a streamlined approach that melds agile methods and security. | | | Microsoft has released the Forefront Security for Office Communications Server Best Practices Analyzer (BPA) to help you maximize your configuration settings. The BPA compares your existing Forefront Security for Office Communications Server deployment with recommended best practices to identify configuration setting changes that could help you improve FSOCS performance and malware detection rates. | | | Gain an understanding of IT infrastructure security compliance and the benefits that an IT infrastructure compliance maturity model can provide to management and compliance and IT stakeholders as well as to the business at large. |
This Month's Security Bulletins Critical: Important: Security Bulletin Overview for November 2009
Microsoft Product Lifecycle Information
Security Events and Training | | Dive deep into Unified Access Gateway (UAG) with Direct Access with Microsoft Program Managers Ben Bernstein and Stephen Bowie. Learn how UAG supports legacy IPv4 clients and how the client knows to connect to the proper DNS server -- and much more. | | | This one and one-half hour lab provides hands-on experience with the following security and policy enforcement functionality in Windows Server 2008: Security Enhancements in Windows Server 2008 and Network Access Protection in Windows Server 2008. | | | In this course, you will learn to control and manage computer systems and domain users running Windows Server 2003, Windows Server 2008, Windows XP, and Windows Vista. You will learn to create Group Policies, implement administrative and security templates, and determine best practices when deploying software packages. Walk away with the experience and tools you need to optimize your enterprise systems and networks. |
Upcoming Security Webcasts | | Upcoming security webcasts in a dynamic, interactive format. | For IT Professionals For Developers Now On Demand
|
