Windows Server 2008 Managing the user experience, Keeping it all safe and secure

Windows Server 2008 includes an impressive array of new security applications and features that further enhance enterprise deployments, particularly within hostile environments or under potentially threatening scenarios. Today’s Internet is a brightly illuminated world that casts shadows, and from those shadows arise criminal aspirations that seek to infiltrate, pilfer, and undermine Internet-accessible businesses. Microsoft has stepped up its Windows Server 2008 defenses to better serve the computing public that can’t always defend against unforeseen, persistent, or stealthy attack.

The following paragraphs briefly summarize some of the new and newly enhanced security features of the Windows Server 2008 family:

• BitLocker Drive Encryption is a security feature of both Windows Vistaand Windows Server 2008 (again sharing a common base) to providestrong cryptographic protection over stored sensitive data within theoperating system volume. BitLocker encrypts all data stored in theWindows volume and any relevant configured data volumes, whichincludes hibernation and paging files, applications, and application data.Furthermore, BitLocker works in conjunction with Trusted PlatformModule (TPM) frameworks to ensure the integrity of protected volumesfrom tampering, even — and especially — while the operating systemisn’t operational (like when the system is turned off).
• Windows Service Hardening turns Internet-facing servers into bastions resistant to many forms of network-driven attack. This restricts critical Windows services from performing abnormal system activities within the file system, registry, network, or other resources that may be leveraged to install malware or launch further attacks on other computers.
• Microsoft Forefront Security Technologies is a comprehensive solution that provides protection for the client operating system, application servers, and the network edge. In the Forefront Client Security role, you may provide unified malware protection for business notebooks, workstations, and server platforms with easier management and control. Server security can fortify Microsoft Exchange messaging environments or protect Office SharePoint Server 2007 services against viruses,worms, and spam.
• Internet Security and Acceleration (ISA) Server provides enterpriseworthy firewall, virtual private network (VPN), and Web caching solutions to protect IT environments against Internet-based threats. Microsoft’s Intelligent Application Gateway is a remote-access intermediary that provides secure socket layer (SSL) application access and protectionwith endpoint security management.
• User Account Control (UAC) enables cleaner separation of duties to allow non-administrative user accounts to occasionally perform administrative tasks without having to switch users, log off, or use the Run As command. UAC can also require administrators to specifically approve applications that make system-wide changes before allowing those applications to run. Admin Approval Mode (AAM) is a UAC configuration that creates a split user access token for administrators, to further separateadministrative from non-administrative tasks and capabilities.
• Windows Firewall and Advanced Security is an MMC snap-in that handles both firewall and IP Security (IPSec) configurations in Windows Sever 2008. This edition is the first to have the Windows Firewall enabled by default. It can create filters for IPv4 and IPv6 inbound or outbound traffic and protect information entering or exiting the computer through IPSec. This component replaces both the firewall applet and the IPSec and IPSec-related tool sets.
• Network Access Protection (NAP) is a policy enforcement platform built into Windows Server 2008 that maintains a social health order for the network environment by specifically requiring that connecting client computers meet certain criteria. Such requirements include having a current, functional firewall enabled with recent operating system updates already in place. NAP helps create custom health code requirements driven through policy enforcement to validate compliant computersbefore making any connections to the protected network.

Bookmark and Share

Close this Window Bookmark and Share This Page

Save to Browser Favorites

Ask backflip blinklist BlogBookmark Bloglines BlogMarks Blogsvine BuddyMarks BUMPzee! CiteULike co.mments Connotea

del.icio.us Digg diigo DotNetKicks dropjack.com dzone Facebook Fark Faves Feed Me Links Friendsite folkd.com

Furl Google Hugg Jeqq Kaboodle kirtsy linkaGoGo LinksMarker Ma.gnolia Mister Wong Mixx MySpace

MyWeb Netvouz Newsvine PlugIM popcurrent Propeller Reddit Rojo Segnalo Shoutwire Simpy Slashdot

Sphere Sphinn Spurl.net Squidoo StumbleUpon Technorati ThisNext Webride Windows Live Yahoo!

Email This to a Friend

Copy HTML: 

 If you like this then please subscribe to the RSS Feed.

Powered by Bookmarkify™

More »

Powered by Bookmarkify™

This entry was posted on Tuesday, September 23rd, 2008 at 9:26 am and is filed under Computers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.