Transcript of PKI Enhancement in Windows Vista® and Windows Server 2008.
- Slide 1
- PKI Enhancement in Windows Vista and Windows Server 2008
- Slide 2
- Client-side PKI enhancements Server-side PKI enhancements What
Will We Cover?
- Slide 3
- Level 200 Experience managing a Windows Server PKI environment
Experience managing an enterprise-level Windows Server environment
Helpful Experience
- Slide 4
- Reviewing Enhancements Introducing Credential Management
Services Introducing Revocation Agenda
- Slide 5
- Microsoft and PKI Enhanced credential life cycle
management
- Slide 6
- Microsoft and PKI Enhanced credential life cycle management New
certificate enrollment API and UI
- Slide 7
- Microsoft and PKI Enhanced credential life cycle management
Enhanced manageability and deployment of Certificate Services New
certificate enrollment API and UI
- Slide 8
- Microsoft and PKI Enhanced credential life cycle management
Enabling revocation across all applications Enhanced manageability
and deployment of Certificate Services New certificate enrollment
API and UI
- Slide 9
- Demonstration Environment
- Slide 10
- Demo Introducing Public Key Infrastructure in Windows Server
2008 Add Certificate Server Role demonstration
- Slide 11
- Reviewing Enhancements Introducing Credential Management
Services Introducing Revocation Agenda
- Slide 12
- Credential Management
- Slide 13
- Certificate Services Client (CSC) Auto Enrollment
- Slide 14
- Credential Management Certificate Services Client (CSC) Auto
EnrollmentCredential Roaming
- Slide 15
- Credential Management Certificate Services Client (CSC) Active
Directory Certificate Server Role Auto EnrollmentCredential Roaming
Delegated Enrollment Agent
- Slide 16
- Credential Management Certificate Services Client (CSC) Active
Directory Certificate Server Role Auto EnrollmentCredential Roaming
Delegated Enrollment Agent Integrated Network Device
Enrollment
- Slide 17
- Auto Enrollment Attack surface reduction WMI jobs-based
design
- Slide 18
- Auto Enrollment Attack surface reduction WMI jobs-based design
Improved usability for offline scenarios Expiration
notifications
- Slide 19
- Workstation Active Directory Server Credential Roaming
- Slide 20
- Workstation Active Directory Server Credential Roaming
- Slide 21
- Workstation Active Directory Server Credential Roaming
- Slide 22
- Demo Exploring Enrollment and Credential Roaming Explore new
enrollment UI demonstration
- Slide 23
- Manageability: Improved administrative user experience Network
Device Enrollment Service Enabling delegated enrollment agent
functionality Certificate Services
- Slide 24
- Manageability: Improved administrative user experience
Certificate Services Network Device Enrollment Service Enabling
delegated enrollment agent functionality
- Slide 25
- Certificate Services Manageability: Improved administrative
user experience Network Device Enrollment Service Enabling
delegated enrollment agent functionality
- Slide 26
- Demo Introducing Certificate Services Manageability Introduce
CA performance monitors Explore delegated enrollment
demonstration
- Slide 27
- Reviewing Enhancements Introducing Credential Management
Services Introducing Revocation Agenda
- Slide 28
- Revocation New Revocation Services: New OCSP client in Windows
Vista New OCSP Responder in Windows Server 2008 Integrate OCSP
stapling into Kerberos and SSL protocols
- Slide 29
- Revocation Responder Features: Support for multiple CAs
Supports caching Supports NONCE and No-NONCE requests New
Revocation Services: New OCSP client in Windows Vista New OCSP
Responder in Windows Server 2008 Integrate OCSP stapling into
Kerberos and SSL protocols
- Slide 30
- Demo Configuring OCSP and Using Revocation Deploy the online
responder Configure the online responder Show revocation example
demonstration
- Slide 31
- The Core IO Model CROSS-MODEL ENABLERS IdentityIdentity
Presence Presence Rights ManagementRights Management Network
AccessNetwork Access Desktop, Device, and Server Management
Security and Networking Identity and Access Management Data
Protection and Recovery IT Management and Security Process
- Slide 32
- Windows Server 2008 + Windows Vista More Efficient Management
Single worldwide servicing model Event forwarding between client
and server Faster and more reliable remote operating system
deployments Network Access Protection ensures health of connecting
systems
- Slide 33
- Windows Server 2008 + Windows Vista Greater Availability
Scalable print servers with client-side rendering Smooth offline
experience with client-side caching Transactional File System for
file and registry operations Policy-based Quality of Service to
prioritize application bandwidth More Efficient Management Single
worldwide servicing model Event forwarding between client and
server Faster and more reliable remote operating system deployments
Network Access Protection ensures health of connecting systems
- Slide 34
- Faster Communications Fast enterprise class search on clients
and servers Faster networking with new TCP/IP stack and native IPv6
Improved file-sharing performance over high-latency links
Integrated remote access to internal applications and resources
Windows Server 2008 + Windows Vista Greater Availability Scalable
print servers with client-side rendering Smooth offline experience
with client-side caching Transactional File System for file and
registry operations Policy-based Quality of Service to prioritize
application bandwidth More Efficient Management Single worldwide
servicing model Event forwarding between client and server Faster
and more reliable remote operating system deployments Network
Access Protection ensures health of connecting systems
- Slide 35
- Increases in manageability throughout all aspects of Windows
PKI Decreased attack surface for enrollment and Windows security
throughout Redesigned revocation services Session Summary
- Slide 36
- www.microsoft.com/technet/add-204 Visit TechNet at:
www.microsoft.com/technet Visit the following site for additional
information: For More Information
- Slide 37
- Find these resources and more at
http://www.microsoft.com/learning/windowsserver2008 Resources for
IT Pro learning & professional development
http://www.microsoft.com/learning/WindowsServer2008 E-Learning
Introducing Windows Server 2008 (Collection 5934) *Free e-learning!
Upgrade Windows Server 2003 MCSE Technical Skills to Windows Server
2008 Discounted! Books Introducing Windows Server 2008 by Mitch
Tulloch with the Microsoft Windows Server Team *Free eBook offer
Microsoft Windows PowerShell Step by Step by Ed Wilson *Free eBook
offer Classroom Training & HOLs First-look courses and hands-on
labs (HOLs) WS 2008 Certification 90-minute clinics & HOLs on
specific WS 2008 scenarios Skills transitioning courses Helping
MCSAs and MCSEs transition skills from WS 2003 to WS 2008.
Certification Transition your skills to the next generation of
Windows Server Transition Paths MCSAs or MCSEs to MCTS or MCITP
Recorded Live Meeting Windows Server 2008 Certification Paths Save
40% Windows Server 2008 Upgrade Exams Microsoft Learning - Windows
Server 2008 Learning Portal Microsoft Learning ResourcesLearn Whats
New, Transition your skills, and build deep product expertise.
- Slide 38
- Become a Microsoft Certified Professional What are MCP
certifications? Validation in performing critical IT functions Why
certify? WW recognition of skills gained through experience More
effective deployments with reduced costs What certifications are
there for IT Pros? MCP, MCSE, MCSA, MCDST, MCST, MCITP
www.microsoft.com/learning/mcp
- Slide 39
- TechNet Plus TechNet Plus is an essential premium web-enabled
and live support resource that provides IT Professionals with fast
and easy access to Microsoft experts, software and technical
information, enhancing IT productivity, control and planning.
Evaluate & Learn Plan & Deploy Support & Maintain Use
the TechNet Library to plan for deployment using the Knowledge
Base, resource kits, and technical training Use exclusive tools
like System Center Capacity Planner to accurately plan for and
deploy Exchange Server and System Center Operations Manager Use the
TechNet Library to plan for deployment using the Knowledge Base,
resource kits, and technical training Use exclusive tools like
System Center Capacity Planner to accurately plan for and deploy
Exchange Server and System Center Operations Manager 2
complimentary Professional Support incidents for use 24/7 (20%
discount on additional incidents) Access over 100 managed
newsgroups and get next business day response-- guaranteed Use the
TechNet Library to maintain your IT environment with security
updates, service packs and utilities 2 complimentary Professional
Support incidents for use 24/7 (20% discount on additional
incidents) Access over 100 managed newsgroups and get next business
day response-- guaranteed Use the TechNet Library to maintain your
IT environment with security updates, service packs and utilities
Get all these resources and more with a TechNet Plus subscription.
For more information visit: technet.microsoft.com/subscriptions
Evaluate full versions of all Microsoft commercial software for
evaluation without time limits. This includes all client, server
and Office applications. Try out all the latest betas before public
release Keep your skills current with quarterly training resources
including select Microsoft E-Learning courses Evaluate full
versions of all Microsoft commercial software for evaluation
without time limits. This includes all client, server and Office
applications. Try out all the latest betas before public release
Keep your skills current with quarterly training resources
including select Microsoft E-Learning courses
- Slide 40
- Live Events and Online webcast series Microsoft Professional
Blogs Directory Chats, Newsgroups, Forums, and Virtual Labs Local
Locator for Professional User Groups Where Else Can I Get Help?
www.microsoft.com/technet/community