Slide 1

PKI Enhancement in Windows Vista and Windows Server 2008

Slide 2

Client-side PKI enhancements Server-side PKI enhancements What Will We Cover?

Slide 3

Level 200 Experience managing a Windows Server PKI environment Experience managing an enterprise-level Windows Server environment Helpful Experience

Slide 4

Reviewing Enhancements Introducing Credential Management Services Introducing Revocation Agenda

Slide 5

Microsoft and PKI Enhanced credential life cycle management

Slide 6

Microsoft and PKI Enhanced credential life cycle management New certificate enrollment API and UI

Slide 7

Microsoft and PKI Enhanced credential life cycle management Enhanced manageability and deployment of Certificate Services New certificate enrollment API and UI

Slide 8

Microsoft and PKI Enhanced credential life cycle management Enabling revocation across all applications Enhanced manageability and deployment of Certificate Services New certificate enrollment API and UI

Slide 9

Demonstration Environment

Slide 10

Demo Introducing Public Key Infrastructure in Windows Server 2008 Add Certificate Server Role demonstration

Slide 11

Reviewing Enhancements Introducing Credential Management Services Introducing Revocation Agenda

Slide 12

Credential Management

Slide 13

Certificate Services Client (CSC) Auto Enrollment

Slide 14

Credential Management Certificate Services Client (CSC) Auto EnrollmentCredential Roaming

Slide 15

Credential Management Certificate Services Client (CSC) Active Directory Certificate Server Role Auto EnrollmentCredential Roaming Delegated Enrollment Agent

Slide 16

Credential Management Certificate Services Client (CSC) Active Directory Certificate Server Role Auto EnrollmentCredential Roaming Delegated Enrollment Agent Integrated Network Device Enrollment

Slide 17

Auto Enrollment Attack surface reduction WMI jobs-based design

Slide 18

Auto Enrollment Attack surface reduction WMI jobs-based design Improved usability for offline scenarios Expiration notifications

Slide 19

Workstation Active Directory Server Credential Roaming

Slide 20

Workstation Active Directory Server Credential Roaming

Slide 21

Workstation Active Directory Server Credential Roaming

Slide 22

Demo Exploring Enrollment and Credential Roaming Explore new enrollment UI demonstration

Slide 23

Manageability: Improved administrative user experience Network Device Enrollment Service Enabling delegated enrollment agent functionality Certificate Services

Slide 24

Manageability: Improved administrative user experience Certificate Services Network Device Enrollment Service Enabling delegated enrollment agent functionality

Slide 25

Certificate Services Manageability: Improved administrative user experience Network Device Enrollment Service Enabling delegated enrollment agent functionality

Slide 26

Demo Introducing Certificate Services Manageability Introduce CA performance monitors Explore delegated enrollment demonstration

Slide 27

Reviewing Enhancements Introducing Credential Management Services Introducing Revocation Agenda

Slide 28

Revocation New Revocation Services: New OCSP client in Windows Vista New OCSP Responder in Windows Server 2008 Integrate OCSP stapling into Kerberos and SSL protocols

Slide 29

Revocation Responder Features: Support for multiple CAs Supports caching Supports NONCE and No-NONCE requests New Revocation Services: New OCSP client in Windows Vista New OCSP Responder in Windows Server 2008 Integrate OCSP stapling into Kerberos and SSL protocols

Slide 30

Demo Configuring OCSP and Using Revocation Deploy the online responder Configure the online responder Show revocation example demonstration

Slide 31

The Core IO Model CROSS-MODEL ENABLERS IdentityIdentity Presence Presence Rights ManagementRights Management Network AccessNetwork Access Desktop, Device, and Server Management Security and Networking Identity and Access Management Data Protection and Recovery IT Management and Security Process

Slide 32

Windows Server 2008 + Windows Vista More Efficient Management Single worldwide servicing model Event forwarding between client and server Faster and more reliable remote operating system deployments Network Access Protection ensures health of connecting systems

Slide 33

Windows Server 2008 + Windows Vista Greater Availability Scalable print servers with client-side rendering Smooth offline experience with client-side caching Transactional File System for file and registry operations Policy-based Quality of Service to prioritize application bandwidth More Efficient Management Single worldwide servicing model Event forwarding between client and server Faster and more reliable remote operating system deployments Network Access Protection ensures health of connecting systems

Slide 34

Faster Communications Fast enterprise class search on clients and servers Faster networking with new TCP/IP stack and native IPv6 Improved file-sharing performance over high-latency links Integrated remote access to internal applications and resources Windows Server 2008 + Windows Vista Greater Availability Scalable print servers with client-side rendering Smooth offline experience with client-side caching Transactional File System for file and registry operations Policy-based Quality of Service to prioritize application bandwidth More Efficient Management Single worldwide servicing model Event forwarding between client and server Faster and more reliable remote operating system deployments Network Access Protection ensures health of connecting systems

Slide 35

Increases in manageability throughout all aspects of Windows PKI Decreased attack surface for enrollment and Windows security throughout Redesigned revocation services Session Summary

Slide 36

www.microsoft.com/technet/add-204 Visit TechNet at: www.microsoft.com/technet Visit the following site for additional information: For More Information

Slide 37

Find these resources and more at http://www.microsoft.com/learning/windowsserver2008 Resources for IT Pro learning & professional development http://www.microsoft.com/learning/WindowsServer2008 E-Learning Introducing Windows Server 2008 (Collection 5934) *Free e-learning! Upgrade Windows Server 2003 MCSE Technical Skills to Windows Server 2008 Discounted! Books Introducing Windows Server 2008 by Mitch Tulloch with the Microsoft Windows Server Team *Free eBook offer Microsoft Windows PowerShell Step by Step by Ed Wilson *Free eBook offer Classroom Training & HOLs First-look courses and hands-on labs (HOLs) WS 2008 Certification 90-minute clinics & HOLs on specific WS 2008 scenarios Skills transitioning courses Helping MCSAs and MCSEs transition skills from WS 2003 to WS 2008. Certification Transition your skills to the next generation of Windows Server Transition Paths MCSAs or MCSEs to MCTS or MCITP Recorded Live Meeting Windows Server 2008 Certification Paths Save 40% Windows Server 2008 Upgrade Exams Microsoft Learning - Windows Server 2008 Learning Portal Microsoft Learning ResourcesLearn Whats New, Transition your skills, and build deep product expertise.

Slide 38

Become a Microsoft Certified Professional What are MCP certifications? Validation in performing critical IT functions Why certify? WW recognition of skills gained through experience More effective deployments with reduced costs What certifications are there for IT Pros? MCP, MCSE, MCSA, MCDST, MCST, MCITP www.microsoft.com/learning/mcp

Slide 39

TechNet Plus TechNet Plus is an essential premium web-enabled and live support resource that provides IT Professionals with fast and easy access to Microsoft experts, software and technical information, enhancing IT productivity, control and planning. Evaluate & Learn Plan & Deploy Support & Maintain Use the TechNet Library to plan for deployment using the Knowledge Base, resource kits, and technical training Use exclusive tools like System Center Capacity Planner to accurately plan for and deploy Exchange Server and System Center Operations Manager Use the TechNet Library to plan for deployment using the Knowledge Base, resource kits, and technical training Use exclusive tools like System Center Capacity Planner to accurately plan for and deploy Exchange Server and System Center Operations Manager 2 complimentary Professional Support incidents for use 24/7 (20% discount on additional incidents) Access over 100 managed newsgroups and get next business day response-- guaranteed Use the TechNet Library to maintain your IT environment with security updates, service packs and utilities 2 complimentary Professional Support incidents for use 24/7 (20% discount on additional incidents) Access over 100 managed newsgroups and get next business day response-- guaranteed Use the TechNet Library to maintain your IT environment with security updates, service packs and utilities Get all these resources and more with a TechNet Plus subscription. For more information visit: technet.microsoft.com/subscriptions Evaluate full versions of all Microsoft commercial software for evaluation without time limits. This includes all client, server and Office applications. Try out all the latest betas before public release Keep your skills current with quarterly training resources including select Microsoft E-Learning courses Evaluate full versions of all Microsoft commercial software for evaluation without time limits. This includes all client, server and Office applications. Try out all the latest betas before public release Keep your skills current with quarterly training resources including select Microsoft E-Learning courses

Slide 40

Live Events and Online webcast series Microsoft Professional Blogs Directory Chats, Newsgroups, Forums, and Virtual Labs Local Locator for Professional User Groups Where Else Can I Get Help? www.microsoft.com/technet/community