Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features
-
Upload
microsoft-technet-belgium-and-luxembourg -
Category
Documents
-
view
1.711 -
download
3
description
Transcript of Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features
Marcus Murray & Hasain AlshakartiTruesec Security Team, MVP-Enterprise Security x2
Marcus Murray Hasain Alshakarti
So.. What are the new security features in Windows 8 & Server 2012?
Secure boot/Measured boot/Early Malware detection
Client
User
Web rv
Attacker
Bitlocker enhancement
• Enhancements:– Bitlocker Network unlock – New protectors
Client
User
This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware.
• For NKP, the win8 client should be using UEFI 2.3.1BitLocker Network Unlock has the following software and hardware requirements that must be met before you can use it:Client computer requirements
• A DHCP driver that is implemented in the UEFI firmware• Trusted Platform Module (TPM) 1.2 or TPM 2.0• BitLocker enabled on the operating system volume
Windows Deployment Services server requirements• BitLocker Network Unlock feature installed (only available in windows server 2012)• 2,048-bit RSA public/private key pair X.509 certificate present in FVENKP certificate store
Domain controller requirements• Copy of the BitLocker Network Unlock Certificate from the Windows Deployment Services server on the domain
controller to set Group Policy settings for Network Unlock. (2012 server
Virtual smartcard
Client
User
Web Srv
Attacker
Claims
Client
User
Web Srv
AttackerClient
User
Dynamic access control
Data classification
Required Clearance:Restricted Confidentiality:High
Secret stuff.doc Project X.doc Public statement.doc
Required Clearance:Internal Use
Confidentiality:Moderate
Required Clearance:Public Confidentiality:Low
http://www.microsoft.com/en-us/download/details.aspx?id=27123
Dnssec
Client
User
Web Srv
AttackerClient
User
Unified Remote access
Client
User
Web Srv
AttackerClient
User
Powershell remoting
Client
User
Web Srv
AttackerClient
User
FGPP Ui
Improved Security Audit
• Advanced Security Audit Policy Step-by-Step Guide
<http://technet.microsoft.com/en-us/library/dd408940(v=ws.10).aspx>
Client
User
Web Srv
AttackerClient
User
Marcus Murray Hasain Alshakarti
Thank you for listening!