微軟經(jīng)典模板1(區(qū)塊篇)課件

1、第一篇 區(qū)塊篇At RiskThe SoftUnderbellySecurity Issues Today1 Source: Forrester Research2 Source: Information Week, 26 November 20013 Source: Netcraft summary4 Source: CERT, 20035 Source: CSI/FBI Computer Crime and Security Survey6 Source: Computer Security Institute (CSI) Computer Crime and Security Surve

2、y 20027 Source: CERT, 20028 Source: Gartner Group14B devices on the Internet by 2010135M remote users by 2005265% increase in dynamic Web sites3From 2000 to 2002 reported incidents rose from 21, 756 to 82,0944Nearly 80 percent of 445 respondents surveyed said the Internet has become a frequent point

3、 of attack, up from 57 percent just four years ago5 90% detected security breaches685% detected computer viruses695% of all breaches avoidable with an alternative configuration7Approximately 70 percent of all Web attacks occur at the application layer8Application Layer AttacksIdentity TheftWeb Site

4、DefacementUnauthorized AccessModification of Data, Logs and RecordsTheft of Proprietary InformationService DisruptionImplicationsCompliance:Sarbanes OxleyGramm Leach BlilelyUS Patriot ActHIPAAThe Privacy Act (CA)Basel 2 (EU)Data Protection Act (EU)Litigation File Sharing Piracy HR Issues Shareholder

5、 SuitsCustomer ImpactTypes Of SRP RulesPath RuleCompares path of file being run to an allowed path listUse when you have a folder with many files for the same applicationEssential in when SRPs are strictHash RuleCompares the MD5 or SHA1 hash of a file to the one attempted to be runUse when you want

6、to allow/prohibit a certain version of a file from being runCertificate RuleChecks for digital signature on application (i.e. Authenticode)Use when you want to restrict both win32 applications and ActiveX contentInternet Zone RuleControls how Internet Zones can be accessedUse when in high security e

7、nvironments to control access to web applicationsSQL Server 2005 ThemesSupportability & QualityEnterprise EnhancementsUnified & Flexible AdministrationPatch SolutionsPrevention, Readiness, RecoveryEase of usePatch InstallsPatch in integrated stepIntegrated Database Services and Business Intelligence

8、Flexible install managementAdd value to one-step Failover ClusteringExpanded scripting supportLive Communications Client RoadmapLC 1.2 Client PlatformMultiparty IMP2P Voice and VideoMPOP GroupsRoamingSIP supportGPO policy managementLC 1.5 Client PlatformRoll up of QFEsMPOP AdditionsFederation/Archiv

9、ing NotificationHA AdditionsLC 2.0 Client PlatformNext generation of RTC experiencesMore coming!20032H04LonghornIntegrated phone and PDAPrimarily data viewingInteroperability with Outlook and Exchange.NET Compact FrameworkASP.NET mobile controlsMobile Device SolutionsComplex document authoring, edit

10、ing and readingKeyboard centric at the deskKeyboard and mouse input methodsFull .NET framework availableCentrino SolutionsWindows MobileWindows XPComplex document authoring, editing and active readingNote taking and ink annotating Keyboard centric at the desk, pen and keyboard away from the deskKeyb

11、oard, mouse plus pen, ink, and speech input methodsFull .NET framework preinstalledPen, ink, handwriting and speech recognition APIsCentrino SolutionsView and some data entryIntegrated PDA with phoneInteroperability with Office, Exchange and SQL Server.NET Compact FrameworkASP.NET mobile controlsInt

12、el Xscale SolutionsWindows CEOne-way networkInformation consumptionSmart Personal ObjectsSmartphonePocket PC and Pocket PC PhoneNotebook PCTablet PCPerimeter Security EvolutionWide open to advanced attacksApplication-level protectionPerformance versussecurity tradeoffSecurity and performanceLimited

13、capacityfor growthExtensibility and scalabilityHard to manageEasier to useThe advanced application layer firewall, VPN and Web cache solution that enables customers to maximize IT investments by improving network security and performanceAdvanced protectionApplication layer security designed to prote

14、ct Microsoft applicationsFast, secure accessEmpowers you to connect users to relevant information on yournetwork in a cost efficient mannerEase of useEfficiently deploy, manage, and enable new usage scenariosIntroducing: ISA Server 2004Fast, secure accessEmpowers you to connect users to relevant inf

15、o. on your networkISA Server 2004 New FeaturesContinued commitment to integrationEnhancedarchitecture High speed data transport Utilizes latest Windows and PC hardware SSL bridging unloads downstream serversWeb cache Updated policy rules Serve content locally Pre-fetch content during low activity pe

16、riodsInternet accesscontrol User- and group-based Web usage policy Extensible by third partiesComprehensiveauthentication New support for RADIUS and RSA SecurID User- & group-based access policy Third party extensibilityHow To Use Windows UpdateTo configure Automatic Updates:Select Keep my computer

17、up to dateOpen the System application in Control Panel1On the Automatic Updates tab, select theoption you want32Office UpdateBenefitsLimitationSingle location for office patches and updatesEasy to useCan be configured to update consumer orenterprise systemsDoes not support Automatic Updates; updatin

18、g must be initiated manuallyOffice Update Web site:/officeupdateHow To Use Office UpdateGo to /officeupdate1Click Check for Updates2Install the Office Update Installation Engine (if not already installed)3Select the updates you want to install4Click Start Installation5How To Use SUSOn the SUS server

19、Configure the SUS server at http:/SUSAdminOn each SUS clientConfigure Automatic Updates on the client to use the SUS server Use Group Policy, manually configure each client, oruse scriptsSet the SUS server synchronization scheduleReview, test, and approve updates123Software Update Service Deployment

20、 Best Practices (1)Review each security patch Download and install the patchTest each security patch before deploymentConfigure a test labUse a test SUS serverConsider using Virtual PCs in the test labUse a standard acceptance testing procedureSoftware Update Service Deployment Best Practices (2)Com

21、plete the deploymentPilot the deploymentConfigure a child SUS server to approve updatesConfigure a GPO so that the patch is downloaded from the pilot SUS server only by specified workstationsIf the pilot fails, remove approval from the SUS server and manually uninstall the patchHow To Use SMS To Dep

22、loy PatchesOpen the SMS Administrator Console1Right-click All Windows XP Computers, and then select All Tasks Distribute Software Updates3Use the wizard to create a new package and program4Browse to the patch to be deployed5Configure options for how and when the patch will be deployed to clients6Exp

23、and the Site Database node2SMS MBSA IntegrationMBSA integration included with SMS 2003 and the SUS Feature Pack for SMS 2.0Scans SMS clients for missing security updates using mbsacli.exe /hfSMS directs client to run local MBSA scan1SMS server parses data to determine which computers need which secu

24、rity updates3Administrator pushes missing updates only to clients that require them4Client performs scan, returns data to SMS server2MBSA BenefitsScans systems forMissing security patchesPotential configuration issuesWorks with a broad range ofMicrosoft softwareAllows an administrator to centrally s

25、can multiple computers simultaneously MBSA is a free tool, and can bedownloaded from/mbsa MBSA ConsiderationsMBSA reports important vulnerabilitiesPassword weaknessesGuest account not disabledAuditing not configuredUnnecessary services installedIIS vulnerabilitiesIE zone settingsAutomatic Updates co

26、nfigurationInternet Connection Firewall configurationMBSA Scan OptionsMBSA has three scan optionsMBSA graphical user interface (GUI)MBSA standard command-lineinterface (mbsacli.exe)HFNetChk scan (mbsacli.exe /hf)Business Case ForPatch ManagementWhen determining the potential financial impact of poor

27、 patch management, considerDowntimeRemediation timeQuestionable data integrityLost credibilityNegative public relationsLegal defensesStolen intellectual property“We commend Microsoft for providing enhanced security guidance to its customers as well as for soliciting user input as part of the process

28、 of producing that guidance“Clint KreitnerPresident/CEO“NIST reviewed and provided technical comments & advice, that was incorporated in this guidance”Timothy GranceManagerSystems and Network Security GroupCommentsSecurely make e-mail available to outside employeesExchange publishingYou Need ToSecur

29、ely make internal applications available on the InternetWeb and Server PublishingEnable partners to access relevant information on my networkIntegrated S2S VPN and FWSecure and flexible remote access, while protecting my corporate networkIntegrated RRAS VPN and FWSecurely connect my branch offices t

30、o the corporate officeIntegrated FW, VPN, CacheControl Internet Access and protect my clients from malicious Internet trafficFW, Web ProxyEnsure fast access to the most frequently used web contentCachingISA DeliversRelational ReportingMultiple fact tablesFull richness the dimensionsattributes Transa

31、ction level accessStar, snowflake, 3NF Complex relationships: Multi-grains, many-to-many, role playing, indirectRecursive self joinsSlowly changing dimensionsThe Unified Dimensional Model The Best Of Relational And OLAPOLAP CubesMultidimensional navigationHierarchical presentationFriendly entity nam

32、esPowerful MDX calculationsCentral KPI framework“Actions” Language translations Multiple perspectivesPartitionsAggregations Distributed sourcesVisual Studio Team SystemChange ManagementWork Item TrackingReportingProject SiteVisual StudioTeam FoundationIntegration ServicesProject ManagementProcess an

33、d Architecture GuidanceVisual Studio Industry PartnersDynamic Code AnalyzerVisual StudioTeam ArchitectStatic Code AnalyzerCode ProfilerUnit TestingCode CoverageVisio and UML ModelingTeam Foundation ClientVS ProClass ModelingLoad TestingManual TestingTest Case ManagementApplication ModelingLogical In

34、fra. ModelingDeployment ModelingVisual StudioTeam DeveloperVisual StudioTeam TestApplication ModelingLogical Infra. ModelingDeployment ModelingClass ModelingSQL Server CatalogReport ServerXML Web Service InterfaceReport ProcessingDeliveryDelivery Targets(E-mail, SharePoint,Custom)RenderingOutput For

35、mats (HTML, Excel, PDF, Custom)Data ProcessingData Sources(SQL, OLE DB, XML/A, ODBC, Oracle, Custom)SecuritySecurity Services(NT, Passport, Custom)OfficeCustom ApplicationBrowserSQL Server 2000 Reporting Services ArchitectureCM ProfileRuns customizablepost connect scriptScript runs RQC notifierwith

36、“results string”ListenerRQS receives Notifier“results string”Compares results topossible resultsRemoves time-out ifresponse received butclient out of dateRemoves quarantine filterif client up to dateQuarantine VSAsTimer limits timewindow to receive notify before auto disconnectQ-filter sets temporar

37、y route filter to quarantine accessInternetRAS ClientRRAS ServerIAS ServerQuarantineRQC.exe and RQS.exe are in the Windows Server 2003 Resource KitQuarantine ArchitectureMicrosoft BI Product SuiteAnalysis ServicesOLAP & Data MiningData TransformationServicesSQL ServerRelational EngineReporting Servi

38、cesManagement ToolsDev Tools Visual Studio .NetExcelOWCVisioMap PointData AnalyzerSharePoint PortalServerProject ServerWindows ServerMBS BI ApplicationsCurrent ArchitectureTCP/IPRTC Client APIUser AppRTPSIPPINTT.120Server ArchitectureApplicationManaged APIsApplicationManaged APIsWinsockStorageADDisp

39、atcherData Store InterfacesSPL Script EngineRegistrar/PresenceSIP ProxyServerApplication InteractionApplication1 CRMApplication2 BillingApplication3 LoggingRequestModifiedRequestWhat is VS Team Foundation?Source Code ControlWork Item TrackingBuild AutomationProject SiteReportingTITLEAvailableTodayMi

40、crosoft Windows Security Resource KitAssessing Network SecurityJune 23, 2004EAP architectureTLSGSS_APIKerberosPEAPIKEMD5EAPPPP802.3802.5802.11AnythingmethodlayerEAPlayermedialayerMS-CHAPv2TLSSecurIDPartner Solutions OfferingsVALUE Proposition:Get more business value from your investment in OfficeFin

41、anceSarbanes-OxleyBusiness ScorecardExcel Add-in for SQL Server Analysis ServicesOperationsSix SigmaHRRecruitingSalesProposalsSolution AcceleratorsMicrosoft ProductsOffice Solution AcceleratorsVALUE Proposition:Get more business value from your investment in OfficeYour PeopleEPM Involves.Your Busine

42、ssProcesses Your OrganizationYour Software Technology & ToolsEnterprise Project ManagementAn orchestration of your people, processes, organization with technologyYour Business ProcessesGovernancePrioritizationBudgetingHuman Resources etc InitiativesImplement Microsoft OfficeProject 2003 for the Ente

43、rpriseDecisions- Corporate Goals and ObjectivesExecutivesFinanceSales and MarketingR&DIT / ISYour OrganizationStrategic Initiatives HRDevelopment ProjectsOperational ImprovementsOn Average 45-50% of all Projects are linked to Strategic Objectives.Representative Risks And TacticsTactical SolutionsEnt

44、erprise RisksEmbodyTrustworthyComputingSecure Environmental RemediationUnpatched DevicesNetwork Segmentation Through IPSecUnmanaged DevicesSecure Remote UserRemote and Mobile UsersTwo-Factor for Remote Access and AdministratorsSingle-Factor AuthenticationManaged Source InitiativesFocus Controls Acro

45、ss Key AssetsRemote Access SecurityThreatRequirementSolutionMalicioususersTwo factor authenticationSmart Cardsfor RASMalicioussoftwareEnforce remote system security configurationConnection Manager, custom scripts and tools provided in the Windows 2003 resource kitCorporate Security Group OrganizationCorpor