最新微软蓝灰风格PPT模板PPT课件.ppt
微软蓝灰风格微软蓝灰风格PPTPPT模板模板Session AgendaFocus on Customer ChallengesMicrosoft Security StrategySecure Windows InitiativeStrategic Technology Protection ProgramTrustworthy ComputingBuilding the secure platform.NET FrameworkWindows.NETSummaryQuestionsGoal:Help customers secure their Windows SystemsPeoplePeoplePeoplePeopleProcessProcessProcessProcessTechnologyTechnologyTechnologyTechnologyStrategic TechnologyProtection ProgramStrategic Technology Protection Program-Customers Need Our HelpI didnt know which patches I neededI didnt know where to find the updatesI didnt know which machines to updateWe updated our production servers,but the rogue servers got infectedMore than 50%of the customers affected by Code Red were not patched in time for NimdaSTPP:“Get Secure”Coming-Enterprise Security ToolsMicrosoft Baseline Security AnalyzerSMS security patch rollout toolWindows Update Auto-update clientNow-Microsoft Security ToolkitServer oriented security resources.New server security tools and updates,Windows Update bootstrap client for Windows 2000Now-Security Assessment Program OfferingAvailable immediately through MCS/PSSNow-Free Virus Support HotlineContact your local PSS officeGet SecureMicrosoft Security ToolkitGets Windows NT and 2000 systems to secure baseline,even disconnected netAutomates server updatesOne-button wizard and SMS ScriptsUpdates and Patches Includes all Service Packs and critical OS and IIS patches through 10/15HFNetchk:patch level verifierIIS Lockdown&URLScanSTPP:“Stay Secure”Ongoing-Enhanced Product SecurityProvide greater security enhancements in the releases of all new products,including theWindows.NET Server family Spring 2002-Federated Corporate Windows Update ProgramAllows enterprise to host and selectWindows Update contentSpring 2002-Windows 2000 Service Pack(SP3)Provide ability to install SP3+security rollupwith a single rebootJan.2002-Windows 2000 Security Rollup PatchesBundle all security fixes in single patchesReduces reboots and administrator burdenCorporate Update Server SolutionAutomatic Update(AU)clientAutomatically download and install critical updatesSecurity patches,high impact bug fixes and new drivers when no driver is installed for a deviceChecks Windows Update service or Corporate Update server once a dayNew!Install at schedule time after automatic downloads Administrator control of configuration via registry-based policySupport for Windows.NET Server,Windows XP and Windows 2000Update serverCorporate hosted WU server to support download and install of critical updates through AU clientServer synchronizes with the public Windows Update serviceSimple administrative model via IE Updates are not made available to clients until the administrator approves themRuns on Windows.NET Server and Windows 2000 ServerTrustworthy ComputingGoal:Make devices powered by computers and software as trustworthy as devices powered by electricity.A Trust TaxonomyAvailabilityAvailabilityAvailabilityAvailabilityAt advertised levelsAt advertised levelsAt advertised levelsAt advertised levelsSuitabilitySuitabilitySuitabilitySuitabilityFeatures fit functionFeatures fit functionFeatures fit functionFeatures fit function IntegrityIntegrityIntegrityIntegrityAgainst data loss or Against data loss or Against data loss or Against data loss or alterationalterationalterationalterationPrivacyPrivacyPrivacyPrivacyAccess authorized by Access authorized by Access authorized by Access authorized by end-userend-userend-userend-userReputationReputationReputationReputationSystem and provider System and provider System and provider System and provider brandbrandbrandbrandSecuritySecuritySecuritySecurityResists unauthorized Resists unauthorized Resists unauthorized Resists unauthorized accessaccessaccessaccessQualityQualityQualityQualityPerformance criteriaPerformance criteriaPerformance criteriaPerformance criteriaDev PracticesDev PracticesDev PracticesDev PracticesMethods,philosophyMethods,philosophyMethods,philosophyMethods,philosophyOperationsOperationsOperationsOperationsGuidelines and Guidelines and Guidelines and Guidelines and benchmarksbenchmarksbenchmarksbenchmarksBusiness PracticesBusiness PracticesBusiness PracticesBusiness PracticesBusiness modelBusiness modelBusiness modelBusiness modelPoliciesPoliciesPoliciesPoliciesLaws,regulations,Laws,regulations,Laws,regulations,Laws,regulations,standards,normsstandards,normsstandards,normsstandards,normsIntentIntentIntentIntentManagement assertionsManagement assertionsManagement assertionsManagement assertionsRisksRisksRisksRisksWhat undermines intent,What undermines intent,What undermines intent,What undermines intent,causes liabilitycauses liabilitycauses liabilitycauses liabilityImplementationImplementationImplementationImplementationSteps to deliver intentSteps to deliver intentSteps to deliver intentSteps to deliver intentEvidenceEvidenceEvidenceEvidenceAudit mechanismsAudit mechanismsAudit mechanismsAudit mechanismsGoalsGoalsGoalsGoalsMeansMeansMeansMeansExecutionExecutionExecutionExecutionBuilding the secure platformGoal:Provide IT with a secure,integrated foundation for managing how users,business,and technologies connect.Security in depthFront EndFront EndFront EndFront EndTypical Application ArchitectureUsersUsersUsersUsersBack EndBack EndBack EndBack EndAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessAuthorizationAuthorizationAuthorizationAuthorizationAuditAuditAuditAuditAlertsAlertsAlertsAlertsFront EndFront EndFront EndFront EndSecure Network AccessUsersUsersUsersUsersBack EndBack EndBack EndBack EndAuthorizationAuthorizationAuthorizationAuthorizationAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessFirewallFirewallFirewallFirewallVPNVPNVPNVPNWirelessWirelessWirelessWirelessIPSECIPSECIPSECIPSECAuditAuditAuditAuditAlertsAlertsAlertsAlertsFront EndFront EndFront EndFront EndFlexible AuthenticationUsersUsersUsersUsersBack EndBack EndBack EndBack EndBasicBasicBasicBasicHTTP DigestHTTP DigestHTTP DigestHTTP DigestKerberosKerberosKerberosKerberosCertificatesCertificatesCertificatesCertificatesSmartcardsSmartcardsSmartcardsSmartcardsAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessAuthorizationAuthorizationAuthorizationAuthorizationAuditAuditAuditAuditAlertsAlertsAlertsAlertsFront EndFront EndFront EndFront EndRich Access ControlsUsersUsersUsersUsersBack EndBack EndBack EndBack EndAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessAuthorizationAuthorizationAuthorizationAuthorizationAuditAuditAuditAuditAlertsAlertsAlertsAlertsAccess Control ListsAccess Control ListsAccess Control ListsAccess Control ListsRolesRolesRolesRolesFront EndFront EndFront EndFront EndSystem Wide AuditingUsersUsersUsersUsersBack EndBack EndBack EndBack EndAuthorizationAuthorizationAuthorizationAuthorizationAuditAuditAuditAuditAlertsAlertsAlertsAlertsAudit ActionsAudit ActionsAudit ActionsAudit ActionsDistributed DevicesDistributed DevicesDistributed DevicesDistributed DevicesAudit PolicyAudit PolicyAudit PolicyAudit PolicyAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessFront EndFront EndFront EndFront EndAlert InfrastructureUsersUsersUsersUsersBack EndBack EndBack EndBack EndAuthorizationAuthorizationAuthorizationAuthorizationAuditAuditAuditAuditAlertsAlertsAlertsAlertsEvent ForwardingEvent ForwardingEvent ForwardingEvent ForwardingFilteringFilteringFilteringFilteringCorrelationCorrelationCorrelationCorrelationAuthenticationAuthenticationAuthenticationAuthenticationNetwork AccessNetwork AccessNetwork AccessNetwork AccessWindows Brings it TogetherActive DirectoryIntegrated network authenticationPolicy based managementPKIIntegrated PKI services and auto-enrollmentUsed by IPSEC,Smartcard,Code Signing etc.NetworkingSecure network access via 802.1x supportAuthenticated firewall access via Microsoft ISA serverProtected DevicesEncrypting File SystemSoftware Restriction Policies2002MicrosoftCorporation.Allrightsreserved.2002MicrosoftCorporation.Allrightsreserved.结束语结束语谢谢大家聆听!谢谢大家聆听!27