Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft http://blogs.technet.com/DanStolts
Dec 17, 2015
Building on the Foundation of Windows Vista:
Introduction to Windows 7: Security and Management
Dan StoltsIT Pro Evangelist
Microsofthttp://blogs.technet.com/DanStolts
Fundamentally Secure Platform
Protect Users &
Infrastructure
Windows Vista FoundationUser Account ControlEnhanced Auditing
Securing Anywhere
Access
Windows 7 Enterprise SecurityBuilding upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable.
Protect Data from
Unauthorized Viewing
Network SecurityNetwork Access ProtectionDirectAccessTM
AppLockerTM
Internet Explorer 8Data Recovery
RMSEFSBitLockerTM
Windows Vista Foundation
Enhanced Auditing
Make the system work well for standard usersAdministrators use full privilege only for administrative tasksFile and registry virtualization helps applications that are not UAC compliant
User Account Control
XML basedGranular audit categoriesDetailed collection of audit resultsSimplified compliance management
Fundamentally Secure Platform
Security DevelopmentLifecycle processKernel Patch ProtectionWindows Service HardeningDEP & ASLR
IE 8 inclusiveMandatory Integrity Controls
Network Security
DirectAccessTM
Ensure that only “healthy” machines can access corporate dataEnable “unhealthy” machines to get clean before they gain access
Network Access Protection
Security protected,seamless, always on connection to corporate networkImproved managementof remote users Consistent security for all access scenarios
Securing Anywhere Access
Windows Firewall can coexist with 3rd party productsMulti-Home ProfilesDNSSec (RFCs 4033, 4034 and 4035)
AppLockerTM Data Recovery
Protect users against social engineering and privacy exploitsProtect users against browser based exploitsProtect users against web server exploits
Internet Explorer 8
File back up and restoreCompletePC™ image-based backup System RestoreVolume Shadow CopiesVolume Revert
Protect Users & Infrastructure
Enables application standardization within an organization without increasing TCOIncrease security to safeguard against data and privacy lossSupport compliance enforcement
7
AppLocker vs Software Restriction Policy
Feature Software Restriction Policies AppLocker
Rule scope All users Specific user or group
Rule conditions provided
File hash, path, certificate, registry path, and Internet zone rules
File hash, path, and publisher rules
Rule types provided Allow and deny Allow and deny
Default rule action Allow or deny Deny
Audit-only mode No Yes
Wizard to create multiple rules at one time
No Yes
Policy import or export
No Yes
Rule collection No Yes
PowerShell support No Yes
Custom error messages
No Yes
RMS BitLockerTM
User-based file and folder encryption Ability to store EFS keys on a smart card
EFS
Easier to configureand deployRoam protected data between work and homeShare protected data with co-workers, clients,partners, etc.Improve compliance and data security
Protect Data from Unauthorized Viewing
Policy definitionand enforcementProtects information wherever it travelsIntegrated RMS Client Policy-based protection of document libraries in SharePoint
Windows 7: Manageability
Enterprise-scale Scripting Engine with PowerShellScripting
Richer Support ToolsCustomized Troubleshooting
Enhanced Group Policy ScenariosGroup Policy Preferences
Reduce Help Desk Calls and Keep
Users Productive
Flexible Administrative
Control
Increased Automation
to Reduce Costs
Windows 7 Builds On Windows Vista Tools To Resolve Issues Quicker
Reliability MonitorReliability data is exposed via APIs for remote collectionIntegration of Reliability Monitor and Problem Reports and Solutions to better correlate system changes and events
Resource MonitorSysInternals Process Explorer features integrated into Resource Monitor for clearer identification of process issues
Windows Recovery EnvironmentWindows Recovery Environment (WinRE) Restore to OEM or IT image without data loss or reimage with recent system backup
System Restore Users will now be able to view the list of software changes before rolling their PC back Restore points will be available from system backups allowing users to roll-back to a point further back in time
Problem Steps Recorder Users record steps taken when an issue occurs, giving help desk screen shots and comments to help resolve issues
Keep Users Productive
Fundamentally Secure Platform
Protect Users &
Infrastructure
Windows Vista FoundationUser Account ControlEnhanced Auditing
Securing Anywhere
Access
SummaryBuilding upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable.
Protect Data from
Unauthorized Viewing
Network SecurityNetwork Access ProtectionDirectAccessTM
AppLockerTM
Internet Explorer 8Data Recovery
RMSEFSBitLockerTM