Building End-to-End Infrastructure Security-Windows XP, Vista, Server 2003 and Active Directory
John Craddock, Principle Infrastructure & Security Architect, Kimberry Associates
Sally Storey, Senior Consultant, Kimberry Associates
In this session we step back from the infrastructure and provide a methodology for classifying your business requirements and identifying business assets. Armed with this knowledge you can create a threat model and categorize risks. You will learn how to create a design that will truly support your organization. Topics covered include: Identifying business assets; Threat modeling; Security policy and response planning; Patch management and compliance testing; Least privileged access.
Network connectivity is the life blood of your infrastructure but the TCP/IP stack, listening services and applications provide many entry points through which systems can be discovered and attacked. In this session we show you how to assess your systems through the use of network scanners, provide maximum protection through the use of host based firewalls and implement IPSec. Topics covered include: Firewall configurations, troubleshooting connectivity; Identifying protocol and port requirements; Network scanners and monitors; Deploying IPSec for domain and server isolation
Server and workstation security is normally managed through the use of group policy, but what are the options? In this session you will learn about best practice solutions for lockdown. We will also show you how to manage security templates, use the Security Configuration Wizard and implement Software Restriction Policies. Topics covered include: Managing server roles and lockdown policies; Using security templates; The Security Configuration Wizard; Delegating group policy management; Creating Software Restriction Policies (SRP)
In this session we look at the key Vista security enhancements that impact our overall look at end-to end security framework. We explore User Account Control and the Secure Desktop. Examine how Vista can virtualize file and registry access and how solutions can be provided for Windows XP. You will learn about new core features including the enhanced stack, firewall and group policy. Topics covered include: Core security and networking enhancements; User Account Control (UAC); Application compatibility; Vista group policy; Network Access Protection (NAP)
Technorati Tags: Windows Server 2003