TechEd 2005 Content Planning: Security track

As with previous posts, please provide your feedback to the TechEd 2005 planning process with your comments on the “Security” track. If you think theres anything missing here or would like to pick your top three sessions, please feel free to do so! I frankly think we need a stronger ISA session here…do you agree?


  • Best Practices for a Secure PKI Deployment

  • CSI Security Overview (Idm – Developer)

  • Developing with Least Privilege

  • Enterprise Security Risk Management

  • ISA Server 2004 Enterprise Edition Overview

  • ISA Server 2004 Standard Edition Appliances

  • Microsoft Smart Card Management Tools

  • Network Isolation Using Group Policy and IPsec

  • Practical Security for Internet and Extranet Solutions

  • Protecting Privacy on the Microsoft Platform:

  • Providing Web SSO and Identity Federation solutions using Active Directory Federation Services Windows Server 2003 R2

  • RMS SP1: RMS SP1 Overview and Opportunities

  • Safe and Legal: Common Legal and Regulatory Requirements in the Security Space

  • Secrets of Microsoft: How Does Microsoft Secure Its Applications

  • Secure Remote Access

  • Securing Access to Wireless and Wired Networks with 802.1x Authentication

  • Securing Your Active Directory Deployment: Best Practices

  • Security at Microsoft

  • Security Overview: Kickoff

  • Security Update Management with WUS, MBSA 2.0 and SMS

  • Understanding and Fighting Malware: Viruses, Spyware and Rootkits

  • What Administrators Should Know About Passwords

  • Windows Internals: Understanding Security Changes in Windows XP Service Pack 2

Comments (4)

  1. Tristank says:

    Yes! 🙂

  2. Iain Robertson says:

    There’s a few there that look interesting. Hard to narrow it down to three. 🙂 Given that I’m in Brisbane, and as I understand it, TechEd 2005’s on the Gold Coast, I may well try and get down there (emphasis on "try" — Windows isn’t a core platform of mine, so it’ll be difficult to get past the boss, I suspect).

    Here are the three on my particular shortlist:

    <ul><li>Developing with Least Privilege</li>

    <li>Enterprise Security Risk Management</li>

    <li>Understanding and Fighting Malware: Viruses, Spyware and Rootkits</li></ul>

    To be honest, I’m a bit intrigued by an (apparent?) absence of information on integration with/to "alien" platforms, say through Kerberos or similar. I know that with my last job, when I had to do this (Solaris, and separately an Apache server, "integrated" with Active Directory, i.e. taking authentication from AD), it was an interesting task – for all the wrong reasons. Which side of the fence the "fault" laid on is debatable, too, and <b>was</b> hotly debated for some time. 😉

  3. Chris Mohan says:

    A strong securing the borders with ISA would be nice as would a "What to do if you think you’ve been hacked" best practices -no not Fdisk and re-install 🙂

    1)Network Isolation Using Group Policy and IPsec

    2)Secure Remote Access

    3)Securing Your Active Directory Deployment: Best Practices

  4. Chris Haaker says:

    This is a topic that is near and dear to my heart – given that I submitted to present on two ISA server topics and was shot down. 🙁 But the two I was proposing dont even look like they are addressed except in the most general way. These are topics that working engineers I hear from are constantly asking for: CertificateIPSEC-based VPN configuration end-to-end and using ISA and RRAS Quaratine for incoming VPN connections. Yes, this list is very light on ISA. Also, I live in the US but am writing this from Melbourse! How cool is that?