Hi everyone, my name is Jeff Wettlaufer and I am the Sr. Technical product Manager for System Center Configuration Manager. This week at RSA System Center will be present like never before. With the recent releases of System Center Configuration Manager, Operations Manager, Data Protection Manager and Virtual Machine Manager, the business of Management at Microsoft has taken Security to a new level.
Through integration to the Windows Client and Server platform as well as Forefront, System Center has achieved new and improved security capabilities across a wide range of scenarios. Datacenter, mobile workforce, branch office as well as both physical and virtual environments.
For example, this week at RSA, System Center will be showcasing our ability to integrate with Windows Server 2008 Network Access Protection. Today’s increasingly mobile workforce and the need for interconnection between partners and customers present an entirely new set of challenges for IT departments. In addition to ensuring that the desktop computers on the network are up-to-date and meet the company’s requirements for system health, network perimeters must also protect networks from roaming devices that may be vulnerable to security exploits.
Network Access Protection is designed to protect the network by validating the System Health when the Client attempts to connect. This set of technologies allows an IT administrator to restrict non compliant devices from accessing network resources. Through Windows Server 2008 NAP, policy in the form of a relationship between the Network Policy Server and a NAP configured Windows client can verify elements visible with the Windows Security Center. Firewall, Automatic Updates, Anti Virus etc. System Center brings an incredibly powerful addition to this health verification, in the form of Windows Updates.
Configuration Manager brings out of the box support for NAP policy validation for the presence of Windows, 3rd party or Line of Business updates, not only guaranteeing that the client accessing the network is configured for corporate security settings, but that the client also has a current update configuration of all the approved patches. And, just like Windows NAP, these policies from System Center can enforce network restrictions both on network access scenarios, as well as online in the production network, ensuring even when systems are inside the corporate boundaries, system health validation can be occurring at regular intervals.
Microsoft is a Diamond sponsor of the RSA Conference this year, and System Center has been involved all week in the Microsoft pavilion of the show floor (right between Windows Server 2008 NAP and Forefront pods), where a constant stream of Security professionals have been engaging with Product team.
Here is also a cool video of the NAP integration in action, hosted by our friends on Technet Edge.