October 2006 - Technical Rollup Mail - Security
News
Microsoft Is Committed to Network Access Control Interoperability
By Mike Schutz, Group Product Manager, Security and Access Products, Microsoft Corporation
For the past two years, there has been much hype around the term "network access control". Read this article and learn how Microsoft is working with industry leaders across networking and security as well as collaborating with Cisco on interoperable architecture for Microsoft Network Access Protection (NAP) and Cisco Network Admission Control (NAC).
https://www.microsoft.com/technet/community/columns/secmgmt/sm0906.mspx
Cisco and Microsoft Unveil Joint Architecture for NAC-NAP Interoperability
Cisco Systems Inc. and Microsoft Corp. are delivering on their previously stated commitment to provide customers and partners with clear guidance on how Cisco NAC and Microsoft NAP will interoperate. A technical white paper released by the two companies describes the architecture and provides details on how to integrate the embedded security capabilities of the Cisco network infrastructure with those of Windows Vista and the future version of Microsoft Windows Server, code-named "Longhorn."
https://www.microsoft.com/presspass/press/2006/sep06/09-06SecStandardNACNAPPR.mspx
BrowserShield : Helping Make the Web Safe for Surfers
BrowserShield, a research project from Microsoft Research’s Redmond lab, offers significant advances in collaring the malevolent forces that haunt the World Wide Web. Work on BrowserShield began in the spring of 2005, and the current project tackles the challenge of cleansing the dynamic content of a Web page (such as embedded JavaScript code) through script rewriting and vulnerability-driven filtering. Learn why the cliché “the best offense is a good defense” rings true with BrowserShield.
https://research.microsoft.com/displayArticle.aspx?id=1521
See Microsoft Forefront Client Security in Action
Microsoft Forefront Client Security provides unified virus and spyware protection for business desktops, laptops, and server operating systems that is easier to manage and control. Through simplified administration and integration with existing infrastructure, Forefront Client Security helps you protect your business with greater confidence and efficiency. Learn more about the product, watch the video demo, and sign up for the public beta.
https://www.microsoft.com/forefront/clientsecurity
Microsoft Completes Acquisition of Whale Communications
Microsoft announced the completion of its acquisition of Whale Communications, a leader in Secure Sockets Layer virtual private network (SSL VPN) technology. The deal is particularly relevant for Microsoft Internet Security and Acceleration (ISA) Server users dealing with multiple remote-access security scenarios. To mark the close of the deal, Microsoft is providing a special price promotion for all current and new customers.
https://go.microsoft.com/?linkid=5394378
Get safe online with Get Safe Online
Packed with simple advice, Get Safe Online can help you protect yourself against internet threats. Visit the website to find out more and stay tuned to find out how you could meet the Microsoft team on the road in October.
https://go.microsoft.com/?linkid=5485337
Microsoft Security Bulletin Summary for September, 2006
https://www.microsoft.com/technet/security/bulletin/ms06-sep.mspx
Search for previous security bulletins https://go.microsoft.com/?linkid=3992478
Security Bulletin Feed https://go.microsoft.com/?linkid=3992479 RSS https://go.microsoft.com/?linkid=3992480
Documents
Windows Vista Security Blog
Get the latest updates from the product team on what will make Windows Vista the most secure version of Windows yet. This blog, which features Security Technology Unit Corporate VP Ben Fathi, will make you aware of how Windows Vista is more secure, keep you updated on the latest developments, and give you a behind-the-scenes look at the development process from the people building the product.
https://go.microsoft.com/?linkid=5394383
Microsoft Windows Vista Security Advancements
Microsoft has produced a white paper and on-demand video detailing the security advancements made in Windows Vista.
https://go.microsoft.com/?linkid=5394384
Security Tip of the Month: Improve the Security of Remote Access to Exchange Server with RPC over HTTP
One of the most compelling features of Microsoft Exchange Server 2003 when combined with Microsoft Office Outlook 2003 is the ability to use the Remote Procedure Call (RPC) over HTTP feature. This article offers a description of this feature, a checklist of the minimum server requirements, and different deployment scenarios.
https://go.microsoft.com/?linkid=5394387
Quarantine Control for VPN Roaming Clients in ISA Server
By Nathan Bigman, User Education Lead, ISA Server, Microsoft Corporation
Microsoft Internet Security and Acceleration (ISA) Server 2006 and ISA Server 2004 provide virtual private network (VPN) security functionality for roaming clients. Learn how, as part of this functionality, you can establish thorough control over newly connected clients, placing them in quarantine until they meet corporate connectivity standards.
https://www.microsoft.com/technet/community/columns/sectip/st0906.mspx
Network Access Protection Platform Architecture
Read this white paper for a detailed description of the components of the NAP architecture, how it works, and how it allows third-party software vendors and system integrators to create complete solutions for system health-validated network access. For a webcast version of this white paper, click here.
https://www.microsoft.com/technet/itsolutions/network/nap/naparch.mspx
Internet Protocol Security Enforcement in the NAP Platform
This white paper provides a detailed description of how Internet Protocol Security (IPsec) enforcement in the Network Access Protection platform works to provide system health validation and enforcement for IPsec-secured communication.
https://www.microsoft.com/technet/itsolutions/network/nap/napipsec.mspx
Configuring NAP Policies in Windows Server "Longhorn"
Read this white paper for a description of how to configure NAP health requirements and enforcement behavior using the Network Policy Server (NPS) in Windows Server "Longhorn."
https://www.microsoft.com/downloads/details.aspx?FamilyID=8e47649e-962c-42f8-9e6f-21c5ccdcf490&displaylang=en
Setting Up IPsec Enforcement for Network Access Protection in a Test Lab
Follow the instructions in this white paper to demonstrate IPsec enforcement in a test lab consisting of four computers.
https://www.microsoft.com/downloads/details.aspx?FamilyID=298ff956-1e6c-4d97-a3ed-7e7ffc4bed32&displaylang=en
Setting Up VPN Enforcement for Network Access Protection in a Test Lab
Follow the instructions in this white paper to demonstrate VPN enforcement in a test lab consisting of four computers.
https://www.microsoft.com/downloads/details.aspx?FamilyID=729bba00-55ad-4199-b441-378cc3d900a7&displaylang=en
Setting Up DHCP Enforcement for Network Access Protection in a Test Lab
Follow the instructions in this white paper to demonstrate Dynamic Host Configuration Protocol (DHCP) enforcement in a test lab consisting of three computers.
https://www.microsoft.com/downloads/details.aspx?FamilyID=ac38e5bb-18ce-40cb-8e59-188f7a198897&displaylang=en
Network Access Protection Blog
Check out this blog and get the latest NAP news directly from the NAP engineering team at Microsoft.
https://blogs.technet.com/nap/default.aspx
Antigen Case Studies
Find out how other companies are using Antigen to meet their e-mail and collaboration security needs
https://go.microsoft.com/?linkid=5394393
Downloads
Forefront Security for Exchange Server Beta Now Available
Microsoft Forefront Security for Exchange Server is the next version of Microsoft Antigen for Exchange and the first product available under the Microsoft Forefront business security product brand. The solution integrates tightly with Microsoft Exchange Server 2007 to provide advanced protection against e-mail threats, optimized server performance, and centralized management. Download the Forefront Security for Exchange Server beta today.
https://go.microsoft.com/?linkid=5394379
Tips and Tricks Guide to Secure Messaging
Improve your messaging safety and productivity. This free eBook is a valuable resource for information on messaging security innovations and solutions, and it provides strategies for defending your e-mail infrastructure.
https://go.microsoft.com/?linkid=5394388
Solution Advisor
The Solution Advisor is a tool that outlines a high-level Microsoft multilayered solution for your infrastructure and messaging needs. The tool creates a customized response by using information that you provide about such factors as company size, current messaging infrastructure, and the level of control you prefer to have over your messaging.
https://go.microsoft.com/?linkid=5394389
Microsoft Exchange Server 2003 Technical Library: Security and Protection
Make your Microsoft Exchange Server 2003 system more secure and help protect your messages and data using the resources and tools offered in this library.
https://go.microsoft.com/?linkid=5394390
A Guide to Exchange Disaster Recovery Planning
Learn about multiple strategies for making your Exchange deployment more reliable and available. This article covers recovery strategies, running Exchange on a Windows cluster, new recovery features in Exchange Server 2007, and more.
https://go.microsoft.com/?linkid=5394391
Microsoft Antigen User Guides
Get detailed technical guidance on installing and working with Microsoft Antigen Enterprise Manager, Microsoft Antigen for Exchange, Microsoft Antigen for SMTP, and Microsoft Antigen Spam Manager. These guides will teach you how features like the Antigen Spam Manager provide sophisticated and robust spam detection and removal through the integration of technologies like the SpamCure anti-spam engine from Mail-Filters.
https://go.microsoft.com/?linkid=5394392
Events/WebCasts
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar
Find security webcasts listed in an easy-to-use calendar format.
https://go.microsoft.com/fwlink/?LinkId=37910
Security Program Guide
Learn Security On the Job https://go.microsoft.com/?linkid=4526354
Learning Paths for security - Microsoft training references and resources https://go.microsoft.com/?linkid=4526355
Upcoming Security Webcasts
https://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Identity Management in Windows Server 2003 R2 Active Directory Federation Services (Level 200)
Friday, September 29, 2006, 9:00 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: Message Security, Compliance, and Message Protection with Exchange Server 2007 (Level 200)
Monday, October 9, 2006, 11:00 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: Agility Now (Part 06 of 10): Secure, Manageable Messaging (Level 200)
Wednesday, October 11, 2006, 9:30 A.M.-11:00 A.M. Pacific Time
TechNet Webcast: Agility Now (Part 06 of 10): Secure, Manageable Messaging (Level 200)
TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
Wednesday, October 11, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Information About Microsoft October Security Bulletins (Level 200)
Microsoft Webcast: Optimize Your Identity and Access Management Infrastructure (Level 100)
Thursday, October 12, 2006, 11:00 A.M.-12:00 P.M. Pacific Time
Microsoft Webcast: Optimize Your Identity and Access Management Infrastructure (Level 100)
TechNet Webcast: Secure Collaboration with Microsoft Antigen (Level 200)
Wednesday, October 18, 2006, 1:00 P.M.-2:00 P.M. Pacific Time
TechNet Webcast: Secure Collaboration with Microsoft Antigen (Level 200)
TechNet Webcast: Protecting Your Exchange Server 2007 Network from Viruses and Spam (Level 300)
Thursday, October 19, 2006, 9:30 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: Protecting Your Exchange Server 2007 Network from Viruses and Spam (Level 300)
TechNet Webcast: How Microsoft IT Secures Access to Corporate Resources Using Internet Security and Acceleration (ISA) Server 2006 (Level 300)
Tuesday, October 24, 2006, 9:30 A.M.-10:30 A.M. Pacific Time
TechNet Webcast: Secure Application Publishing with Internet Security and Acceleration (ISA) Server 2006 (Level 200)
Wednesday, October 25, 2006, 11:00 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: Secure Messaging with Microsoft Antigen (Level 200)
Monday, October 30, 2006, 1:00 P.M.-2:00 P.M. Pacific Time
TechNet Webcast: Secure Messaging with Microsoft Antigen (Level 200)
On-Demand Security Webcasts