News
New Security Center for Midsize Businesses
http://go.microsoft.com/?linkid=6027901
Microsoft offers a wide range of powerful tools and resources to help midsize businesses protect their systems and data. Find information here about the latest security updates, recent incidents, and best practices.
Seven New Features That Enhance Security in SharePoint
http://go.microsoft.com/?linkid=6027902
With SharePoint tapping into more enterprise data and becoming more integral to business workflow, security becomes far more critical. Find out how these seven new features in Microsoft Office SharePoint Server (MOSS) can quickly improve security in your organization.
Online Security Sessions from Tech-Ed Europe: IT Forum Available
http://go.microsoft.com/?linkid=6027903
The security sessions from November's IT Tech-Ed Europe: IT Forum are now available online at IT's Showtime! by TechNet. If you couldn't attend the November conference, take advantage of these new videos and benefit from in-depth information and advice from some of the best Microsoft and third-party security experts in the industry.
Secure Mobile Applications - an Oxymoron?
http://go.microsoft.com/?linkid=6027900
By Marcus Perryman, Software Design Engineer, Microsoft Corporation This article discusses some of the risks that "going mobile" introduces to your application, and presents some of the tools and technologies that are readily available for you to help protect your assets on the Windows Mobile platform.
Documents
Services Hardening in Windows Vista
http://go.microsoft.com/?linkid=6027904
Windows Vista Services Hardening is an important new capability that is designed to thwart errant service behavior that much of today's malware can currently perform. This article explains how Service Hardening helps Microsoft take huge steps in changing the default behavior and security profile of Windows services.
Security Tip of the Month: How to Set Up a Wireless Network with a Security Infrastructure
http://go.microsoft.com/?linkid=6027905
Due to the nature of wireless LAN networks, implementing a security infrastructure that monitors physical access to the network is difficult. This document provides step-by-step instructions on how to set up a wireless network using 802.1x and Wi-Fi Protected Access.
Supporting Mobile Users
http://go.microsoft.com/?linkid=6027906
This article provides guidance on how Windows XP Professional can be configured and administered to provide support for mobile users, including the features and tools that are designed specifically for portable computer users.
Windows Mobile Powered Devices and Security Features
http://go.microsoft.com/?linkid=6027907
This paper looks at the security risks related to mobile devices. It then discusses security policies and procedures for mobile devices and presents the different technologies and applications that enable Windows Mobile powered devices to counter the security risks. These include technologies for authenticating users, encrypting data and communication links, and remotely managing volume deployments of mobile devices.
Step-by-Step Guide to Deploying Windows Mobile-based Devices with Microsoft Exchange Server 2003 SP2
http://go.microsoft.com/?linkid=6027908
This document provides an overview of the features of the Messaging and Security Feature Pack (MSFP) and best practices for networking, security, and device management as well as mobile messaging system deployment guidance on creating a protected communications environment and setting up and managing mobile devices.
Microsoft Exchange Server 2003 Client Access Guide
http://go.microsoft.com/?linkid=6027909
This guide provides information about working with Microsoft Exchange Server 2003 and client access, and includes a chapter on understanding Outlook Mobile Access security requirements. It describes the new features for Exchange Server 2003 and Microsoft Office Outlook 2003, in addition to improvements in Outlook Web Access 2003.
How to Perform a Remote Wipe on a Device
http://go.microsoft.com/?linkid=6027910
Microsoft Exchange Server 2007 enables you to send a command to a mobile device that will perform a wipe of the device. This process, known as a remote device wipe, clears all Exchange information that is stored on the device, enabling you to clear data from a stolen device or to clear a device before assigning it to another user.
Managing Exchange ActiveSync with Policies
http://go.microsoft.com/?linkid=6027911
In Microsoft Exchange Server 2007 you can create Exchange ActiveSync mailbox policies to apply a common set of policies or security settings to a collection of users. This topic discusses Exchange ActiveSync mailbox policies and how they can be managed in your Exchange 2007 organization.
Wireless LAN Technologies and Microsoft Windows
http://go.microsoft.com/?linkid=6027912
This article describes the benefits of wireless LANs, the support for 802.11 wireless LAN and wireless LAN security standards in Microsoft Windows, and general guidelines for wireless LANs in medium to large organizations.
IEEE 802.11 Wireless LAN Security with Microsoft Windows
http://go.microsoft.com/?linkid=6027913
This article discusses the security issues of IEEE 802.11 wireless networks and shows how Microsoft Windows operating systems can be used to make 802.11 wireless networks as secure as the current set of 802.11-related technologies allow.
Secure Wireless Access Point Configuration
http://go.microsoft.com/?linkid=6027914
This guidance discusses the challenges that midsize businesses face when considering wireless networks, and provides valuable information to design and implement an effective solution for securing a Wireless Access Point (WAP). Included is information about assessing WLAN security, developing a secure WLAN solution, and deployment and management.
Protecting Data by Using Encrypting File System (EFS) to Encrypt Hard Drives
http://go.microsoft.com/?linkid=6027915
This document provides step-by-step instructions for the main EFS-related tasks in a small-to-medium business, and also lists several important best practices for using EFS.
Connecting to Wireless Networks with Windows Vista
http://go.microsoft.com/?linkid=6027916
This article discusses the Windows Vista improvements for connecting to IEEE 802.11 wireless LAN networks including new support for non-broadcasting wireless networks, a new set of dialog boxes to more easily connect to or configure connections to wireless networks, and a new way to configure wireless connections at the command line using the Netsh.exe tool.
Step-By-Step Guide to Controlling Device Installation and Usage with Group Policy
http://go.microsoft.com/?linkid=6027917
This guide describes how you can control the installation and usage of devices on the computers that you manage, in Microsoft Windows Server Code Name "Longhorn" and Windows Vista.
Active Directory Schema Extensions for Windows Vista Wireless and Wired Group Policy Enhancements
http://go.microsoft.com/?linkid=6027918
This article describes how to extend the Active Directory schema to support enhancements that can be configured through Group Policy settings for Windows Vista wireless and wired clients in an environment running Windows Server 2003 or Windows Server 2003 R2.
Internet Protocol Security Enforcement in the Network Access Protection Platform
This white paper describes the Network Access Protection (NAP) platform, how IPsec protects traffic, and how IPsec Enforcement in NAP provides system health policy enforcement for IPsec-secured communication.
Network Access Protection Platform Architecture
Read this white paper for a detailed description of the components of the NAP architecture and how it allows third-party software vendors and system integrators to create complete solutions for system health validated network access.
Configuring Network Access Protection Policies in Windows Server "Longhorn"
You configure NAP health requirements and enforcement behaviors with Network Policy Server in Windows Server "Longhorn."
Introduction to Network Access Protection
Read this white paper for an overview of the NAP business scenarios, an outline of the components of NAP, and a description of how NAP works.
Fundamental Computer Investigation Guide for Windows
The Fundamental Computer Investigation Guide for Windows is a concise collection of processes, tools, and best practice information. It is designed to provide standardized guidance for IT professionals who need to conduct investigations of Microsoft® Windows®–based computers in their organizations.
Using ISA Server to Extend Server and Domain Isolation Interoperability
This white paper details how to use ISA Server as an IPsec gateway or proxy within a Server and Domain Isolation solution to extend IPsec interoperability.
Downloads
Rights Management Services Administration Toolkit with SP2
The Rights Management Services (RMS) overview describes the benefits of deploying RMS Service Pack 2 (SP2) and covers the basic features, functions, and technologies.
SSL Diagnostics Version 1.1 (x86)
Download the Secure Socket Layer (SSL) troubleshooting tool for Internet Information Services (IIS).
Microsoft Junk E-mail Reporting Tool version 1.1 for Microsoft Office Outlook
The Junk E-mail Reporting Tool lets you directly report junk e-mail to Microsoft and its affiliates for analysis to help us improve the effectiveness of our junk e-mail filtering technologies.
Microsoft Antigen for Exchange with Antigen Spam Manager Trial Software
The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.
Events/WebCasts
Events
Microsoft Across America Launch: IT Pro Track
http://go.microsoft.com/?linkid=6027925
Multiple Cities - January and February 2007
Gain insight that will simplify deployment of Windows Vista, 2007 Microsoft Office system, and Microsoft Exchange Server 2007 in your organization, and learn about the tools that can help secure your computing infrastructure end to end against the latest threats with the most recent technologies from Microsoft.
Get Up-to-Date Microsoft Security Guidance Training
http://go.microsoft.com/?linkid=6027926
Newly-released Microsoft Official Clinics offer best practices for IT professionals and developers to help improve network and application security. Learn the fundamentals of infrastructure security with Clinic 2801: Microsoft Security Guidance Training I.
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
http://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcast on the link above
Information About Microsoft February Security Bulletins (Level 200)
http://go.microsoft.com/?linkid=6027959
Wednesday, February 14, 2007, 11:00 AM Pacific Time
Christopher Budd, CISA, CISM, CISSP, ISSMP Security Program Manager, PSS Security, Microsoft Corporation and Mike Reavey, Lead Security Program Manager, Microsoft Corporation
On-Demand Security Webcasts
http://www.microsoft.com/events/security/ondemand.mspx
TechNet Webcast: Windows Mobile Platform Security Drilldown for the Enterprise (Level 300)
http://go.microsoft.com/?linkid=6027949
Join this webcast to learn about Microsoft Windows Mobile security features from the Enterprise perspective. We will cover how identified security threats are mitigated utilizing Windows Mobile platform security components. The presentation will include best practices for network and mobile security with Windows Mobile-based devices derived from our intense and extensive experience in this realm.
TechNet Webcast: Accessing Exchange Server from Your Mobile Device Using SP2 (Level 300)
http://go.microsoft.com/?linkid=6027950
This webcast discusses and demonstrates how Microsoft Exchange Server 2003 with advanced security features provides affordable remote and mobile access to e-mail and personal information manager information across a range of mobile devices. Explore the mobility enhancements in Exchange Server 2003 Service Pack 2, including the new always-up-to-date functionality, configuring personal identification number lock settings, remotely wiping a device, configuring soft certificates to access Exchange, and other new mobility enhancements.
Enterprise Device Management and Mobile Application Security (Level 200)
http://go.microsoft.com/?linkid=6027960
Available on demand
Jason Langridge, Business Manager III, Microsoft Corporation
Adapt Your Application (Part 2 of 3): Working with Windows Mobile Security (Level 200) http://go.microsoft.com/?linkid=6027961
Available on demand
Eric Engineer, Microsoft Corporation and Jim Wilson, MVP, JW Hedgehog, Inc.
Implementing Security for Mobile Device Solutions (Level 200)
http://go.microsoft.com/?linkid=6027962
Available on demand
William Steele, Developer Community Champion, Microsoft Corporation