News Security Policies in the Application Development Process http://go.microsoft.com/?linkid=8061034 By John Steer, CISSP, Senior Security Consultant, Microsoft ACE Services Corporate security policies are a critical part of securing your corporate assets. This article covers the role of the security policy as a driver in the application development lifecycle, and explains why it is important to imbed security processes and policies into the software development process. Forefront Client Security in Large Enterprises http://go.microsoft.com/?linkid=8061036 Deploy Forefront Client Security in large enterprises with more than 10,000 users with the use of Forefront Client Security Enterprise Manager. This tool allows you to aggregate reporting and management of up to 10 Client Security down-level deployment, allowing you to manage up to 100,000 client computers from a single Client Security console. Evaluate System Center Configuration Manager 2007 http://go.microsoft.com/?linkid=8061037 System Center Configuration Manager represents a tremendous advance over its well-regarded predecessor, now providing the control necessary to more effectively manage change in today's dynamic IT infrastructures. Manage the full deployment and update lifecycle with streamlined, policy-based automation; with enhanced insight into, and control over, assets and systems compliance; and with optimization for Windows -- particularly Windows Server 2008 and Windows Vista. When you download the 120-day trial software, you're automatically registered to receive valuable resources delivered at strategic intervals throughout the software evaluation period. New Forefront Security for Exchange Server SP1 Trial Software http://go.microsoft.com/?linkid=8061038 Now with support for Exchange Server 2007 SP1 and Windows Server 2008, Forefront Security for Exchange Server SP1 helps provide comprehensive protection for Exchange Server 2007 environments through the integration of multiple industry-leading antivirus scan engines, content filtering, and enhanced manageability. Begin your evaluation today. Group Policy Frequently Asked Questions (FAQ) http://go.microsoft.com/?linkid=8061041 Learn about key areas of Group Policy through answers to frequently asked questions and links to related information. Interesting Insights from Stephen Lamb http://www.microsoft.com/technet/technetmag/issues/2008/01/PowerShell/ There's an interesting article discussing the security features of Windows Powershell in this month's TechNet Magazine. Don Jones discusses the 'secure by design' ethos as applied to Windows Powershell, and specifically, how to prevent malicious scripts running. Download the Forefront Client Security Best Practices Analyzer Tool http://go.microsoft.com/?linkid=8070132 The Forefront Client Security Best Practices Analyzer Tool is designed for administrators who want to determine the overall health of their Forefront computers and to diagnose current problems. The tool scans the configuration settings of the computer and reports issues that do not conform to the recommended best practices. Try the New Forefront Security for SharePoint with Service Pack 1 http://go.microsoft.com/?linkid=8070133 Help protect your Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 collaboration environments with Forefront Security for SharePoint with SP1. Server Security: Less Is More http://go.microsoft.com/?linkid=8070134 Anyone who has spent more than a few days working in information security has probably heard the three core tenets of security: availability, confidentiality, and integrity. This article discusses another well-known but often overlooked concept: simplicity. Microsoft Security Bulletin Summary for January, 2008 http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx Search for previous security bulletins http://go.microsoft.com/?linkid=3992478 Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480 Documents Windows Server Group Policy http://go.microsoft.com/?linkid=8061039 IT administrators can use Group Policy and the Active Directory services infrastructure in Windows Server 2008 to automate one-to-many management of users and computers -- simplifying administrative tasks and reducing IT costs. These resources will help you to efficiently implement security settings, enforce IT policies, and distribute software consistently across a given site, domain, or range of organizational units. Deploying Group Policy Using Windows Vista http://go.microsoft.com/?linkid=8061040 The number of Group Policy settings has increased from approximately 1,800 in Windows Server 2003 Service Pack 1 to approximately 2,500 in Windows Vista and Windows Server 2008. This gives you more than 700 new policies to help you manage desktops, security, and all other aspects of running your network. This document will help you sort through the new and updated features available in Windows Vista, and provides a number of best practices to help you deploy Group Policy. Managing Hardware Restrictions via Group Policy http://go.microsoft.com/?linkid=8061042 USB thumb-disk keys and other removable devices can make your personal life easier but your professional life harder. For improved security, you need a way to control what hardware devices your users are installing on their work systems. Learn how you can use Group Policy to control which devices they can use and which ones they can't. Security Policies and Settings in the 2007 Microsoft Office System http://go.microsoft.com/?linkid=8061043 This section provides technical reference information for the security settings and privacy options in the 2007 Microsoft Office system. Learn what each setting does, the default configuration for a setting, which tool to use to configure a setting, and where to find the setting in the Office Customization Tool (OCT) or the Group Policy Object Editor. Security Policies for Windows Mobile 5.0 and Windows Mobile 6 http://go.microsoft.com/?linkid=8061044 Security Policy settings on Windows Mobile devices are configurable and provide the flexibility to control access to the device. This article contains a concise table that shows how you can use security policies to protect devices. Security Configuration Wizard Overview http://go.microsoft.com/?linkid=8061045 Security Configuration Wizard (SCW) is an attack surface reduction tool for computers running a member of the Windows Server 2003 family with Service Pack 1 (SP1). SCW guides you through the process of creating a security policy, based on the roles performed by a given server. Learn how you can use SCW, to create a policy , which then can be edited or applied to one or more similarly configured servers while applied policies can be rolled back in order to undo changes that have caused problems. .NET Framework Developer's Guide: Security Policy Management http://go.microsoft.com/?linkid=8061046 Security policy is the configurable set of rules that the common language runtime follows when determining the permissions to grant to code. The runtime examines identifiable characteristics of the code, such as the Web site or zone where the code originates, to determine the access that code can have to resources. During execution, the runtime ensures that code accesses only the resources that it has been granted permission to access. This part of the guide explores the .NET Framework security policy model, permission grants, security policy administration, security policy best practices, and much more. Configuring Security Policy http://go.microsoft.com/?linkid=8061047 Security is an important consideration when building applications. The common language runtime grants varying levels of trust to code based on certain attributes, called evidence, that the code possesses. When the runtime establishes that code has a certain level of trust, the code can access protected resources appropriate to that level of trust. Learn how to configure security policy using the .NET Framework Configuration Tool (Mscorcfg.msc) and the Code Access Security Policy Tool (Caspol.exe). Downloads Podcasts: How Microsoft IT Manages Physical Security through Strategic IT Convergence The purpose of World Wide Security Operations is to protect Microsoft’s assets in a manner consistent with corporate culture. Microsoft Forefront Server Security Management Console Documentation Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen. Windows Server 2008 Foundation Network Companion Guide: Deploying Server Certificates This companion guide to the Foundation Network Guide provides instructions on how to deploy server certificates with Active Directory Certificate Services (AD CS) and how to autoenroll server certificates to computers running Network Policy Server (NPS) and Routing and Remote Access (RRA) service. Microsoft Forefront Client Security Enterprise Manager Tool that will allow customers to centrally report on events across multiple event logging & reporting servers (collection servers). This tool enables a Forefront Client Security management console to provide centralized management and reporting across multiple FCS deployments EST 2007 08 August 14 v4 Enterprise Scan Tool (standalone) Enterprise Update Scan Tool (standalone version) for detecting needed security updates for August 2007 as described in MS07-043, MS07-047, MS07-049, and MS-07-050. Extended Security Update Inventory Tool The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA. January 2008 Security Releases ISO Image This DVD5 ISO image file contains the security updates for Windows released on Windows Update on January 8th, 2008. Update for Windows Mail Junk E-mail Filter for x64-based Systems [January 2008] (KB905866) Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. Update for Windows Mail Junk E-mail Filter [January 2008] (KB905866) Install this update for Windows Mail to revise the definition files used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. Microsoft® Windows® Malicious Software Removal Tool (KB890830) This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64 This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month. Microsoft Identity Lifecyle Manager 2007 This download comes as a pre-configured VHD. This download enables you to evaluate Microsoft Identity Lifecycle Manager 2007. TechNet Security Series Seminar - (13th Dec 2007) Presentation Materials for TechNet Security Series Seminar (13th Dec 2007) Internet Security and Acceleration Server Health Check Datasheet Maximizes the efficiency of your ISA Server configuration and minimize the risk of internal and external threats to your servers and technologies. Microsoft Enterprise Resource Planning Management Agent for SAP® Identity Lifecycle Manager 2007 ERP Management Agent for SAP® helps you synchronize identity information, easily provision and deprovision accounts and identity information and also provides password management capabilities for SAP® systems. IEEE 802.11 Wireless LAN Security with Microsoft Windows Wireless network access requires authentication, encryption, and data integrity to protect wireless networks from eavesdroppers and malicious users. Events/WebCasts Microsoft Security Webcast Series: Upcoming and On-Demand Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910 Find security webcasts listed in an easy-to-use calendar format. Upcoming Security Webcasts http://www.microsoft.com/events/security/upcoming.mspx Register for the following Webcasts on the link above TechNet Webcast: Security Enhancements in SQL Server 2008 (Level 300) Tuesday, February 5, 2008 11:30 A.M.-12:30 P.M. Pacific Time TechNet Webcast: Forefront Client Security Series: A Technical Overview of Forefront Client Security (Level 200) Wednesday, February 6, 2008 9:30 A.M.-11:00 A.M. Pacific Time TechNet Webcast: Forefront Client Security Series: Deploying Forefront Client Security (Part 1 of 2) (Level 200) Friday, February 8, 2008 9:30 A.M.-11:00 A.M. Pacific Time TechNet Webcast: Forefront Client Security Series: Deploying Forefront Client Security (Part 2 of 2) (Level 200) Wednesday, February 13, 2008 9:30 A.M.-11:00 A.M. Pacific Time TechNet Webcast: Information About Microsoft February Security Bulletins (Level 200) Wednesday, February 13, 2008 11:00 A.M.-12:00 P.M. Pacific Time TechNet Webcast: Forefront Client Security Series: Deploying Forefront Client Security in Large Enterprises (Level 200) Friday, February 15, 2008 9:30 A.M.-11:00 A.M. Pacific Time IT Manager Webcast: Dynamic IT and Security (Part 3 of 5): Network and Edge Protection (Level 100) Tuesday, February 19, 2008 11:00 A.M.-12:00 P.M. Pacific Time TechNet Webcast: Forefront Client Security Series: Troubleshooting Forefront Client Security in Large Enterprises (Level 200) Friday, February 22, 2008 9:30 A.M.-11:00 A.M. Pacific Time TechNet Webcast: Windows Network Policy Server Fundamentals (Level 300) Monday, February 25, 2008 11:30 A.M.-1:00 P.M. Pacific Time On-Demand Security Webcasts http://www.microsoft.com/events/security/ondemand.mspx |