Download - A First Look at Windows 7
Learn iT! Technology Kickoff 2009
A First Look at Windows 7
Learn iT! Technology Kickoff 2009
Jennelle [email protected]
Learn iT! Technology Kickoff 2009
System Requirements• The Basics
– 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor – 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit) – 16 GB available hard disk space (32-bit) or 20 GB (64-bit) – DirectX 9 graphics device with WDDM 1.0 or higher driver – The average netbook meets these requirements.
• Extras– BitLocker requires Trusted Platform Module (TPM) 1.2 – BitLocker To Go requires a USB flash drive – Windows XP Mode requires an additional 1 GB of RAM, an additional
15 GB of available hard disk space, and a processor capable of hardware virtualization with Intel VT or AMD-V turned on
Learn iT! Technology Kickoff 2009
Windows 7 Versions• Starter
– No Aero, No 64-bit
• Home Basic– Emerging markets
only
• Home Premium– Areo, Media Center
and Touch
• Professional– No DirectAccess,
BranchCache or Bitlocker
• Enterprise– Supports all features,
volume licensing only
• Ultimate– Supports all features
Learn iT! Technology Kickoff 2009
Learn iT! Technology Kickoff 2009
Productivity and Reliability• New Aero Features• Libraries• Instant Search• XP Mode• Performance and System Improvements
– Action Center– Backup and Restore– Problem Step Recorder– Reliability Monitor
Learn iT! Technology Kickoff 2009
Aero Features - The Mouse Got Better• Peek
– move your mouse over the little transparent rectangle in the lower right corner of your screen—and watch open windows instantly turn transparent, revealing all your hidden icons and gadgets.
• Shake– Click a window, hold down, and give your
mouse a shake. Every open window except that one instantly disappears. Jiggle again—and your windows are back.
• Snap– Size and arrange windows by simply
dragging their borders to the edges of your screen. Expand to full screen and back, or arrange two windows side by side.
Learn iT! Technology Kickoff 2009
Libraries – A Place for Everything• Consolidates files
stored in multiple areas
• Starts with pre-created ones for documents, music, pictures and videos.
• Quick and easy way to collect all your files in one area for viewing and backup
Learn iT! Technology Kickoff 2009
Instant Search – Faster, More Accessible• Searches for file names,
properties or text within files, and searches external hard drives, networked computers and libraries
• Can search directly from the start menu
• Results are grouped by category
Learn iT! Technology Kickoff 2009
XP Mode – More Compatibility• Install applications on virtual
Windows XP and run them on Windows 7 (transparent to the user)
• Windows XP Mode requires Virtual PC and comes as a separate download and works only with Windows 7 Professional and Ultimate.
• CPU must support virtualization• XP Mode machine can be joined to
a domain for better control, but MED-V allows for more control for larger enterprises.
Learn iT! Technology Kickoff 2009
Performance Improvements• Sleep
– Windows 7 is designed to sleep, resume, and reconnect to your wireless network more quickly.
• Search– Search results pop up faster. Sorting and grouping of search results is also
significantly quicker.• USB devices
– When you plug in a portable flash drive or other USB device for the first time, Windows 7 can have it ready for you in seconds. If you've used it before, the wait's even shorter.
• Leaner and less busy – Windows 7 is designed to run speed-sapping background services (like
Bluetooth) only when you need them. – Less memory hungry than Windows Vista, which can boost boost overall
performance.
Learn iT! Technology Kickoff 2009
Backup and System Restore• Backup and Restore your Data
– Let Windows choose what to back up, or pick individual folders, libraries, or drives.
– You can back up files to another drive, your network, or a DVD. Backup and Restore for your personal PC and attached DVD or external hard drives comes with all editions of Windows.
– If you want to backup to a network location, network attached storage, or another computer on your network, you'll need Windows 7 Professional or Ultimate.
• System Restore for OS Files and Settings– You can create more system restore
points and see exactly what files will be removed or added when your PC is restored.
Learn iT! Technology Kickoff 2009
Problem Step Recorder• Solving problems unique to a machine can be an arduous task
for both the end-user and the help desk • The Problem Steps Recorder is a screen-capture tool that
allows the end-user to record the problems they’re having step-by-step
• The program is accessible from the Control Panel under “Record steps to reproduce a problem” or run psr.exe from Explorer
Learn iT! Technology Kickoff 2009
Action Center• Action Center gives you
one place to go to address system notifications and tasks.
• If Windows wants your attention, the Action Center icon appears in the taskbar. Click it and you'll see alerts and suggested fixes for any problems.
Learn iT! Technology Kickoff 2009
Reliability Monitor• Measures the hardware and software
problems and other failures in the system
• Tracks 5 kinds of issues: Software uninstalls, application failures, hardware failures, Windows failures, and other miscellaneous failures
• Calculates the stability index of your system and specifies results in the range from 1-10
• Trending - an application failure will make , for the score will go down. The score will slowly rise after successive days with no issues.
Learn iT! Technology Kickoff 2009
Fundamentally Secure Platform
Protect Users & Infrastructure
Windows Vista FoundationUser Account ControlEnhanced Auditing
Securing Anywhere
Access
Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable.
Protect Data from Unauthorized
Viewing
Network SecurityNetwork Access ProtectionDirectAccessTM
AppLockerTM
Internet Explorer 8Data Recovery
RMSEFSBitLockerTM
Learn iT! Technology Kickoff 2009
User Account Control• Introduced in Windows Vista and improved in
Windows 7- helps to avoid the need or desire to run everything as an Administrator.
• Separated standard user privileges and tasks from those that require Administrator access
• Increases security by enabling Administrators to make Standard User the default user account for everyday use
Learn iT! Technology Kickoff 2009
Windows 7 Reduces “Prompt Fatigue”• Users express frustration with UAC prompts with Vista
– How many is too many?– Because there were none in XP, some would say that “any” is “too many”
• User habits: user needs to get used to some operations requiring privilege. – For any given UAC prompt, ask yourself “Would it be ok if malware silently did
this to me?”– Windows 7 reduces the number of OS applications and tasks that require
elevation– Windows 7 also reduces the number of prompts and provides 4 levels to
adjust prompting behavior• Applications: need to stop using privilege unless truly necessary
– File and registry virtualization helps applications that are not UAC compliant
Learn iT! Technology Kickoff 2009
User Account Control
Streamlined UACStreamlined UAC
User provides explicit consent before using elevated privilegeDisabling UAC removes protections, not just consent prompt
ChallengesChallenges
Users can do even more as astandard userAdministrators will see fewer UAC Elevation Prompts
Customer ValueCustomer Value
Reduce the number of OSapplications and tasks thatrequire elevationRefactor applications into elevated/non-elevated piecesFlexible prompt behavior for administrators
System works for Standard UserAll users, including administrators, run as Standard User by defaultAdministrators use full privilege only for administrative tasks or applications
Learn iT! Technology Kickoff 2009
Security Enhancement - AppLocker
Eliminate unwanted/unknown applications in your networkEnforce application standardization within your organizationEasily create and manage flexible rules using Group Policy
AppLockerTM
Users can install and run non-standard applicationsEven standard users can install some types of softwareUnauthorized applications may:
Introduce malwareIncrease helpdesk callsReduce user productivityUndermine compliance efforts
Learn iT! Technology Kickoff 2009
AppLocker Features• Easy way to allow the programs you want and block the rest.• Has more options than Software Restriction Policies which
blocked software based on hashes or executable names.• Rule creation tools & wizard which can automatically create
rules based on software already installed.– Simple Rule Structure: Allow, Exception & Deny– Publisher Rules: Product Publisher, Name, Filename & Version– Multiple Policies - Executables, installers, scripts & DLLs
• Audit only mode
Learn iT! Technology Kickoff 2009
Using Simple Rules• Allow
– Limit execution to “known good” and block everything else
• Deny– Deny “known bad” and allow
execution of everything else
• Exception– Exclude files from allow/deny
rule that would normally be included
““Allow all versions greater than 12 of the Office Suite to run if it is Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft EXCEPT Microsoft Access.”signed by the software publisher Microsoft EXCEPT Microsoft Access.”
Learn iT! Technology Kickoff 2009
Using Publisher Rules• Rules based upon
application digital signatures
• Can specify application attributes
• Allow for rules that survive application updates
““Allow all versions greater than 12 of the Office Suite to run if it is Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft.”signed by the software publisher Microsoft.”
Learn iT! Technology Kickoff 2009
Multiple Rule Types• Rule Types
– Executable– Installer– Script– DLL
• Allows construction of rules beyond executable only solutions
• Provides greater flexibility and enhanced protection
““Allow users to install updates for Office as long as it is Allow users to install updates for Office as long as it is signed by Microsoft and is for version 12.*”signed by Microsoft and is for version 12.*”
Learn iT! Technology Kickoff 2009
Rules Targeted by Users• Rules can be associated
with any user or group• Provides granular control
of specific applications• Supports compliance by
enforcing who can run specific applications
““Allow users in the Finance Department to run…”Allow users in the Finance Department to run…”
Learn iT! Technology Kickoff 2009
BitLocker and BitLocker-to-Go• Available in Ultimate and
Enterprise versions• Encrypts the entire disk drive,
even non-boot partitions• Doesn’t require the creation of a
special partition like Vista, Windows 7 does that automatically at setup
• BitLocker-to-Go encrypts removable storage devices like USB flash drives and external hard drives.
• Create group policies to mandate the use of encryption and block unencrypted drives
Learn iT! Technology Kickoff 2009
Evolving Needs for Remote WorkersMobile & Remote Work-Force Mobile & Remote Work-Force needs:needs:
• Work anywhere• Fast access• Same experience inside and outside the
officeIT Professional needs:IT Professional needs:• Secure and flexible infrastructure for
“work anywhere”• Reduce costs• Easy to service mobile PCs and distribute
updates and polices
Learn iT! Technology Kickoff 2009
Remote Access for Mobile WorkersSituation TodaySituation Today
• Corporate network boundary includes managed assets no matter where they are on the Internet
• Easy to service mobile PCs and distribute updates and polices
• New network paradigm increases mobile user productivity by providing same experience inside & outsidethe office
• Challenging for IT to manage, update, patch mobile PCs while disconnected from company network
• Difficult for users to access corporate resources from outside the office
HomeOffice Home Office
DirectAccessWindows 7 SolutionWindows 7 Solution
Learn iT! Technology Kickoff 2009
Even Better with Server 2008 R2 -DirectAccess • The DirectAccess Setup wizard uses these Group Policy
settings to configure DirectAccess clients with the DirectAccess server.
• DirectAccess leverages end-to-end global IPv6 addressing and connectivity to transparently connect remote computers to an intranet as if they were connected with an Ethernet cable.
• DirectAccess clients running Windows 7 automatically create a protected and tunneled IPv6 connection to a DirectAccess server running Windows Server 2008 R2 whenever a client determines it is on the Internet.
Learn iT! Technology Kickoff 2009
Direct Access Components
• Runs on Windows 7• Domain-joined• Initial configuration
done on Corpnet or over VPN
• Runs on Windows Server 2008 R2
• Sits on network edge• Single box by default• Services can be split
up for scalability• IPv6 infrastructure is
required
ServerServer ClientClient
Learn iT! Technology Kickoff 2009
Questions?
Learn iT! Technology Kickoff 2009
About Jennelle Crothers• Jennelle Crothers is a Sr. Network Administrator for The Conservation &
Liquidation Office. Jennelle migrates, maintains and supports multiple Microsoft AD configurations due to the function of the Conservation & Liquidation Office which is to serve in receivership insolvent insurance companies in the State of California.
• She is actively involved in Pacific IT Professionals (formerly SFNTUG).• Jennelle is a Microsoft Certified Systems Engineer (MCSE): Messaging, a
MCITP: Enterprise Administrator and an MCTS for Virtualization, Windows 7 and Exchange 2007. She graduated from Trenton State College in 1996 with a BS in Education.
• When she is not playing on server equipment she enjoys raising dogs for Guide Dogs for the Blind. She is married to her wonderful husband Dennis and they live together in San Francisco, CA.
Learn iT! Technology Kickoff 2009
Thank you for attending our Technology KickoffWhat’s Next?
Look for us to be in touch next week with links to the following:
• Resources discussed in the presentation• Access to the PowerPoint presentationsComing soon:• Information about webinar presentations for all
the subjects we presented this evening.
Learn iT! Technology Kickoff 2009