Download - Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features
![Page 1: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/1.jpg)
Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features
Marcus Murray & Hasain AlshakartiTruesec Security Team, MVP-Enterprise Security x2
![Page 2: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/2.jpg)
Marcus Murray Hasain Alshakarti
![Page 3: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/3.jpg)
So.. What are the new security features in Windows 8 & Server 2012?
![Page 4: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/4.jpg)
Secure boot/Measured boot/Early Malware detection
Client
User
Web rv
Attacker
![Page 5: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/5.jpg)
Bitlocker enhancement
• Enhancements:– Bitlocker Network unlock – New protectors
Client
User
This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware.
• For NKP, the win8 client should be using UEFI 2.3.1BitLocker Network Unlock has the following software and hardware requirements that must be met before you can use it:Client computer requirements
• A DHCP driver that is implemented in the UEFI firmware• Trusted Platform Module (TPM) 1.2 or TPM 2.0• BitLocker enabled on the operating system volume
Windows Deployment Services server requirements• BitLocker Network Unlock feature installed (only available in windows server 2012)• 2,048-bit RSA public/private key pair X.509 certificate present in FVENKP certificate store
Domain controller requirements• Copy of the BitLocker Network Unlock Certificate from the Windows Deployment Services server on the domain
controller to set Group Policy settings for Network Unlock. (2012 server
![Page 6: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/6.jpg)
Virtual smartcard
Client
User
Web Srv
Attacker
![Page 7: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/7.jpg)
Claims
Client
User
Web Srv
AttackerClient
User
![Page 8: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/8.jpg)
Dynamic access control
![Page 9: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/9.jpg)
Data classification
Required Clearance:Restricted Confidentiality:High
Secret stuff.doc Project X.doc Public statement.doc
Required Clearance:Internal Use
Confidentiality:Moderate
Required Clearance:Public Confidentiality:Low
http://www.microsoft.com/en-us/download/details.aspx?id=27123
![Page 10: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/10.jpg)
Dnssec
Client
User
Web Srv
AttackerClient
User
![Page 11: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/11.jpg)
Unified Remote access
Client
User
Web Srv
AttackerClient
User
![Page 12: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/12.jpg)
Powershell remoting
Client
User
Web Srv
AttackerClient
User
![Page 13: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/13.jpg)
FGPP Ui
![Page 14: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/14.jpg)
Improved Security Audit
• Advanced Security Audit Policy Step-by-Step Guide
<http://technet.microsoft.com/en-us/library/dd408940(v=ws.10).aspx>
Client
User
Web Srv
AttackerClient
User
![Page 15: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/15.jpg)
![Page 16: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/16.jpg)
Marcus Murray Hasain Alshakarti
![Page 17: Securing a Windows Infrastructure using Windows Server 2012 & Windows 8 Built-in features](https://reader036.vdocument.in/reader036/viewer/2022070321/558fca811a28abfd388b45b7/html5/thumbnails/17.jpg)
Thank you for listening!