1 / 16

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007. Harvard Townsend Interim University IT Security Officer harv@k-state.edu 532-2985 College Court 114. Agenda. Vista versions – their features and availability Security features Trend Micro and Vista

Patman
Download Presentation

Microsoft Windows Vista SIRT Roundtable Discussion January 12, 2007

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Microsoft Windows VistaSIRT Roundtable DiscussionJanuary 12, 2007 Harvard Townsend Interim University IT Security Officer harv@k-state.edu 532-2985 College Court 114

  2. Agenda • Vista versions – their features and availability • Security features • Trend Micro and Vista • SIRT recommendations for deployment • Microsoft seminar Feb. 6 in Union 212 • Other issues • Q&A Windows Vista

  3. Versions http://www.microsoft.com/windowsvista/getready/editions/default.mspx • Starter – not available in US • Home Basic – limited functionality • Home Premium – minimum for K-State home use • Business – minimum for K-State computers • Ultimate – $$$ (business+multimedia tools) • Enterprise – not available retail; volume license customers with Software Assurance only) Windows Vista

  4. Availability • Developers – available now; could order Business version from SHI since November • Retail consumers (i.e., ship with new Dell, etc. computers) – January 30 • Can pre-order from SHI now (and amazon.com) • Dell, Gateway, HP offer Vista “Express Upgrade” with new computer purchase (usually only a shipping fee added) until March 15 • Union Computer Store doesn’t know pricing yet or when it will be available Windows Vista

  5. Vista Security • “SD3” – security by design, default, and deployment • Is more secure, but… • Vulnerabilities already identified (selling for $50K) • Still susceptible to social engineering, “stupid user” attacks (click-happy users) • Extent of damage can be limited with “User Account Control” (UAC) • Users don’t have admin control by default • Can perform common tasks w/o admin rights • Administrator Approval Mode prompts user before performing admin task like installing software • Many control settings (is good, but more complicated) • Some applications may break with UAC Windows Vista

  6. Other Vista Security Features • Windows Defender built in • Real-time spyware protection • Updates managed by WSUS or Windows Update • Prompts user if a program tries to modify a protected area of the Vista kernel (“PatchGuard” locks kernel) • SIRT will re-evaluate Spybot recommendation • Windows Firewall • Filters both inbound and outbound traffic • Different rulesets depending on type of network connection • Windows Security Center more user oriented and comprehensive Windows Vista

  7. Other Vista Security Features • Malicious Software Removal Tool • cleans up malware missed by antivirus software • New version monthly via WSUS, Windows Update • Similar to Trend OfficeScan Damage Cleanup Services • Software Restriction Policies • Control environment in which applications can operate • Similar to Windows XP Pro • Internet Explorer 7 security features • Group Policies easier to work with, but voluminous Windows Vista

  8. Other Vista Security Features • BitLocker • Encrypts entire Windows volume (but leaves system volume unencrypted) • Cannot boot Linux and look at Windows files • Prompts for PIN or uses USB token at boot-up • Can store encryption keys and protect integrity of boot code with TPM chip • Don’t lose your PIN or USB key! • Affects performance of the computer • Only in Ultimate and Enterprise versions Windows Vista

  9. Other Vista Security Features • Encrypting File System (EFS) • Encrypt individual files and/or folders • Can store decryption key on smartcard • Can generate recovery key • If use with BitLocker, EFS keys protected (hacker can’t get password hash to try brute force cracking) • Can encrypt multiple drives and network shares • Available in Business, Ultimate, and Enterprise versions Windows Vista

  10. Other Vista Security Features • Rights Management Services • Protect info in transit (e-mail, docs, web content) • Requires a server • Application has to be RMS-compatible • Device Control • Prevent users from installing certain devices, like USB flash drive or other removable storage • Can turn off AutoPlay or AutoRun Windows Vista

  11. Vista Security • Windows Vista Security Guide: http://www.microsoft.com/technet/windowsvista/security/guide.mspx • VERY useful document – get it, study it • Chapters on: • Implementing the Security Baseline (Group Policy) • Protecting Against Malware (UAC, Defender, Firewall, Security Center, Malicious Software Removal Tool) • Protecting Sensitive Data (BitLocker, EFS, Rights Mgmt, Device Control) Windows Vista

  12. Trend Micro • Still need AV software with Vista • No OfficeScan client for Vista yet • Current version = 7.3 • Vista-compatible version = 8.0 • Expected Q207 (April-June?) • Cannot run Windows without antivirus/security software Windows Vista

  13. SIRT Recommendations • Hold off on deployment until Trend Micro releases a compatible OfficeScan client • Use Business version or better for campus computers • Use Home Premium or better for personal computers brought to campus • Consider implementation plan carefully • Test all applications thoroughly • Don’t be in any hurry Windows Vista

  14. Microsoft Visit • At K-State Feb. 6, Union 212 • Two sessions: • 10-11:30 A.M. – general overview of Vista and IE7, general Q&A • 1:30-3:30 P.M. – technical details, licensing, security, in-depth Q&A • Will be announced in IT Tuesday and sirt-contacts mailing list Windows Vista

  15. Other Issues • License downgrade? Are probably some options, but unsure of details at this time • Can buy XP Pro for another year • License activation under Volume License Agreements http://www.microsoft.com/technet/windowsvista/plan/volact.mspx • Samba broken with default Vista configuration • Other applications reported to have problems – test! • New user interface – will be challenging transition for some Windows Vista

  16. Q&A? Windows Vista

More Related