Sally Storey, Senior Consultant, Kimberry Associates
In this session we step back from the infrastructure and provide a methodology for classifying your business requirements and identifying business assets. Armed with this knowledge you can create a threat model and categorize risks. You will learn how to create a design that will truly support your organization. Topics covered include: Identifying business assets; Threat modeling; Security policy and response planning; Patch management and compliance testing; Least privileged access.
Network connectivity is the life blood of your infrastructure but the TCP/IP stack, listening services and applications provide many entry points through which systems can be discovered and attacked. In this session we show you how to assess your systems through the use of network scanners, provide maximum protection through the use of host based firewalls and implement IPSec. Topics covered include: Firewall configurations, troubleshooting connectivity; Identifying protocol and port requirements; Network scanners and monitors; Deploying IPSec for domain and server isolation
Building rules, filters and filter actions
Server and workstation security is normally managed through the use of group policy, but what are the options? In this session you will learn about best practice solutions for lockdown. We will also show you how to manage security templates, use the Security Configuration Wizard and implement Software Restriction Policies. Topics covered include: Managing server roles and lockdown policies; Using security templates; The Security Configuration Wizard; Delegating group policy management; Creating Software Restriction Policies (SRP)
In this session we look at the key Vista security enhancements that impact our overall look at end-to end security framework. We explore User Account Control and the Secure Desktop. Examine how Vista can virtualize file and registry access and how solutions can be provided for Windows XP. You will learn about new core features including the enhanced stack, firewall and group policy. Topics covered include: Core security and networking enhancements; User Account Control (UAC); Application compatibility; Vista group policy; Network Access Protection (NAP)
List of all links to End to End Infrastructure Security Sessions: