August, 2009

  • Chopsticks Replay – Do you have the skills, techniques, technology to secure your environment?

     

    clip_image001

    Attacks Trend & Techniques

    What are the current Trends and Techniques used by hackers ?

     

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=447

       
    clip_image002

    Oh no, we’ve been hacked, now what? Developing an incident response process

    Sooner or later, the unimaginable becomes the inevitable: your information security will get breached and your systems will get attacked. It might be a mild brief denial of service or a full-on concerted effort to wipe you off the Internet, but it will happen. There’s only one real question you need to answer: are you ready? Do you have the skills, techniques, tools, and organization to respond and recover? Fact is, most of us fail to plan for such a fateful day—leading to panic, indecision, and mistakes. Our jobs as defenders of information fall into three overarching categories of protection, detection, reaction. Mobilizing an organized team with a well-designed and tested reaction plan is the only effective way to recover from the attack and quickly return to business as usual. Steve Riley will show you how to build such a team and how to prepare it for success.

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=450

       
    clip_image003

    It’s 11:00 PM, do you know where your data is?

    Long gone are the days when you knew your data was safe because it resided only in your data center. The explosive proliferation of laptops, notebooks, handheld computers, smartphones, removable drives, and Internet file storage demands that we rethink how we protect information. Because it's the information the bad guys are after, and because the information flows so freely from device to device, our obligation is to protect the information. People want to work wherever they can find a computer and an Internet connection. How can you make this work? Steve Riley will consider strategies and explore technologies to help you solve a number of thorny problems: how to classify mobile data, how to keep track of where it is, and how to control its movement.

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=448

       
    clip_image004

    The fortified data center in your future: Build it now and they will come

    Relax for a moment. Let your mind wander to thoughts of your corporate network—with its myriad authentication schemes, its haphazard collection of client computers in various states of (non)conformance, its proliferation of access methods, its data centers with too many ways in and out. Feel like you want to just burn it all down and start over? Well, perhaps you should—and when you do, you can implement something that’s simpler, more secure, well managed, and less expensive. Over the years, Steve Riley has hinted at this idea, advocating the demise of the traditional corporate network, with its no longer useful distinction between “inside” and “outside.” Instead, organizations should move toward using the Internet as their infrastructure, where all clients and a physically and electronically fortified data center live “live on the ‘net.” The question, then, is how to build this data center? Effective security and management are absolutely essential to realize this vision. Steve will show how combining the Microsoft ForeFront family of security products with the System Center family of management solutions provides the necessary foundation for building your data center of the future—today. Don’t delay, because your business competitors are already doing it

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=449

     

       

     

    Related Learning Resources

    "Stirling" Walkthroughs

    The "Stirling" Walkthroughs demonstrate specific "Stirling" technologies. Each walkthrough guides you through a specific scenario that you can recreate in your lab environment.

    Protecting Assets From Malware

    In this walkthrough, you create "Stirling" groups and "Stirling" policies. You then deploy "Stirling" policies to configure the Forefront Client Security agent on the assets. After verifying the result of the policies on the assets, you then view the result of the policy on the "Stirling" Dashboard. Finally, using sample malware, you test the Client Security agent on the asset and view the result on the "Stirling" Dashboard.

    Integrating with Windows Firewall

    In this walkthrough, you create Windows Firewall policies in the "Stirling" console, and then deploy them to your assets. After verifying the results on the assets, you then view the results of the policy on the "Stirling" Dashboard. Finally, using a sample application that receives communication from the network, you test the Windows Firewall policy.

    Using Security State Assessments

    In this walkthrough, you create "Stirling" Security State Assessment (SSA) policies in the "Stirling" console, and then deploy them to your assets. After verifying the results on the assets, you then view the results of the policy on the "Stirling" Dashboard. To see a configuration problem display on the Dashboard, you implement a noncompliant Windows Internet Explorer setting, run a manual SSA scan, and then view those results on the Dashboard.

    Performing Remediation

    In this walkthrough, you first create and test "Stirling" policies that automatically remediate security configuration problems. Finally, you edit "Stirling" policies and test manual remediation of security configuration problems.

    Automating Security Responses

    This walkthrough introduces assessments and response. In this walkthrough, you create an additional group for servers, and you create and configure both manual and automatic security response policies for the desktops and the servers. You then deploy the policies and test the policies with sample malware.

     

    Forefront codename "Stirling" Demo

    Watch this online demo to learn how Forefront codename "Stirling" is an integrated security suite that delivers comprehensive protection across endpoint, servers and the edge that is easier to manage and control.


    Learning Path for Security: Simplifying Security Infrastructure with Microsoft Forefront

    Learn about security solutions for the client operating system, application servers, and the network edge. Find out more about Forefront Client Security, Forefront Security for Exchange Server, Forefront Security for SharePoint, Internet and Acceleration (ISA) Server 2006, and Intelligent Application Gateway 2007

     

    Forefront Virtual Labs

  • Try out the features of ISA Server 2006 in these virtual labs. You can also experiment with ISA Server advanced application-layer firewall, VPN, and Web cache solution, and learn more about securing Exchange Server with ISA, in the ISA 2004 virtual labs. Or try the Forefront Edge Security and Access lab to learn about remote access with Intelligent Application Gateway 2007 and Internet access protection with ISA Server 2006.

  • TechNet Chopsticks Replay: WinSec and IT-Talks UG in the spotlight

    In this post I wanted to put the Belgian WinSec and IT-Talks UG in the spotlight.

    IT - Talks

       WinSec

     

    Now that you know more about what this UG is all about let’s replay some of their Chopsticks:

    image Exploring TMG LLQ logging feature

    TMG is the followup firewall product for ISA server from Microsoft. An integral part of each secure firewall device is logging. During this webcast we'll deepdive into the new LLQ logging feature available in TMG beta3 illustrating how it works, how to configure it and what the importance of this new featureis for the TMG and network security.


    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=1334
       
    image What’s new in Forefront TMG

    During this session we will look at what’s new in the upcoming release of Microsoft's firewall solution now called Forefront Threat Management Gateway.


    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=1330
       
    image

    Forefront Identity Manager 2010 (Dutch)

    Lately there has been a lot of news and lots changes concerning MS Identity Lifecycle Manager. In a short presentation and in a practical, interactive, demo we will show you around, guided by some practical scenarios.
    What has changed since MIIS 2003 and ILM 2007? What are the new ILM components? Which resources are available to get started? How to implement out-of-the box scenarios?


    Part I

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=1179

    Part II

    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=1180

    image Forefront Threat Management Gateway: Malware inspection

    During this demo we drilldown into the TMG malware inspection feature. We will look at how to configure the definition download, the engine behind malware inspection, rule configuration, client experience and monitoring of malware inspection.


    http://www.microsoft.com/belux/technet/nl/chopsticks/default.aspx?id=767
  • Windows XP Mode RC now available

    Windows XP mode has been designed for small and medium sized businesses and will ease the migration towards Windows 7. There are still quite some older applications on the market that are not completely compatible with Windows 7. Most of the applications that runs well in Windows Vista will run well on Windows 7. For those applications that don’t work well you can use Windows XP mode. Windows XP mode will come with a pre-defined Windows XP Service Pack 3  virtual machine. On this VM you install your applications that have compatibility issues. Virtual PC for Windows 7 allows you to autopublish the installed applications onto your Windows 7 machine. From here you can that start the (XP) applications embedded into your Windows 7 machine.

    For customers that manage several Windows PCs running Windows XP Mode and want to simplify management tasks, we offer Microsoft Enterprise Desktop Virtualization (MED-V) as part of the Microsoft Desktop Optimization Pack.


    New Features in Windows XP Mode RC

    Based on feedback from the Windows XP Mode beta, we’ve made several improvements to the usability of Windows XP Mode for small and medium-sized business users:

    • You can now attach USB devices to Windows XP Mode applications directly from the Windows 7 task-bar. This means your USB devices, such as printers and flash drives, are available to applications running in Windows XP Mode, without the need to go into full screen mode.
    • You can now access Windows XP Mode applications with a “jump-list”. Right click on the Windows XP Mode applications from the Windows 7 task bar to select and open most recently used files.
    • You now have the flexibility of customizing where Windows XP Mode differencing disk files are stored.
    • You can now disable drive sharing between Windows XP Mode and Windows 7 if you do not need that feature.
    • The initial setup now includes a new user tutorial about how to use Windows XP Mode.

    Please note: Windows XP Mode RC requires RC or RTM version of Windows 7 Professional, Ultimate or Enterprise. It also requires additional 1 GB of RAM, 15 GB of available disk space, and processor capable of hardware virtualization with AMD-V or Intel VT turned on in the BIOS.

    Read More about this announcement

    Download Windows XP mode RC