As with previous posts, please provide your feedback to the TechEd 2005 planning process with your comments on the "Security" track. If you think theres anything missing here or would like to pick your top three sessions, please feel free to do so! I frankly think we need a stronger ISA session here...do you agree?
There's a few there that look interesting. Hard to narrow it down to three. :-) Given that I'm in Brisbane, and as I understand it, TechEd 2005's on the Gold Coast, I may well try and get down there (emphasis on "try" -- Windows isn't a core platform of mine, so it'll be difficult to get past the boss, I suspect).
Here are the three on my particular shortlist:
<ul><li>Developing with Least Privilege</li>
<li>Enterprise Security Risk Management</li>
<li>Understanding and Fighting Malware: Viruses, Spyware and Rootkits</li></ul>
To be honest, I'm a bit intrigued by an (apparent?) absence of information on integration with/to "alien" platforms, say through Kerberos or similar. I know that with my last job, when I had to do this (Solaris, and separately an Apache server, "integrated" with Active Directory, i.e. taking authentication from AD), it was an interesting task - for all the wrong reasons. Which side of the fence the "fault" laid on is debatable, too, and <b>was</b> hotly debated for some time. ;-)
A strong securing the borders with ISA would be nice as would a "What to do if you think you've been hacked" best practices -no not Fdisk and re-install :-)
1)Network Isolation Using Group Policy and IPsec
2)Secure Remote Access
3)Securing Your Active Directory Deployment: Best Practices
This is a topic that is near and dear to my heart - given that I submitted to present on two ISA server topics and was shot down. :( But the two I was proposing dont even look like they are addressed except in the most general way. These are topics that working engineers I hear from are constantly asking for: Certificate\IPSEC-based VPN configuration end-to-end and using ISA and RRAS Quaratine for incoming VPN connections. Yes, this list is very light on ISA. Also, I live in the US but am writing this from Melbourse! How cool is that?