Building hardware-based security with a Trusted Platform Module (TPM) (http://channel9.msdn.com/Events/BUILD/BUILD2011/HW-462T) – This session describes the changes related to the TPM support, including the ability of BitLocker to validate device drivers and an early-launch antivirus before unlocking the volume, network unlock of BitLocker (no PIN required while in a trusted network) , support for a virtual smartcard, and (finally) the use of TPM for DirectAccess client authentication like we have internally today.

Using claims-based access control for compliance and information governance (http://channel9.msdn.com/Events/BUILD/BUILD2011/SAC-422T) – Detailed overview of the new Dynamic Access Control model that introduces users and device (!) claims into our authentication and authorization model. This allows you to do things like define an ACL that says “only MEA employees connecting from MSIT-managed machines can access this file share”. The session also describes how W8 incorporates claims into the auditing model. Very impressive session.

Building security auditing solutions for compliance and forensic analysis  (http://channel9.msdn.com/Events/BUILD/BUILD2011/SAC-425T) – Expands the SAC422 session above to cover the new claims-based auditing framework, called “Flexible Audit”. Nice demo of the integration of Windows 8 with HP ArcSight,a leading security information and event management solution.

Enabling the hybrid cloud using remote access appliances (http://channel9.msdn.com/Events/BUILD/BUILD2011/SAC-668T) – Demonstrates the new DirectAccess, now with the ability to connect to multiple independent sites. E.g. a client could connect to its corporate network, to a private cloud and to a public cloud at a single click. Not many details as it was a L200 session, but this flexibility hints at major changes in the DirectAccess architecture. Strong emphasis also on how easy it is now to deploy DA and the focus on appliances.