Anywhere Access: Enabling More Secure Business in a Public World http://go.microsoft.com/?linkid=7753667
Today's business leaders are putting a premium on providing "anywhere access," where employees, partners, and customers can securely share and access critical business information from any device and any location, on or off the network. Read the Yankee Group report on the trend toward "anywhere access" and learn how solutions from Microsoft can help realize this vision through increases in agility, productivity, and end-to-end data protection.
New Study on Data Protection and Role Collaboration Within Organizations http://go.microsoft.com/?linkid=7753668
This new study sponsored by Microsoft and conducted by the Ponemon Institute examines the perceptions of three different groups of information stakeholders on how privacy and data protection risks are being managed in their organizations. The study is based on survey results collected in September 2007 from a highly experienced group of information security, privacy/compliance, and marketing executives from the public and private sectors.
Microsoft Security Intelligence Report, Volume 3 http://go.microsoft.com/?linkid=7753669
The Microsoft Security Intelligence Report provides an in-depth view of recent trends that Microsoft has seen in software vulnerability disclosures, in malicious software, and in potentially unwanted software like spyware, adware, and the like. In the newest version of the report, which focuses on the trends observed in the first half of 2007, a new section on software vulnerability exploits has been added. Download a key findings summary, access the full report, and participate in related webcasts today.
MSDN Magazine: The Annual Security Issue http://go.microsoft.com/?linkid=7753670
A "can't miss" for developers, this year's issue starts out with Michael Howard's discussion of some practical best practices he has learned over the past five years in building secure software at Microsoft. Other topics include techniques for integrating security-related activities -- both automated and manual -- more deeply into the existing development life cycle, concrete examples of automated integration, and deep dives into the different conditions that can cause your applications to fail and how each of those conditions may additionally create security vulnerabilities.
Security Watch: Windows BitLocker Drive Encryption and the Complexities of Trust http://go.microsoft.com/?linkid=7753671
Mobile workers are constantly toting all sorts of confidential information all over the place -- trains and planes, restaurants and hotels, home offices and branch offices. The cost to a company for replacing a laptop is minor compared to the cost of dealing with confidential data that's been compromised. This TechNet Magazine article explores this topic and proposes that this is the security that Windows BitLocker Drive Encryption aims to provide.
Try the New Forefront Server Security Management Console http://go.microsoft.com/?linkid=7844522
The new Microsoft Forefront Server Security Management Console is a Web-based console that centralizes configuration and operation, automates the download and distribution of signature and scan engine updates, and generates comprehensive reports. Trial software is now available in 11 languages.
Try the New Forefront Security for SharePoint with Service Pack 1 Now http://go.microsoft.com/?linkid=7844523
Help protect your Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 collaboration environments with Microsoft Forefront Security for SharePoint with SP1.
Microsoft Security Bulletin Summary for Nov, 2007
Search for previous security bulletins http://go.microsoft.com/?linkid=3992478
Security Bulletin Feed http://go.microsoft.com/?linkid=3992479 RSS http://go.microsoft.com/?linkid=3992480
Security Tip of the Month: Anywhere Access and Mobile Security http://go.microsoft.com/?linkid=7753672
By Chip Vollers, Sr. Product Manager, Microsoft Mobile Communications IT managers are looking for flexible, end-to-end solutions for single-point access of line-of-business applications and company data on mobile devices. These solutions must be designed for efficient control of devices while offering reliable, low-cost, and consistent manageability that works well with an enterprise's existing infrastructure. The following are a few key areas that IT professionals should consider when deploying mobile solutions.
Highly Secure Access Anywhere http://go.microsoft.com/?linkid=7753673
In the Windows Server 2008 operating system, Microsoft greatly enhanced the in-the-box feature set of Terminal Services. This article focuses on the network and security design aspects of an anywhere-access solution, rather than on providing details on managing the Terminal Service components. It describes the methods and best practices for creating an anywhere-access solution based on the technology included with Windows Server 2008.
System Center Mobile Device Manager 2008 Technical Paper http://go.microsoft.com/?linkid=7753674
Learn more about this new comprehensive security and device management solution for Windows Mobile devices, which helps you more easily manage devices within the enterprise and delivers a mobile-optimized virtual private network (VPN) for security-enhanced access to the corporate network.
Authentication Options for Mobile Devices http://go.microsoft.com/?linkid=7753675
This article describes the complexities of authenticating mobile devices in relation to designing secure applications. Topics include Windows authentication, Microsoft Passport Network authentication, forms authentication, and authentication on devices that do not accept cookies.
Data Encryption Toolkit for Mobile PCs http://go.microsoft.com/?linkid=7753676
The Data Encryption Toolkit for Mobile PCs shows you how to effectively use both the Encrypting File System and Windows BitLocker Drive Encryption across your organization. The Toolkit also provides you with software tools and scripts to help you centrally configure, deploy, and manage encryption settings on all your mobile PCs.
Enhancing the Security of a Device http://go.microsoft.com/?linkid=7753677
These MSDN Library articles provide an overview of how to use the security services in Windows Embedded CE to create a device that is more secure.
Deploying Windows Mobile 6 Powered Devices with Microsoft Exchange Server 2007 http://go.microsoft.com/?linkid=7753678
This guide provides best practices and procedures for implementing a mobile messaging system with Windows Mobile 6 powered devices and Microsoft Exchange Server 2007. Topics include Exchange Server 2007, creating a protected communications environment, configuring Microsoft Internet Security and Acceleration (ISA) Server 2006 or a third-party firewall, and mobile device management and configuration.
Step-by-Step Guide to Deploying Windows Mobile Powered Devices with Microsoft Exchange Server 2003 SP2 http://go.microsoft.com/?linkid=7753679
This guide begins by covering the essential elements of a mobile messaging system and then moves on to guidelines and resources for the deployment of a mobile messaging system, including setting up Microsoft ActiveSync technology for mobile access, creating a protected communications environment, and procedures for setting up and managing mobile devices.
Windows Mobile SSL Certificates: Configuring Security-Enhanced Communication on Exchange Server 2003 SP2 or Exchange Server 2007 with Windows Mobile Powered Devices http://go.microsoft.com/?linkid=7753680
This paper describes how trust is established on the Web through certificate authorities, how digital certificates help establish that trust, and how Secure Sockets Layer (SSL) relies on certificates to function.
Exchange Server 2007 Security Guide http://go.microsoft.com/?linkid=7753681
Written for IT administrators who are responsible for securing Exchange Server 2007 deployments, this guide is designed to help IT administrators understand and manage the overall security environment where Exchange Server 2007 is installed.
Configure VPN Remote Access with ISA Server 2006 http://go.microsoft.com/?linkid=7753682
A virtual private network can provide improved connectivity and increased productivity -- and it doesn't need to be difficult to implement and manage. Find out how you can use ISA Server 2006 to address two common VPN scenarios.
Implementation Tips for the Sender ID Framework: Creating Your SPF Record http://go.microsoft.com/?linkid=7753683
Follow this step-by-step guide to create your own Sender of Policy Framework (SPF) record, and receive other valuable tips for implementing the Sender ID Framework. This guide also describes the benefits of authenticated e-mail and of Sender ID implementation for both senders and recipients.
Windows Mobile Device Management and Security Solutions Guide http://go.microsoft.com/?linkid=7753684
Because mobile devices share many of the same characteristics of desktop systems, there is growing interest in management solutions that can provide the same degree of assurance for asset management, inventory, and protection for mobile devices. Microsoft partners offer a wide range of solutions that provide device management and security functionality for Windows Mobile powered devices. This guide describes and categorizes these solutions.
Exchange 2007 Transport Permissions Model http://go.microsoft.com/?linkid=7753685
This topic provides detailed information about the Microsoft Exchange Server 2007 transport permissions model as well as details about Transport Layer Security (TLS), domain security, and externally-secured authentication in Exchange 2007.
Microsoft Identity Lifecycle Manager 2007 Feature Pack 1 Evaluation Edition
Microsoft® Identity Lifecycle Manager (ILM) 2007 Feature Pack 1 (FP1) brings together smart card, certificate management, and synchronization, metadirectory, and user provisioning into one solution that works across Windows and other enterprise systems.
Microsoft® Internet Security and Acceleration (ISA) Server 2004 Standard Edition Service Pack 3
ISA Server 2004 Standard Edition Service Pack 3 (SP3) provides the latest updates for ISA Server 2004 Standard Edition.
2007 Microsoft Office Security Guide
The 2007 Microsoft Office Security Guide provides prescriptive Group Policy setting and security configuration recommendations to help strengthen the security of computers running the 2007 Microsoft Office release on computers that run Windows Vista or Windows XP in domain–based environments.
SQL Server 2005 Powers Global Forensic Data Security Tool
Find out how SQL Server 2005 powers a 27 TB data management system called ICE 3.0 that gathers forensic data from more than 85 Microsoft corporate proxy servers into a single database.
System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack
This Configuration Pack helps track common software mis-configurations which might make client computers more vulnerable to attack.
The GPOAccelerator is a script that creates GPOs to deploy security settings for the 2007 Microsoft Office release, Windows Vista, and Windows XP in Active Directory environments.
Windows Live OneCare Family Safety
Help protect your family and computer
Manage the Web sites your children can see and the people your children interact with online.
Sender ID: "Implementation Tips for the Sender ID Framework—Creating Your SPF Record"
The print-ready brochure describes the benefits of authenticated e-mail and of Sender ID implementation to both senders and recipients.
Microsoft Antigen for Exchange with Antigen Spam Manager with SP1 Trial Software
The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.
Executive Summary of the current Security Threats
Join MS executives as they discuss the latest Security Intelligence Report (SIR) and the recent trends Microsoft has seen: software vulnerabilities, malicious software (malware), spyware, and the like. Learn what that means for your business and what actions you should take to protect your business.
Microsoft Antigen for SMTP Gateways with Antigen Spam Manager with SP1
Microsoft Forefront Server Security Management Console Log Purge
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.
Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA including MS04-028, February 2005 bulletins, and future security bulletins that are exceptions to MBSA.
EST 2007 08 August 14 v3 Enterprise Scan Tool (standalone)
Enterprise Update Scan Tool (standalone version) for detecting needed security updates for August 2007 as described in MS07-043, MS07-047, MS07-049, and MS-07-050.
EST 2007 10 October 9 v2 Enterprise Scan Tool (standalone)
Enterprise Update Scan Tool (standalone version) for detecting needed security updates for October 2007 as described in MS07-056.
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64
Microsoft Office Live Meeting Service Security Guide
This guide provides an overview of the security considerations that you should make when you use the Live Meeting service, the Live Meeting security measures available to you, and the procedures for scheduling and conducting secure meetings.
Windows Live OneCare Firewall Repair Tool
This support tool is intended for customers whose OneCare firewall reports that it cannot install a required upgrade or cannot turn on the firewall.
November 2007 Security Releases ISO Image
This DVD5 ISO image file contains the security updates for Windows released on Windows Update on November 13th, 2007.
Microsoft IT Showcase: Information Security at Microsoft Overview
Discover the best practices and processes Microsoft IT uses to secure its network. Provides a brief overview of the many aspects of network security; including some of the technologies used to protect against viruses, unapproved access attempts and malicious attacks. Describes the threat analysis and business reasons why certain practices and procedures were put into action.
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
Register for the following Webcasts on the link above
TechNet Webcast: Internet Security and Acceleration Server 2006 Technical Overview (Level 200)
Wednesday, December 12, 2007 9:30 A.M.-11:00 A.M. Pacific Time
TechNet Webcast: Information About Microsoft December Security Bulletins (Level 200)
Wednesday, December 12, 2007 11:00 A.M.-12:00 P.M. Pacific Time
TechNet Webcast: Prepare Yourself for Windows Server 2008 (Part 6 of 8): Network Access Protection Technical Overview (Level 300)
Friday, December 14, 2007 9:30 A.M.-11:00 A.M. Pacific Time
TechNet Webcast: ISA 2006 Firewall and Proxy Services (Level 200)
Wednesday, December 19, 2007 9:30 A.M.-11:00 A.M. Pacific Time
On-Demand Security Webcasts