|
News
Security
Windows 7 Security Enhancements http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524436&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
By Paul Cooke, Director, Windows Client Enterprise Security, Microsoft Corporation Security is still a top concern for IT professionals. Now that Windows 7 Beta is available, questions regarding what Microsoft has done with the Windows 7 operating system abound. This article covers a few of the key security-related changes and improvements.
Introducing the Microsoft Playbook for Application Architecture http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524437&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Download this guide today and become more effective in building reliable, scalable, and secure applications on the Microsoft platform. Ideal for solution architects and developer leads, this guide provides design-level guidance for integrating security and other quality attributes into the architecture and design of applications built on the .NET Framework. It focuses on the most common types of applications, partitioning application functionality into layers, components, and services, and walks you through their key design characteristics.
Microsoft Forefront Threat Management Gateway Beta 2 Now Available http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524438&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Try the next generation of Microsoft Internet Security & Acceleration (ISA) Server and experience key features that include Web antimalware, HTTPS inspection, and the Network Inspection System.
More detail on this topic is available in the downloads section.
Windows 7: To the Beta and Beyond http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524439&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Watch as Mark Russinovich and a panel of subject matter experts discuss what's in store for IT pros with Windows 7. Learn about the evolution of features like Group Policy, BitLocker To Go, DirectAccess, BranchCache, and AppLocker then get tips on troubleshooting, security, deployment, and application compatibility.
7 Tips for Working Securely from Wireless Hotspots http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11614830&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
We all use wireless hotspots but they all have one thing in common: they are all open networks that are vulnerable to security breaches. In this article, we list seven tips to help you works securely in these public locations.
Interview: Kai Axford talking about Preventing Corporate Espionage http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11482172&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Fast, Free Readiness Assessments for Forefront Client Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11526588&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Download the Microsoft Assessment and Planning (MAP) Toolkit to assess the virus and spyware vulnerability of your client infrastructure, as well as your readiness for implementing Forefront Client Security.
Download New Forefront Security for Office Communications Server Trial http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11612254&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Help protect your instant messaging environment by blocking malware and out-of-policy content in IM conversations and file transfers with Forefront Security for Office Communications Server. The new release supports Office Communications Server 2007 Enterprise and Standard Editions, as well as OCS 2007 R2.
Microsoft Security Bulletin Summary for March, 2009
http://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx
Microsoft Internet Security and Acceleration Server
Internet Security and Acceleration (ISA) Server 2006 is Common Criteria Evaluated
Microsoft Internet Security and Acceleration (ISA) Server 2006 has passed Common Criteria Evaluation Assurance Level 4+ (EAL 4+).
The certification work has been performed by the Federal Office for Information Security (BSI), the Common Criteria certification body of the German government.
http://www.microsoft.com/forefront/edgesecurity/isaserver/en/us/common-criteria.aspx
Microsoft Forefront Threat Management Gateway Beta 2 Now Available!
Try the next generation of Microsoft Internet Security & Acceleration (ISA) Server and experience key features that include Web antimalware, HTTPS inspection and the Network Inspection System.
http://go.microsoft.com/fwlink/?LinkID=141234&clcid=0x409
Forefront Edge Security TechCenter
http://technet.microsoft.com/en-gb/forefront/edgesecurity/default.aspx
Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com
Forefront Edge Security Community
http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx
New Community Contributed Content includes:
Considerations when Renewing Web Listener Certificates on ISA Server 2006
http://technet.microsoft.com/en-gb/library/dd547090.aspx
Another Look at Server Publishing in ISA Server 2006
http://technet.microsoft.com/en-gb/library/dd547089.aspx
Forefront TMG (ISA Server) Product Team Blog
The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:
How to Allow HTTP 301 through ISA Server 2006
http://blogs.technet.com/isablog/archive/2009/03/04/how-to-allow-http-301-through-isa-server-2006.aspx
New Articles at Tales from the Edge
http://blogs.technet.com/isablog/archive/2009/03/06/new-articles-at-tales-from-the-edge.aspx
Internet Security and Acceleration (ISA) Server 2006 is Common Criteria Evaluated
http://blogs.technet.com/isablog/archive/2009/03/07/internet-security-and-acceleration-isa-server-2006-is-common-criteria-evaluated.aspx
It worked for us: honey pot sensor catches malware
http://blogs.technet.com/isablog/archive/2009/03/09/it-worked-for-us-honey-pot-sensor-catches-malware.aspx
Unable to Start Microsoft Firewall Service in ISA Server 2006
http://blogs.technet.com/isablog/archive/2009/03/10/unable-to-start-microsoft-firewall-service-in-isa-server-2006.aspx
Best practices for configuring ISA/TMG to allow SQM data
http://blogs.technet.com/isablog/archive/2009/03/16/best-practices-for-configuring-isa-tmg-to-allow-sqm-data.aspx
SQL Server 2005 Express Edition Service Pack 3 fails to install on a TMG machine
http://blogs.technet.com/isablog/archive/2009/03/16/sql-server-2005-express-edition-service-pack-3-fails-to-install-on-a-tmg-machine.aspx
Clients receives error 691 trying to connect to ISA Server 2006 as VPN Server
http://blogs.technet.com/isablog/archive/2009/03/19/clients-receives-error-691-trying-to-connect-to-isa-server-2006-as-vpn-server.aspx
MS09-008 may affect ISA Server or Forefront TMG Deployments
http://blogs.technet.com/isablog/archive/2009/03/30/ms09-008-may-affect-isa-server-or-forefront-tmg-deployments.aspx
Intelligent Application Gateway 2007
Intelligent Application Gateway 2007 Technical Resources
http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687299.aspx
Forefront Edge Security Community
http://technet.microsoft.com/en-gb/forefront/edgesecurity/bb687298.aspx
Intelligent Application Gateway Product Team Blog
The IAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:
Publishing CRM Outlook Client Using IAG SP2
http://blogs.technet.com/edgeaccessblog/archive/2009/03/09/publishing-crm-outlook-client-using-iag-sp2.aspx
Documents
Security Compliance Management Toolkit Series http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524440&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Designed to help you secure and monitor Windows operating systems and the 2007 Microsoft Office system installations, this series marks the next generation of Microsoft security guides. This release includes updated security guides, predefined Group Policy policies, the GPOAccelerator tool, and configuration packs to help you plan, deploy, and monitor your Windows and Office 2007 security baselines.
What's New in Windows 7 for IT Pros http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524441&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
With Windows 7, IT professionals can provide more capabilities and support greater flexibility for their users, while continuing to minimize cost and security risks. Check out short overviews of what’s new in Group Policy, biometrics, smart cards, and more.
Windows 7 Video Walkthrough: BitLocker and BitLocker To Go http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524442&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Learn about enhancements to core BitLocker Drive Encryption functionality and the new BitLocker To Go, which gives system administrators control over how removable storage devices can be used and what strength of protection is required.
Windows 7 Video Walkthrough: AppLocker http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524443&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
AppLocker is a flexible, easily administered mechanism you can use to specify exactly what is allowed to run on user desktops. Learn how you can realize the security, operational, and compliance benefits of application standardization by using AppLocker.
A Day in the Life: Windows Vista Security http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524444&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
In this video, VistaPCGuy Kyle Rosenthal takes you on a journey through the tools that you may use every day as an IT administrator to manage and configure the security of a Windows Vista machine -- tools such as Windows Firewall and Windows Defender.
Downloads
Microsoft Forefront Server Security Management Console Documentation
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ae4ce23b-9e1e-455c-87a4-36167fe43107
Privacy Guidelines for Developing Software Products and Services
This document is a set of privacy guidelines for developing software products and services that are based on our internal guidelines and our experience incorporating privacy into the development process.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f
Update for Root Certificates
This item updates the list of root certificates on your computer to the list that is accepted by Microsoft as part of the Microsoft Root Certificate Program.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f814ec0e-ee7e-435e-99f8-20b44d4531b0
Microsoft Forefront Security for Exchange Server with SP1 Documentation
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5cd4e36e-2dab-44d6-990e-3b8184b1cb1b
Creating a Systemized Approach to Regulatory Compliance at Microsoft
Detailed discussion of some of the processes and tools that the Microsoft Information Technology (Microsoft IT) group currently uses to systemize the approach of supporting regulatory compliance activities at Microsoft.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=89f7b1ec-b04c-4ccc-b133-efaeeb038f41
Data Encryption Toolkit for Mobile PCs
This toolkit is intended to help you secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker) technologies.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=1a99576a-fe67-418f-88b1-81e2055fe977
Microsoft Forefront Security for SharePoint with SP1 Documentation
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=125efb1e-7ff8-4cc8-934a-28fc7c7e59f0
Microsoft Antigen SP1 Documentation
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7d00160e-4d15-4459-98a3-89f393ac008e
IT Showcase: How Microsoft Deployed and Manages Microsoft Forefront Client Security
Microsoft IT details the planning, deployment, and ongoing management of the largest currently deployment of Forefront Client Security with a supported node population of 40,000.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=4664e8b7-5eca-4ea1-ae69-898f9d6503bc
Information Privacy and Data Protection in the Public Sector
A Microsoft perspective on the role of technology in protecting citizens’ privacy and personal information
Public Sector privacy white paper, providing Microsoft's perspective on the role that technology plays in helping public organizations responsibly protect and manage personal information.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=3a43d660-54c3-47b2-810b-92df1ee12a6a
Microsoft Exchange Hosted Filtering Service Level Agreement (SLA)
Exchange Hosted Filtering SLA
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f5714ed7-f14d-499e-b7d9-3365c9008113
Microsoft Security Assessment Tool 4.0
The Microsoft Security Assessment Tool (MSAT) is a risk-assessment application designed to provide information and recommendations about best practices for security within an information technology (IT) infrastructure.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=cd057d9d-86b9-4e35-9733-7acb0b2a3ca1
Microsoft Online Services Sign In
Use this Sign In application to access Microsoft Online Services.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5c2ca866-4107-4ae5-98d5-76bf1b18ff87
Microsoft Online Services Directory Synchronization
Use this tool to synchronize local directory services to Microsoft Online Services.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f536cac9-c0fb-48d1-b22c-378ba92c1c9f
Microsoft Dynamics AX 2009 White Paper: Configuring Kerberos Authentication with Role Centers
How to configure Kerberos authentication for Microsoft SQL Server reporting with Enterprise Portal Role Center pages.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=be720eb3-649a-49ff-b019-a1e4e7af6b47
Microsoft Forefront Server Security Management Console Documentation
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint, and Microsoft Antigen.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ae4ce23b-9e1e-455c-87a4-36167fe43107
Microsoft HealthVault Connection Center Beta 2 for Windows XP
HealthVault Connection Center is free software from Microsoft. You can use it to upload data to HealthVault from health and fitness devices (such as blood pressure monitors, pedometers, glucometers and many others) and the HealthVault Gadget for Windows Sidebar. HealthVault Connection Center connects your device, your computer and your HealthVault record to manage the upload process for you.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=73b45ded-c81c-4505-a1a7-2dd3686e95b1
Microsoft HealthVault Connection Center Beta 2 for Windows Vista
HealthVault Connection Center is free software from Microsoft. You can use it to upload data to HealthVault from health and fitness devices (such as blood pressure monitors, pedometers, glucometers and many others) and the HealthVault Gadget for Windows Sidebar. HealthVault Connection Center connects your device, your computer and your HealthVault record to manage the upload process for you.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a715ffaa-6111-4976-b334-f29bd5d4984d
Security Guidance for Writing and Deploying Silverlight Applications
Provides security guidance when developing and deploying Microsoft Silverlight 2 applications.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7cef15a8-8ae6-48eb-9621-ee35c2547773
Understanding Executable Content in Microsoft Products
Microsoft uses the concept of “unsafe file types” to help better protect users from executable content that an attacker could embed in such files. This document discusses executable file types in certain Microsoft products
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b7d03027-9791-443b-8bbe-0542b3aa4bfe
Microsoft® Forefront Threat Management Gateway (TMG), Medium Business Edition Tools & Software Development Kit
The tools available here provide diagnostics and other feature-related tools, and the software development kit, for Forefront TMG, Medium Business Edition.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=82027864-4abd-4896-8255-55f6ea775489
Certificate Revocation Checking in Windows Vista and Windows Server 2008
This document provides details to system administrators how to optimize configuration of revocation checking features in Windows Vista and Windows Server 2008 to provide more timely revocation information to clients.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=361c4644-9b1b-41fd-aaf9-370717edcbbc
SharePoint Collaboration Service Governance Plan
Outline the administration, maintenance, and support of an Office SharePoint® Server 2007 deployment.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ed2e4753-f162-4c23-ba9e-beb8c88f74d4
Version 2 of Addressing a Commercial Grade Operating System Security Functional Requirement Set with Windows Vista and Server 2008
Addressing a Commercial Grade Operating System Security Functional Requirement Set with Windows Vista and Server 2008, Version 2.0
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5c60d3f5-6292-4c26-8eee-373a7c4e6e6e
Group Policy Settings Reference for Windows Internet Explorer 8
This spreadsheet lists the policy settings for computer and user configurations included in the administrative template files (admx/adml) delivered with Windows Internet Explorer 8.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ab4655f2-0a3c-42eb-974d-24b2790bf592
Forefront Threat Management Gateway
Forefront Threat Management Gateway Beta 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=e05aecbc-d0eb-4e0f-a5db-8f236995bccd&displaylang=en
Microsoft Forefront Threat Management Gateway is a comprehensive secure Web gateway that helps protect Web-using employees from threats on the Web with an enterprise-class Web proxy and anti-malware functionality. Forefront TMG helps ensure that encrypted Web sessions (SSL) are protected from threats. It also delivers simple, unified perimeter security to protect networks from attack by providing an integrated application and network-layer firewall, intrusion prevention, VPN connectivity, and management of e-mail security. It enables you to easily maximize existing information technology (IT) investments by improving network security and performance. The newly added protection technologies will help you inspect e-mail traffic for spam and malware and enforce content policy compliance in your organization. Furthermore, Forefront TMG protects the organization from zero-day-attacks, and inspects outbound HTTP and HTTPS traffic to improve Internet security for your organization.
Forefront TMG Beta 2 can help you:
• Protect users from Web browsing threats (Secure Web Gateway)
• Control network Access at the edge (Firewall)
• Protect users from e-mail threats (E-mail Protection)
• Protect desktops and servers from intrusion attempts (Network Inspection System, Security Assessment Sharing)
• Enable users to remotely access corporate resources (VPN, Secure Web Publishing)
• Simplify management and deployment
• Integrate with the Forefront Security Suite (codename Stirling) to provide a unified security solution for protecting all of the assets in your organization
Note: Connecting Forefront TMG to a Stirling Server is supported only with the public Beta 2 of Forefront Codenamed Stirling
Events/WebCasts
Security Program Guide
Security Awareness Materials http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524381&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Guidance, samples, and templates for creating a security-awareness program in your organization.
Learn Security On the Job http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524382&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Learning Paths for Security - Microsoft Training References and Resources http://co1piltwb.partners.extranet.microsoft.com/mcoeredir/mcoeredirect.aspx?linkId=11524383&s1=68628015-2ccc-cbc7-31b9-0e76c3415474
Visit TechNet Spotlight: www.microsoft.com/technetspotlight
Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more
Microsoft Security Webcast Series: Upcoming and On-Demand
Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910
Find security webcasts listed in an easy-to-use calendar format.
Upcoming Security Webcasts
http://www.microsoft.com/events/security/upcoming.mspx
Register for the following Webcasts on the link above
TechNet Webcast: Management Lockdown of Windows Mobile Devices (Level 300)
Thursday, April 09, 2009 11:30 A.M.-12:30 P.M. Pacific Time
TechNet Webcast: Information About Microsoft April Security Bulletins (Level 200)
Wednesday, April 15, 2009 11:00 A.M.-12:30 P.M. Pacific Time
Momentum Webcast Microsoft Online Services (Part 2 of 4): Enterprise-Class Security and Reliability (Level 200)
Thursday, April 16, 2009 11:00 A.M.-11:45 A.M. Pacific Time
On-Demand Security Webcasts
http://www.microsoft.com/events/security/ondemand.mspx
New or updated KB’s
Microsoft Internet Security and Acceleration Server
An update is available for ISA Server 2006 integrated NLB that lets you add virtual IP addresses that are outside the subnet of the dedicated IP address
http://support.microsoft.com/kb/959310
ISA Server 2006 sends back an HTTP 502 error if invalid credentials are provided to an FBA Web listener
http://support.microsoft.com/kb/958952
Description of the ISA Server 2006 hotfix package: October 29, 2008
http://support.microsoft.com/kb/959357
ISA Server 2006 resets the connection to the SMTP client when the SMTP server closes its connection to ISA Server
http://support.microsoft.com/kb/959312
FIX: A user who did not generate much Web traffic appears in a top Web users report in ISA Server 2004 Standard Edition
http://support.microsoft.com/kb/960669
How to change the default behavior for client certificate mapping when you use forms-based authentication with Active Directory in ISA Server 2006 Service Pack 1
http://support.microsoft.com/kb/953684
| 