| This is a monthly newsletter for IT professionals and developers—bringing security news, guidance, updates, and community resources directly to your inbox. To view an online version of this newsletter, click here or subscribe to the Featured Security and Privacy Content RSS feed to receive more frequent updates on news and featured resources. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
Note from the Editor
I’m guessing you have Windows 7 loaded up by now and have been playing with it for some time. You’ve overcome the technical hurdle of explaining to your spouse (kids, grandparents, in-laws, etc.) the reason why you and they made the upgrade to Windows 7. Good times.
But we all know where the REAL action is…it’s in “Big Iron.” The server. The infrastructure. That beast that hums with so much pure power it makes you stand back and stare in awe. Why run a laptop with a pitiful 2GB of RAM when you can fire up a massive rack of servers with enough horsepower to run the entire business or government? Your infrastructure guys are in the process of upgrading to Windows Server 2008 R2, and I can’t blame them -- it’s sweetness in the server room.
One of the things I’m particularly fond of in Windows Server 2008 R2 is DirectAccess. Very few things will dramatically change the way you do your security job. This is one of them. Think about the advantages of having all the machines in your domain, connected to the domain, 24/7/365, securely…all without ever having to fire up a VPN client! Users love it because they don’t have to open up a separate connection to view an internal site; the help desk loves it because they don’t have to troubleshoot a VPN client over the phone with the sales person in Pocatello; and the security guy likes it because he or she is able to push down new A/V signatures and software updates as needed, without having to wait for the sales person to return to the office. Not to mention all IP traffic is routed through proxies, which means outbound traffic rules still work.
“But Kai, what about my SSL gateways, my perimeter firewalls, and the fact that I’m running Network Access Protection (NAP)? Heck, I even implemented Server Domain Isolation last year!”
My friends, it’s okay. You can still continue to use all of these great things; we’re just changing the way the traffic comes into your network. Think of DirectAccess as a 5,000 mile/kilometer CAT-5 cable. Plug it into the corporate network. If your users are connected to the Internet, they are connected to you, regardless of physical location. The DirectAccess Design and Deployment Guides can provide more details as to how to implement this in your environment.
One last thing. As some of you may know, I‘m passionate about protecting children online. At the end of the day, as we leave the office and head home, we are parents, we are uncles, we are aunts, we are grandparents. Everyone knows a child who would benefit from the knowledge you have about Internet safety. Kids really do think that “nothing bad can happen to them” on the Internet, and you can help educate them. I would encourage each of you to take a moment and head over to the Microsoft Consumer Online Safety Education site and share these videos, tools, and techniques with a child today.
Have a great November!
Kai Axford, MBA, CISSP, MCSE Top Stories
| |
Microsoft Report Reveals Resurgence of Worms; Rogue Security Software Still Top Threat On November 2, Microsoft released the seventh volume of the Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months. Gain a quick summary of the report’s findings, and then read the full report for more detailed information. |
| |
Forefront Threat Management Gateway 2010 Release Candidate Now Available Allow employees to safely and productively use the Internet for business without worrying about malware and other threats. Forefront Threat Management Gateway provides multiple layers of continuously updated protections -- including URL filtering, antimalware inspection, intrusion prevention, application- and network-layer firewall, and HTTP/HTTPS inspection. All of these protections are integrated into a unified, easy-to-manage gateway, reducing the cost and complexity of Web security |
| |
Cloudmark Antispam Engine Released Now you can experience even greater antispam support with the Cloudmark Antispam Engine, just released from beta after having undergone extensive internal testing and customer trials. The Cloudmark antispam engine provides a better than 99 percent detection rate and less than 1 in 250,000 false positives (West Coast Labs). It replaces the Mail-Filters SpamCure antispam engine, set to retire on December 1. Be sure to upgrade to the latest service pack releases before December 1 to continue your antispam defenses and have access to the new Cloudmark engine. |
| |
Update on Antigen 8.0 EOL and Engine Revision Make sure you’re up to date on Antigen 8.0 end-of-life plans and associated engine revisions, including information on upcoming engine changes occurring later this year and what you need to know in order to maintain continued security protection. |
Security Guidance
| |
What's New in Group Policy Learn about the changes available in Windows Server 2008 R2 with Remote Server Administration Tools (RSAT), from the ability to manage Group Policy from the Windows PowerShell command line to additional types of Group Policy preferences and improvements to starter Group Policy Objects (GPOs). |
| |
Infrastructure Planning and Design (IPD) Guide for DirectAccess This guide provides actionable guidance for designing a DirectAccess infrastructure. The guide’s easy-to-follow, four-step process gives a straightforward explanation of the infrastructure required for clients to be connected from the Internet to resources on the corporate network, whether or not the organization has begun deploying IPv6. |
| |
Server Security Policy Management in Windows Server 2008 There are many tools in Windows Server 2008 that you can use to help keep your computers secure. This discussion focuses on three tools that you can use alone or together to manage the security policies on your servers: the Security Configuration Wizard (SCW) and the Scwcmd command-line tool, the Security Templates snap-in, and the Security Configuration and Analysis snap-in. |
| |
Security Audit Events for Windows 7 and Windows Server 2008 R2 You can use Windows security and system logs to record and store collected security events so that you can track key system and network activities to monitor potentially harmful behaviors and to mitigate those risks. The information in this download can help you analyze the data included in event-log data. |
| |
Microsoft Forefront Security for Office Communications Server Best Practices Analyzer Microsoft has released the Forefront Security for Office Communications Server Best Practices Analyzer (BPA) to help you maximize your configuration settings. The BPA compares your existing Forefront Security for Office Communications Server deployment with recommended best practices to identify configuration setting changes that could help you improve FSOCS performance and malware detection rates. |
This Month's Security BulletinsCritical:
Important:
Security Bulletin Overview for November 2009
Microsoft Product Lifecycle InformationFind information about your particular products on the Microsoft Product Lifecycle Web site.
Security Events and Training
| |
Direct Access and Unified Access Gateway: Deep Dive Dive deep into Unified Access Gateway (UAG) with Direct Access with Microsoft Program Managers Ben Bernstein and Stephen Bowie. Learn how UAG supports legacy IPv4 clients and how the client knows to connect to the proper DNS server -- and much more. |
| |
Course 50255A: Managing, Maintaining, and Securing Your Networks Through Group Policy In this course, you will learn to control and manage computer systems and domain users running Windows Server 2003, Windows Server 2008, Windows XP, and Windows Vista. You will learn to create Group Policies, implement administrative and security templates, and determine best practices when deploying software packages. Walk away with the experience and tools you need to optimize your enterprise systems and networks. |
Upcoming Security Webcasts
For IT Professionals
For Developers
Now On Demand
This newsletter was sent by the Microsoft Corporation
One Microsoft Way
Redmond, Washington, USA
98052
Security Program Guide Community Web Sites
|
Upcoming Chats
Security Blogs
Additional Security Resources
| |