經(jīng)典PPT素材庫合集（超級(jí)絕版）1.ppt

第一篇區(qū)塊篇 IntegratedphoneandPDAPrimarilydataviewingInteroperabilitywithOutlookandExchange NETCompactFrameworkASP NETmobilecontrols MobileDeviceSolutions Complexdocumentauthoring editingandreadingKeyboardcentricatthedeskKeyboardandmouseinputmethodsFull NETframeworkavailableCentrinoSolutions WindowsMobile WindowsXP Complexdocumentauthoring editingandactivereadingNotetakingandinkannotatingKeyboardcentricatthedesk penandkeyboardawayfromthedeskKeyboard mousepluspen ink andspeechinputmethodsFull NETframeworkpreinstalledPen ink handwritingandspeechrecognitionAPI sCentrinoSolutions ViewandsomedataentryIntegratedPDAwithphoneInteroperabilitywithOffice ExchangeandSQLServer NETCompactFrameworkASP NETmobilecontrolsIntelXscaleSolutions Windows CE One waynetworkInformationconsumption SmartPersonalObjects Smartphone PocketPCandPocketPCPhone NotebookPC TabletPC NetworkDefense HealthcheckupITchecks health ofclientNetworkAccessControlClientswhopassgetnetworkaccessClientswhodonotpassarefixedorblocked aka quarantined HealthmaintenanceQuarantinedclientscanbegivenaccesstoresourcestogethealthy FromHome VPN Dialup ReturningLaptops ConsultantsGuests UnhealthyDesktops MicrosoftBusinessSolutionsERPPositioning GuidingPrinciples Productive Integrated Extensible Capable ShortlearningcurveMinimaladministrativeoverhead ToolsintegratedtightlyAutomatescommontasks CustomizableforyourprocessIntegrateswith3rdpartytools RemotelyaccessibleRobust secure scalable StagingArchitecture Dataentry Test ApplicationCenter CommerceWeb Commerce CommerceData CommerceWeb Commerce CommerceData Application Center Application Center Data ACSCluster ACSCluster Clustercontroller Clustercontroller Data LiveCommunicationsClientRoadmap LC1 2ClientPlatformMultipartyIMP2PVoiceandVideoMPOPGroupsRoamingSIPsupportGPOpolicymanagement LC1 5ClientPlatformRollupofQFEsMPOPAdditionsFederation ArchivingNotificationHAAdditions LC2 0ClientPlatformNextgenerationofRTCexperiencesMorecoming 2003 2H04 Longhorn EnterpriseDeploymentUpdate Internet Firewall Firewall Firewall RuntimeServers CorporateLAN InternalServers Crawl Search LoadBalancedWeb InfrastructureServers DevelopmentServers TestServers BusinessDataServers BusinessUsers DatabaseandStagingServers StagingServers DatabaseServers OfflineServers IndicatesStagedDataFlow Communicateandcollaborateinamoresecuremannerwithoutsacrificinginformationworkerproductivity WindowsXPSP2Blockvirusormaliciouscodeatthe pointofentry AtRisk TheSoftUnderbelly SecurityIssuesToday 1Source ForresterResearch2Source InformationWeek 26November20013Source Netcraftsummary4Source CERT 20035Source CSI FBIComputerCrimeandSecuritySurvey6Source ComputerSecurityInstitute CSI ComputerCrimeandSecuritySurvey20027Source CERT 20028Source GartnerGroup 14BdevicesontheInternetby2010135Mremoteusersby2005265 increaseindynamicWebsites3From2000to2002reportedincidentsrosefrom21 756to82 0944Nearly80percentof445respondentssurveyedsaidtheInternethasbecomeafrequentpointofattack upfrom57percentjustfouryearsago5 90 detectedsecuritybreaches685 detectedcomputerviruses695 ofallbreachesavoidablewithanalternativeconfiguration7Approximately70percentofallWebattacksoccurattheapplicationlayer8 ApplicationLayerAttacks IdentityTheftWebSiteDefacementUnauthorizedAccessModificationofData LogsandRecordsTheftofProprietaryInformationServiceDisruption Implications Compliance SarbanesOxleyGrammLeachBlilelyUSPatriotActHIPAAThePrivacyAct CA Basel2 EU DataProtectionAct EU LitigationFileSharingPiracyHRIssuesShareholderSuits CustomerImpact TypesOfSRPRules PathRuleComparespathoffilebeingruntoanallowedpathlistUsewhenyouhaveafolderwithmanyfilesforthesameapplicationEssentialinwhenSRPsarestrict HashRuleComparestheMD5orSHA1hashofafiletotheoneattemptedtoberunUsewhenyouwanttoallow prohibitacertainversionofafilefrombeingrun CertificateRuleChecksfordigitalsignatureonapplication i e Authenticode Usewhenyouwanttorestrictbothwin32applicationsandActiveXcontent InternetZoneRuleControlshowInternetZonescanbeaccessedUsewheninhighsecurityenvironmentstocontrolaccesstowebapplications SQLServer2005Themes Supportability Quality EnterpriseEnhancements Unified FlexibleAdministration PatchSolutions Prevention Readiness RecoveryEaseofuse PatchInstallsPatchinintegratedstep IntegratedDatabaseServicesandBusinessIntelligenceFlexibleinstallmanagement Addvaluetoone stepFailoverClusteringExpandedscriptingsupport TraditionalFirewalls Wideopentoadvancedattacks Performanceversussecuritytradeoff Limitedcapacityforgrowth Hardtomanage CodeRed NimdaSSL basedattacks SecurityiscomplexITisalreadyoverloaded BandwidthtooexpensiveToomanymovingparts NoteasilyupgradeableDon tscalewithbusiness ChoosingtheRightTypeofAssessment VulnerabilityScanningFocusesonknownweaknessesOfthethree requirestheleastexpertiseGenerallyeasytoautomate PenetrationTestingFocusesonknownandunknownweaknessesRequiresadvancedtechnicalexpertiseCarriestremendouslegalburdenincertaincountries organizations ITSecurityAuditsFocusesonsecuritypoliciesandproceduresOfthethree requiresthemostexpertiseWhendonerightisthemosteffectivetypeofassessment PerimeterSecurityEvolution Wideopentoadvancedattacks Application levelprotection Performanceversussecuritytradeoff Securityandperformance Limitedcapacityforgrowth Extensibilityandscalability Hardtomanage Easiertouse Theadvancedapplicationlayerfirewall VPNandWebcachesolutionthatenablescustomerstomaximizeITinvestmentsbyimprovingnetworksecurityandperformance AdvancedprotectionApplicationlayersecuritydesignedtoprotectMicrosoftapplications Fast secureaccessEmpowersyoutoconnectuserstorelevantinformationonyournetworkinacostefficientmanner EaseofuseEfficientlydeploy manage andenablenewusagescenarios Introducing ISAServer2004 Fast secureaccessEmpowersyoutoconnectuserstorelevantinfo onyournetwork ISAServer2004NewFeaturesContinuedcommitmenttointegration Enhancedarchitecture HighspeeddatatransportUtilizeslatestWindowsandPChardwareSSLbridgingunloadsdownstreamservers Webcache UpdatedpolicyrulesServecontentlocallyPre fetchcontentduringlowactivityperiods Internetaccesscontrol User andgroup basedWebusagepolicyExtensiblebythirdparties Comprehensiveauthentication NewsupportforRADIUSandRSASecurIDUser group basedaccesspolicyThirdpartyextensibility SystemServiceAccounts LocalServiceandNetworkServiceNopasswordtomanageRunswithonlyslightlymorepermissionsthanAuthenticatedUserLocalServicecannotauthenticateacrossthenetwork NetworkServiceauthenticatesasthecomputeraccount LocalSystemNopasswordtomanageBypassessecuritychecksUserAccountsRunwithlessprivilegethanLocalSystemStorespasswordasanLSAsecretCanbecomplextoconfigure What sNewWithIPSec ManagementIPSecurityMonitorCommand linemanagementwithNetshLogicaladdressesforlocalIPconfiguration SecurityStrongercryptographicmasterkey Diffie Hellman ComputerstartupsecurityPersistentpolicyforenhancedsecurityAbilitytoexcludethenameoftheCAfromcertificaterequestsBetterdefaultexemptionhandling InteroperabilityIPSecfunctionalityovernetworkaddresstranslation NAT ImprovedIPSecintegrationwithNetworkLoadBalancing ISAServer2004NewFeaturesNewmanagementtoolsanduserinterface Multi networkarchitecture UnlimitednetworkdefinitionsandtypesFirewallpolicyappliedtoalltrafficPernetworkroutingrelationships Networktemplatesandwizards WizardautomatesnwkroutingrelationshipsSupports5commonnetworktopologiesEasilycustomizedforsophisticatedscenarios Visualpolicyeditor Unifiedfirewall VPNpolicyw onerule baseDrag dropeditingw scenario drivenwizardsXML basedconfigurationimport export Enhancedtrouble shooting AllnewmonitoringdashboardReal timelogviewerContentsensitivetaskpanes EaseofUseEfficientlydeploy manage andenablenewusagescenarios HowToUseWindowsUpdate ToconfigureAutomaticUpdates SelectKeepmycomputeruptodate OpentheSystemapplicationinControlPanel 1 OntheAutomaticUpdatestab selecttheoptionyouwant 3 2 OfficeUpdate BenefitsLimitation SinglelocationforofficepatchesandupdatesEasytouseCanbeconfiguredtoupdateconsumerorenterprisesystems DoesnotsupportAutomaticUpdates updatingmustbeinitiatedmanually OfficeUpdateWebsite HowToUseOfficeUpdate Goto 1 ClickCheckforUpdates 2 InstalltheOfficeUpdateInstallationEngine ifnotalreadyinstalled 3 Selecttheupdatesyouwanttoinstall 4 ClickStartInstallation 5 HowToUseSUS OntheSUSserver ConfiguretheSUSserverathttp SUSAdmin OneachSUSclient ConfigureAutomaticUpdatesontheclienttousetheSUSserverUseGroupPolicy manuallyconfigureeachclient orusescripts SettheSUSserversynchronizationschedule Review test andapproveupdates 1 2 3 HowToUseMBSA DownloadandinstallMBSA onceonly 1 LaunchMBSA 2 Selectthecomputer s toscan 3 Selectrelevantoptions 4 ClickStartscan 5 ViewtheSecurityReport 6 SoftwareUpdateServiceDeploymentBestPractices 1 SoftwareUpdateServiceDeploymentBestPractices 2 HowToUseSMSToDeployPatches SMS MBSAIntegration MBSAintegrationincludedwithSMS2003andtheSUSFeaturePackforSMS2 0ScansSMSclientsformissingsecurityupdatesusingmbsacli exe hf MBSABenefits ScanssystemsforMissingsecuritypatchesPotentialconfigurationissuesWorkswithabroadrangeofMicrosoftsoftwareAllowsanadministratortocentrallyscanmultiplecomputerssimultaneouslyMBSAisafreetool andcanbedownloadedfrom MBSAConsiderations MBSAreportsimportantvulnerabilities PasswordweaknessesGuestaccountnotdisabledAuditingnotconfiguredUnnecessaryservicesinstalledIISvulnerabilitiesIEzonesettingsAutomaticUpdatesconfigurationInternetConnectionFirewallconfiguration MBSA ScanOptions MBSAhasthreescanoptionsMBSAgraphicaluserinterface GUI MBSAstandardcommand lineinterface mbsacli exe HFNetChkscan mbsacli exe hf BusinessCaseForPatchManagement Whendeterminingthepotentialfinancialimpactofpoorpatchmanagement consider DowntimeRemediationtimeQuestionabledataintegrityLostcredibilityNegativepublicrelationsLegaldefensesStolenintellectualproperty WecommendMicrosoftforprovidingenhancedsecurityguidancetoitscustomersaswellasforsolicitinguserinputaspartoftheprocessofproducingthatguidance ClintKreitnerPresident CEO NISTreviewedandprovidedtechnicalcomments advice thatwasincorporatedinthisguidance TimothyGranceManagerSystemsandNetworkSecurityGroup Comments YouNeedTo ISADelivers RelationalReportingMultiplefacttablesFullrichnessthedimensions attributesTransactionlevelaccessStar snowflake 3NF Complexrelationships Multi grains many to many roleplaying indirect RecursiveselfjoinsSlowlychangingdimensions TheUnifiedDimensionalModel TheBestOfRelationalAndOLAP OLAPCubesMultidimensionalnavigationHierarchicalpresentationFriendlyentitynamesPowerfulMDXcalculationsCentralKPIframework Actions LanguagetranslationsMultipleperspectivesPartitionsAggregationsDistributedsources VisualStudioTeamSystem ChangeManagement WorkItemTracking Reporting ProjectSite VisualStudioTeamFoundation IntegrationServices ProjectManagement ProcessandArchitectureGuidance VisualStudioIndustryPartners DynamicCodeAnalyzer VisualStudioTeamArchitect StaticCodeAnalyzer CodeProfiler UnitTesting CodeCoverage VisioandUMLModeling TeamFoundationClient VSPro ClassModeling LoadTesting ManualTesting TestCaseManagement ApplicationModeling LogicalInfra Modeling DeploymentModeling VisualStudioTeamDeveloper VisualStudioTeamTest ApplicationModeling LogicalInfra Modeling DeploymentModeling ClassModeling SQLServerCatalog ReportServer XMLWebServiceInterface ReportProcessing Delivery DeliveryTargets E mail SharePoint Custom Rendering OutputFormats HTML Excel PDF Custom DataProcessing DataSources SQL OLEDB XML A ODBC Oracle Custom Security SecurityServices NT Passport Custom Office CustomApplication Browser SQLServer2000ReportingServicesArchitecture Internet RASClient RRASServer IASServer Quarantine RQC exeandRQS exeareintheWindowsServer2003ResourceKit QuarantineArchitecture WhatisVSTeamFoundation SourceCodeControl WorkItemTracking BuildAutomation ProjectSite Reporting MicrosoftBIProductSuite AnalysisServicesOLAP DataMining DataTransformationServices SQLServerRelationalEngine ReportingServices ManagementTools DevToolsVisualStudio Net ExcelOWCVisioMapPointDataAnalyzer SharePointPortalServerProjectServer WindowsServer MBSBIApplications CurrentArchitecture TCP IP RTCClientAPI UserApp ServerArchitecture Winsock Storage AD Server ApplicationInteraction Application1CRM Application2Billing Application3Logging Request ModifiedRequest TITLE Available Today Microsoft Windows SecurityResourceKit AssessingNetworkSecurity June23 2004 EAParchitecture TLS GSS APIKerberos PEAP IKE MD5 EAP PPP 802 3 802 5 802 11 Anything methodlayer EAPlayer medialayer MS CHAPv2 TLS SecurID PartnerSolutionsOfferings VALUEProposition GetmorebusinessvaluefromyourinvestmentinOffice FinanceSarbanes OxleyBusinessScorecardExcelAdd inforSQLServerAnalysisServices OperationsSixSigma HRRecruiting SalesProposals SolutionAccelerators MicrosoftProducts OfficeSolutionAccelerators VALUEProposition GetmorebusinessvaluefromyourinvestmentinOffice YourPeople EPMInvolves YourBusinessProcesses YourOrganization YourSoftwareTechnology Tools Anorchestrationofyourpeople processes organizationwithtechnology YourBusinessProcesses Governance Prioritization Budgeting HumanResources etc Initiatives ImplementMicrosoftOfficeProject2003fortheEnterprise Decisions CorporateGoalsandObjectives Executives YourOrganization StrategicInitiatives DevelopmentProjects OperationalImprovements OnAverage45 50 ofallProjectsarelinkedtoStrategicObjectives RepresentativeRisksAndTactics TacticalSolutions EnterpriseRisks EmbodyTrustworthyComputing SecureEnvironmentalRemediation UnpatchedDevices NetworkSegmentationThroughIPSec UnmanagedDevices SecureRemoteUser RemoteandMobileUsers Two FactorforRemoteAccessandAdministrators Single FactorAuthentication ManagedSourceInitiatives FocusControlsAcrossKeyAssets RemoteAccessSecurity Threat Requirement Solution Malicioususers Twofactorauthentication SmartCardsforRAS Malicioussoftware Enforceremotesystemsecurityconfiguration ConnectionManager customscriptsandtoolsprovidedintheWindows2003resourcekit CorporateSecurityGroupOrganization CorporateSecurityGroup Threat RiskAnalysis andPolicy AssessmentandCompliance Monitoring IntrusionDetection andIncidentResponse SharedServicesOperations ThreatandRiskAnalysis PolicyDevelopment ProductEvaluation DesignReview StructureStandards SecurityManagement SecurityAssessment ComplianceandRemediation MonitoringandIntrusionDetection RapidResponseandResolution Forensics ITInvestigations PhysicalandRemoteAccess CertificateAdministration SecurityTools InitiativeManagement ServerFunctions OperationalInfrastructure ServerWorkloadsFocus Application WebServerUnixintegrationservices Workloads Solutions ApplicationPlatform InformationWorkerInfrastructure DatabaseHighPerformanceComputing SoftwareDistributionVirtualizationOperationsMgmtTerminalServer EmailCollaboration BranchOfficeMediumBusinessSmallBusiness NetworkingRemoteAccessSecurityIdentityMgmt Storage file portal Print WhatIsMapPointWebService Functionalities APIsMaps Geocoding ReverseGeocoding ProximitySearch FindAddressetc DevelopmentToolsVisualStudio Net Linux VisualBasic Mac Java C XMLWebService PointsofInterestDatabaseofmorethan200 000and16millionbusinesslistings CartographicdataExtensivegeographiccoveragein19countriesinEuropeandNorthAmerica NoUIconstraints deviceindependent Integrationintoabroadrangeofdifferentapplicationsanddevices 2004 2005 WindowsSmallBusinessServer2003SP1WindowsServer2003for64 BitExtendedSystemsWindowsServer2003ServicePack1 SP1 WindowsXPTabletEdition2005WindowsXPMediaCenterEdition2005WindowsXPServicePack2 SP2 VirtualServer2005AdditionalFeaturePacks e g WindowsUpdateServices WindowsServer Codename Longhorn Beta1WindowsClient Codename Longhorn Beta1WindowsServer2003Update Codename R2 ReleaseRoadmap 第二篇表格篇 MicrosoftPatchSeverityRatings SecurityBulletinList http www M PatchingTimeFrames ImprovingThePatchingExperience ChoosingAPatchManagementSolution PatchManagementSolutionForMedium SizedAndLargeOrganizations OtherSessionsOfInterest TheImportanceOfProactivePatchManagement DREAD MicroIssuesare88 Simpletofix Create Noise Fiveissuesrepresent88 ofallupgradeissues AnalysisServiceandDTSMigrationWizardsNonewMDACbitsReducedSQLDatabaseservicesdowntime Upgrade ExampleGoals ExampleScope Whattoplanfor PatchManagementSolutionForSmallAndMedium sizedOrganizations ElementsofYourFinalReport What sNewInSetup DefaultExemptRulesInIPSec Storedintheregistryvalue HKLM SYSTEM CurrentControlSet Services IPSEC NoDefaultExempt PerformanceEnhancedArchitecture OptimizedforreallifeusagescenariosImprovementssinceISAServer2000Kernel modedatapumpUser modeoptimizationsUpto 150 2 5Xfaster forfirewall SecureNAT trafficUpto 250 3 5Xfaster forWeb transparent proxytraffic1 000 000 concurrentconnectionsScaleupwithadditionalCPUs Rawthroughputperformance How DesignimprovementsIPStackimprovementsHardwareimprovements rawthru putmeasuredusingHTTP NATbenchmark ITPolicyCompleteness ITAuditScoreCardExample UpgradingAndMigratingSharePointproductsandtechnologies OtherSessions WindowsServerFamily Dedicated 第三篇圖例篇 Corpnet Internet RADIUSAuthentication FederationthroughRADIUSproxiesCanbeusedforcentralizedauthenticationservicesDomainmembershipnotrequiredGreatforDMZplacement RADIUSServer IAS Back endServer WebClient Browser HTTPclient ISAServer2000 Old NetworkingModel Fixedzones IN LAT OUT DMZ InternetPacketfilteronlyonexternalinterfacesSingleoutboundpolicyNATalwaysStaticfilteringfromDMZtoInternet InternalNetwork Internet DMZ1 ISA2000 ISAServer2004NetworkingModel AnynumberofnetworksVPNasnetworkLocalhostasnetworkAssignedrelationships NAT Route Per NetworkpolicyPacketfilteringonallinterfacesSupportforDoDAnytopology anypolicy ISA2004 RuleStructure PolicyMapping BasicISA2000rulesProtocolrulesSiteandContentrulesStaticpacketfiltersPublishingrulesWebpublishingrulesSelectedfilteringconfigurationOtherISA2000rulesAddresstranslationrulesWebroutingrules Firewallpolicy Configurationpolicy actionontrafficfromuserfromsourcetodestinationwithconditions AllowDeny SourcenetworkSourceIPOriginatinguser DestinationnetworkDestinationIPDestinationsite ProtocolIPPort Type PublishedserverPublishedwebsiteScheduleFilteringproperties AnyuserAuthenticatedusersSpecificUser Group PolicyEngine NDI