WindowSecurity.com blogs RSS

Dr. Tom Shinder's Blog - FEATURED RSS

Dr. Tom Shinder's Security Space will cover all topics related to security on Microsoft networks. We will focus on Microsoft's security products and technologies, such as NTFS, access controls, permissions, network security, IPSec, EFS, BitLocker, System Hardening, Service Hardening, ISA Server, IAG, Forefront Security products, and more! This blog will focus on how the Microsoft admin can take a defender's approach to network security, rather than the more typical hacker's view - in this way we can dedicate our time to our core competency - defending our networks against attack.

Visit Dr. Tom Shinder's Blog

Latest Windows Security blog posts

Windows Server 2008 R2 Updates to Security Monitoring

Date - Nov 19th, 2009

Author - Dr. Tom Shinder

“…There are a number of auditing enhancements in Windows Server® 2008 R2 and Windows® 7 that increase the level of detail in security auditing logs and simplify the deployment and management of auditing policies. These enhancements include: Global Object Access Auditing. In Windows Server 2008 R2 and Windows 7, administrators can define computer-wide system access control lists (SACLs) for either the file system or registry. more...

Rogue Security Software Still Top Threat

Date - Nov 19th, 2009

Author - Dr. Tom Shinder

“…REDMOND, Wash. — Nov. 2, 2009 — Microsoft Corp. today released the seventh volume of the Microsoft Security Intelligence Report (SIRv7), which indicates that worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six months. Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months. more...

DirectAccess Design and Deployment Guides

Date - Nov 19th, 2009

Author - Dr. Tom Shinder

“This document contains both the Design Guide and the Deployment Guide for DirectAccess in Windows Server® 2008 R2. These guides help you to design and deploy DirectAccess servers, DirectAccess clients, and infrastructure servers on your intranet. Use the Design Guide to answer the “What,” “Why,” and “When” questions a deployment design team might ask before deploying DirectAccess in a production environment. more...

DirectAccess Demo by Kevin Remde

Date - Nov 16th, 2009

Author - Dr. Tom Shinder

Before you try your hands at making DirectAccess work in your own lab, it’s a good idea to watch someone else make it work – especially in the case of DirectAccess, where there are a lot of moving parts and issues that you need to be aware of before you embark on your DirectAccess quest. While not a detailed end to end “how to”, this webcast will show you some of the important components of the solution. more...

Direct Access and UAG video - Deep dive with a Program Manager

Date - Nov 16th, 2009

Author - Dr. Tom Shinder

Ben Bernstein and Stephen Bowie tell us what the value is for Unified Access Gateway (UAG) with Direct Access (DA). After this, we do a whiteboard of UAG + DA architecture, including explaining how it works with multiple UAG servers. more...

What’s New in Windows Security Auditing

Date - Nov 16th, 2009

Author - Dr. Tom Shinder

“…There are a number of auditing enhancements in Windows Server® 2008 R2 and Windows® 7 that increase the level of detail in security auditing logs and simplify the deployment and management of auditing policies. These enhancements include: Global Object Access Auditing. In Windows Server 2008 R2 and Windows 7, administrators can define computer-wide system access control lists (SACLs) for either the file system or registry. more...

Planning for Hyper-V Security

Date - Nov 16th, 2009

Author - Dr. Tom Shinder

“…Once you have updated the Windows Server® 2008 operating system with the Hyper-V™ technology release bits and enabled the Hyper-V role, you are ready to run virtual machines (VMs) on your server, now called a virtualization server (also called a “host”). How does this change your security? Not much. Hyper-V is designed to be fairly transparent. You secure your VMs the same way that you secure physical machines. more...

Top Five Security-Related Group Policy Settings

Date - Nov 16th, 2009

Author - Dr. Tom Shinder

“…In the October edition of TechNet magazine, I answered the question, “What’s New in Group Policy for Windows 7 and Windows Server 2008 R2.” Besides “what’s new,” people oftentimes want to know how to get “more secure” using the Group Policy infrastructure that they already use. more...

Microsoft Security Intelligence Report v7

Date - Nov 9th, 2009

Author - Dr. Tom Shinder

“The Microsoft Security Intelligence Report (SIR) is a comprehensive and wide-ranging study of the evolving threat landscape, and addresses such topics as software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Volume 7 of the Security Intelligence Report (SIR v7) covers the first half of 2009 (January through June). It includes data derived from more than 450 million computers worldwide, each running Windows. more...

FPE or FOPE or Both?

Date - Nov 9th, 2009

Author - Dr. Tom Shinder

“Mike Chan, PM for the Forefront team, breaks down the differences between security protection for Forefront Protection for Exchange (FPE), Forefront Online Protection for Exchange (FOPE), and the built-in protection which exists in Exchange 2010.  We start out with a brief history of the m. more...

Archived Blogs

• Don Parker Blog
• Justin Troutman Blog