Security and Identity

All Site Content

Security and Identity

Protecting the network is one of the toughest challenges in IT today. Network administrators must establish and enforce security policies that provide robust protection while being flexible enough to accommodate the connectivity needs of a growing number of internal and external users, device types, system configurations, and network connection types. In addition to several enhancements to Active Directory which help make Identity and Access Management more efficient, Windows Server 2008 R2 includes several additional security and policy enhancements:

Group Policy in Windows Server 2008 R2

Group Policy enables administrators to manage configurations for groups of computers and users, including options for registry-based policy settings, security settings, software deployment, scripts, folder redirection, Remote Installation Services, and Internet Explorer maintenance. By using Group Policy, you can significantly reduce an organization’s total cost of ownership. Because of factors such as the large number of policy settings available, the interaction between multiple policies, and inheritance options, Group Policy design can be complex. By carefully planning, designing, and testing a solution based on your organization’s business requirements, you can provide the standardized functionality, security, and management control that your organization needs.

What are the major changes for Windows Server 2008 R2?

The following changes are available in Windows Server 2008 R2 and in Windows 7 with Remote Server Administration Tools (RSAT):

Windows PowerShell Cmdlets for Group Policy – ability to manage Group Policy from the Windows PowerShell™ command line and to run PowerShell scripts during logon and startup

Group Policy Preferences – additional types of preference items

Starter Group Policy Objects – improvements to Starter GPOs

Administrative Template Settings – Improved user interface and additional policy settings

Network Policy and Access Services

Network Policy and Access Services in Windows Server 2008 R2 delivers a variety of methods to help provide users with secure local and remote network connectivity, connect network segments, and allow network administrators to centrally manage network access and client health policies. With Network Access Services, you can more securely deploy virtual private network (VPN) servers, dial-up servers, routers, and 802.1X-protected wireless access. You can also deploy RADIUS servers and proxies, and use the Connection Manager Administration Kit to create remote access profiles that allow client computers to safely connect to your network.

Network Access Protection

Exposure of client devices to malicious software, such as viruses and worms, continues to increase. These programs can gain entry to an unprotected or incorrectly configured host system, and then use this system as a staging point to propagate to other devices on the corporate network. Network administrators have a platform to mitigate this threat with Network Access Protection (NAP) from Microsoft, a comprehensive set of operating system components included with Windows Server 2008, Windows 7, and Windows Vista that provides a platform to help ensure that client computers on a private network meet administrator-defined requirements for system health.

Security in the Cloud

Solutions