Know University of Vila Velha
Phases of the Project
Demos
How to Start
Q&A
University of Vila Velha
The first private university of ES with more than 32 years of expertise in higher education
University of Vila Velha
The largest private library of Espírito Santo
University of Vila Velha
Laboratories of biomedical and agricultural courses
University of Vila Velha
Computing Labs
~ 18.000 Students
~ 1.200 Teachers
1.500 Computers
14 Buildings
Hospital
Laboratories of Biomedical
Agricultural cou...
IT Team - DTI
4 Systems Analysts
5 Technical Support
2 Trainees
3 Shifts (from 07:00 to 23:00)
~ 60 attacks daily (only from our Labs !)
Hundreds of notebooks ( Teachers and Students)
in the network
Physical networ...
Improve security for our Network
Restrict access for some Servers
Deploy more services to Students and Teachers
Improve...
Learn the flow of data in our environment
Documentation and classification of our services,
data and network
Deploy Server and Domain Isolation (IPSec) with
Kerberos
Merge Administrative and Student Network in the
same physical ...
Deploy PKI project
Deploy Wireless network for Students and
Teachers
Change IPSec authentication from Kerberos for
Cer...
Deploy NAP (Reporting Mode )
Deploy Forefront Client
Deploy NAP - Enforcement mode
Deploy NAP for Linux Clients
1. Understand how your data flow in your enviroment
2. Create a Documentation of groups, services, servers and
exemption...
Microsoft Developer Network (MSDN)
(Webcasts, Blogs, Chats,
http://microsoft.com/msdn
Microsoft Technet
(Webcasts, Blo...
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be...
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
NAP with IPSEC and PKI in a Real World
of 24

NAP with IPSEC and PKI in a Real World

Rodrigo Immaginario CISSP MVP Security http://rodrigoi.org.br
Published on: Mar 3, 2016
Published in: Education      
Source: www.slideshare.net


Transcripts - NAP with IPSEC and PKI in a Real World

  • 1. Know University of Vila Velha Phases of the Project Demos How to Start Q&A
  • 2. University of Vila Velha The first private university of ES with more than 32 years of expertise in higher education
  • 3. University of Vila Velha The largest private library of Espírito Santo
  • 4. University of Vila Velha Laboratories of biomedical and agricultural courses
  • 5. University of Vila Velha Computing Labs
  • 6. ~ 18.000 Students ~ 1.200 Teachers 1.500 Computers 14 Buildings Hospital Laboratories of Biomedical Agricultural course 4 Campi + 40 services for students and Teachers (WEB) Radio University TV
  • 7. IT Team - DTI 4 Systems Analysts 5 Technical Support 2 Trainees 3 Shifts (from 07:00 to 23:00)
  • 8. ~ 60 attacks daily (only from our Labs !) Hundreds of notebooks ( Teachers and Students) in the network Physical network grow to fast Students became more dangerous
  • 9. Improve security for our Network Restrict access for some Servers Deploy more services to Students and Teachers Improve the agility to changes in the Campus Find the best solution - Security X Cost Reduce TCO
  • 10. Learn the flow of data in our environment Documentation and classification of our services, data and network
  • 11. Deploy Server and Domain Isolation (IPSec) with Kerberos Merge Administrative and Student Network in the same physical network
  • 12. Deploy PKI project Deploy Wireless network for Students and Teachers Change IPSec authentication from Kerberos for Certificates - Secundary Benefits - 2-factor authentication (token for Admin access) Improve security for VPN Access
  • 13. Deploy NAP (Reporting Mode )
  • 14. Deploy Forefront Client Deploy NAP - Enforcement mode Deploy NAP for Linux Clients
  • 15. 1. Understand how your data flow in your enviroment 2. Create a Documentation of groups, services, servers and exemption lists 3. If possible use PKI 4. Create a Project LAB for testing 5. Deploy IPSec with FallBack enable 6. Deploy NAP (reporting mode)
  • 16. Microsoft Developer Network (MSDN) (Webcasts, Blogs, Chats, http://microsoft.com/msdn Microsoft Technet (Webcasts, Blogs, Chats) http://microsoft.com/technet Trial Software e Virtual Labs http://www.microsoft.com/technet/downloads/trials/default.mspx http://www.microsoft.com/nap http://blogs.technet.com/nap/ Case IPSec - http://www.microsoft.com/casestudies/casestudy.aspx?casestudyid=49593 Case NAP - http://www.microsoft.com/brasil/technet/ithero/abril07/default.mspx Article IPSec - http://www.microsoft.com/technet/community/columns/secmvp/sv0906.mspx
  • 17. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.