Volle Power mit Windows 10und Enterprise Mobility SuiteJohannes NöbauerBereichseiter Enterprise Services
Agenda Arbeitsplatz 4.0 Windows 10 &Microsoft Enterprise Mobility & Security
* Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise &consumer technologies,” Feb. 21, 2013** Forrester Research: “2013 Mobile Workforce Adoption Trends,” Feb. 4, 2013*** Gartner Source: Press Release, Oct. 25, 2012, http://www.gartner.com/newsroom/id/2213115
Ernüchternte Statistik200 The median # of days thatattackers reside within avictim’s network beforedetection75% 500B 3.5Mof all network intrusions aredue to compromised usercredentialsThe total potential cost ofcybercrime to the globaleconomyThe average cost of a databreach to a companyDie Häufigkeit und Gewandtheit der Cyber-Angriffe werdensogar noch schlimmer“There are two kinds of BIG companies. Those who have beenhacked, and those who don’t know they have been hacked.”
Windows 10SchnellerBesserSicherer
MicrosoftEnterprise Mobility Security SuiteIdentity and -drivensecurityAzure Active DirectoryPremium P2Azure Information ProtectionPremium P2Microsoft CloudApp SecurityIdentity and accessmanagement with advancedprotection for users andprivileged identitiesIntelligent classification andencryption for files sharedinside and outside yourorganizationEnterprise-grade visibility,control, and protection for yourcloud applications(includes all capabilities in P1)(includes all capabilities in P1)Azure Active DirectoryPremium P1EMSE3Managed mobileproductivitySecure single sign-on to cloudand on-premises appsMFA, conditional access, andadvanced security reportingMicrosoft IntuneMobile device and appmanagement to protectcorporate apps and data on anydeviceAzure Information ProtectionPremium P1Microsoft AdvancedThreat AnalyticsEncryption for all files andstorage locationsProtection from advancedtargeted attacks leveraging userand entity behavioral analyticsCloud-based file tracking
MicrosoftEnterprise Mobility & Security Azure Active Directory Premium Azure Information Protection Advanced Threat Analytics Microsoft Intune
AzureActive DirectorySelf Service Password ResetMultifaktor AuthentifizierungSingle-Sign On über Hybrid Clouds
Your Directory on the cloudConnect and Sync on-premisesdirectories with Azure.** Azure Active Directory ConnectPowerShellSQL (ODBC)LDAP v3Web Services( SOAP, JAVA,REST)Other DirectoriesMicrosoft AzureActive Directory
Your Directory on the cloudConnect and Sync on-premisesdirectories with Azure.2400 Preintegrated popularSaaS apps.Other DirectoriesMicrosoft AzureActive DirectorySaaS apps
Azure Multi Factor AuthenticationOptionen
DemoAzure Active DirectoryMicrosoft AzureActive Directory
Identity-driven SecurityActionsConditionsLocation (IP range)Device stateUserUser groupAllow accessOrEnforce MFA peruser/per appRiskBlock accessMFAIDENTITYPROTECTIONNOTIFICATIONS, ANALYSIS, REMEDIATION,RISK-BASED POLICIESCLOUD APP DISCOVERYPRIVILEGED IDENTITY MANAGEMENT
Cloud-powered SchutzKonsoldierte Ansicht auf die durch „machinelearning“ basierte Erkennung von BedrohungenInfecteddevicesBrute entialsSuspicious sign-inactivitiesRemediation EmpfehlungRiskbasedpoliciesMFA ChallengeRisky Logins“Risk severity” BerechnungMachine-Learning EngineChange badcredentialsBlock attacksRisiko-basierter „Conditional Access“ schütztautomatisch vor verdächtigen Anmeldungenund gefährdeten Anmeldeinformationen
Sign-in Risk Policy mit Tor Browser
MicrosoftEnterprise Mobility & Security Azure Active Directory Premium Azure Information Protection Advanced Threat Analytics Microsoft Intune
MicrosoftAzure Information ProtectionWie kann ich sicher stellen das Dokumente nur diegewünschte Zielpersonen verschlüsselt erreichen unddiese nur spezifische Rechte habenWie kann ich den Zugriff nachverfolgenWie kann ich die Berechtigungen wieder entziehen
Azure Rights Management ServiceAuthentication andcollaborationClient integrationIntegration
Rights Management 101File is protected by an AESsymmetric keyLicense protected by orgowned keyUse Rights SecretCola FormulaWaterHFCSBrown (@#!#!@#!#!@#!()&)(*&)(@#!Usage rights symmetric key stored infile as ‘license’SecretCola FormulaUnprotectWaterHFCSBrown #16
Rights Management 101Enlightened apps use the RMS SDKwhich communicates with the RMS keymanagement serversUse Rights !@#!()&)(*&)(@#!File content isnever sent to theRMS server/serviceRMS-enlightened apps enforce rights,Generic Protection offered by the RMSApp
DemoAzure Information Protection
MicrosoftEnterprise Mobility & Security Azure Active Directory Premium Azure Information Protection Advanced Threat Analytics Microsoft Intune
MicrosoftAzure Threat AnalyticsWerde oder bin ich schon im internenNetzwerk angegriffen?Wie finde Account Credentials AngriffeHabe ich unsichere Admin Logons iminternen Netz
Die Muster der Cyber-SecurityAngriffe ändern sichToday’s cyber attackers are:Compromising user credentials in the vastmajority of attacksUsing legitimate IT tools rather than malware– harder to detectStaying in the network an average of eightmonths before detectionCosting significant financial loss, impact tobrand reputation, loss of confidential data,and executive jobs
Die Muster der Cyber-SecurityAngriffe ändern sichToday’s cyber attackers are:Compromising user credentials in the vastmajority of attacksUsing legitimate IT tools rather than malware– harder to detectStaying in the network an average of eightmonths before detectionCosting significant financial loss, impact tobrand reputation, loss of confidential data,and executive jobs
Die Muster der Cyber-SecurityAngriffe ändern sichToday’s cyber attackers are:Compromising user credentials in the vastmajority of attacksUsing legitimate IT tools rather than malware– harder to detectStaying in the network an average of eightmonths before detectionCosting significant financial loss, impact tobrand reputation, loss of confidential data,and executive jobs
ProblemstellungTraditional IT Security Lösungen sind typischerweise :KomplexNeigen zu“false positives”Ausgelegt für den“perimeter” SchutzErsteinrichtung,Feinabstimmung, Erstellenvon Regeln fürSchwellwerte/Baselineskönnen lange dauern.Sie erhalten zu viele Berichtean einem Tag mit mehreren"false positives", die wertvolleZeit erfordern, die Sie nichthaben.Wenn BenutzerloginInformationen gestohlenwurden und Angreifer sichbereits im Netz befinden,bietet Ihre aktuelle Abwehrnur mehr eingeschränktenSchutz.
Übersicht Microsoft AdvancedThreat AnalyticsEine lokale Lösung um fortschrittliche Sicherheits Angriffe zu identifizieren, bevor diese SchadenanrichtenVergleich: Kreditkartenunternehmenüberwachen das Verhaltender Karteninhaber Gibt es ungewöhnlichAktivitäten, wird derKarteninhaberbenachrichtigt um dieTransaktionen zu überprüfenMicrosoft Advanced Threat Analytics bringt dieses Konzeptzur IT und Anwender einer bestimmten Organisation
Wie Microsoft Advanced ThreatAnalytics arbeitet4 AlertATA reports all suspiciousactivities on a simple,functional, actionableattack timelineATA identifiesWho?What?When?How?For each suspiciousactivity, ATA providesrecommendations forthe investigation andremediation.
Topology
Topology - GatewayCaptures and analyzes DC network trafficvia port mirroringListens to multiple DCs from a singleGatewayReceives events from SIEMRetrieves data about entities from thedomainPerforms resolution of network entitiesTransfers relevant data to the ATA Center
Topology - CenterManages ATA Gateway configurationsettingsReceives data from ATA Gateways andstores in the databaseDetects suspicious activity and abnormalbehavior (machine learning)Provides Web Management InterfaceSupports multiple Gateways
Video DemoAzure Advanced Threat Analytics
MicrosoftEnterprise Mobility & Security Azure Active Directory Premium Azure Information Protection Advanced Threat Analytics Microsoft Intune
MicrosoftIntuneBring Your Own Device Mobiles Device ManagementMIT IT-Kontrolle OHNE private EnteignungApp-Management für mobile Unternehmens-Apps SchönÊigener App-StorePC-Management und MDM integriertManaged Antivirus ist wieder
Today’s challengesUsersUsers expect to be able towork in any location andhave access to all theirwork resources.DevicesThe explosion of devices iseroding the standards-basedapproach to corporate IT.AppsDataDeploying and managingapplications acrossplatforms is difficult.Users need to be productivewhile maintainingcompliance and reducingrisk.
Empowering people with our EnterpriseMobility SuiteEnable usersAllow users to work on thedevices of their choice andprovide consistent access tocorporate resources.Unify your environmentUsersDevicesAppsDataDeliver a unified application anddevice management onpremises and in the cloud.Protect your dataManagement. Access. Protection.Help protect corporateinformation and manage risk.
Enterprise mobility managementwith IntuneMobile devicemanagementUserMobile applicationmanagementPC managementITIntune helps organizations provide their employees with access to corporate applications, data, andresources from virtually anywhere on almost any device, while helping to keep corporate information secure.
Device Lifecycle ManagementEnrollProvision Provide a self-service CompanyPortal for users to enroll devices Deliver custom terms andconditions at enrollment Bulk enroll devices using AppleConfigurator or service account Restrict access to Exchange emailif a device is not enrolled Deploy certificates, email, VPN,and WiFi profiles Deploy device security policysettings Install mandatory apps Deploy app restriction policies Deploy data protection policiesUserITRetireManage and Protect Revoke access to corporateresources Perform selective wipe Audit lost and stolen devices Restrict access to corporateresources if policies are violated(e.g., jailbroken device) Protect corporate data byrestricting actions such ascopy/cut/paste/save outside ofmanaged app ecosystem Report on device and appcompliance
Deployment Option 1:Intune onlyIntune standalone (cloud only)ITIntune web consoleManage and Protect No existing infrastructure necessary No existing Configuration Manager deploymentrequired Simplified policy control Simple web-based administration console Faster cadence of updates Always up-to-dateDevices SupportedMobile devices and PCs Windows PCs (x86/64, Intel SoC) Windows RT Windows Phone 8.x iOS Android
Deployment Option 2:SCCM Intune MDMConfiguration Manager integrated with Intune (hybrid)System Center 2012 R2 ConfigurationManager with Microsoft Intune Build on existing Configuration Manager deploymentFull PC management (OS deployment, endpointprotection, application delivery control, customreporting)Deep policy control requirementsGreater scalabilityExtensible administration tools (RBA, PowerShell, SQLreporting services)ITConfiguration Manager consoleSystem CenterConfigurationManagerDevices Supported Windows PCs(x86/64, Intel SoC)Windows to GoWindows ServerLinuxMac OS X Windows RTWindows Phone 8.xiOSAndroidDomain joined PCsMobile devices
DemoMicrosoft Intune
Danke!für Ihre Aufmerksamkeit
Mobile device PC management management Enterprise mobility management with Intune Intune helps organizations provide their employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure. User IT
The Windows The Windows Universe Universe Windows 3.1 Windows for Workgroups Windows 95 Windows 98 Windows 2000 1990 Today Business Consumer Windows Me Windows NT 3.51 Windows NT 4 Windows XP Pro/Home. 8 Windows XP Flavors Windows XP Professional Windows XP Home Windows 2003 Server
AutoCAD 2000 HDI 1.x.x Windows 95, 98, Me Windows NT4 Windows 2000 AutoCAD 2000i HDI 2.x.x Windows 95, 98, Me Windows NT4 Windows 2000 AutoCAD 2002 HDI 3.x.x Windows 98, Me Windows NT4 Windows 2000 Windows XP (with Autodesk update) AutoCAD 2004 HDI 4.x.x Windows NT4 Windows 2000 Windows XP AutoCAD 2005 HDI 5.x.x Windows 2000 Windows XP
A computer with at least a 450MHz Pentium CPU with 128 MB of RAM, running Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8/8.1, Windows 10, Windows Server 2012, Windows Server 2016 or Windows Server 2019 platforms. Instal
Windows 8.1 *6 Windows Server 2003 *7 Windows Server 2008 *8 Windows Server 2012 *9 Mac OS X *10: Supported *1 Printer drivers support both 32-bit and 64-bit Windows. *2 Microsoft Windows XP Professional Edition/Microsoft Windows XP Home Edition *3 Microsoft Windows Vista Ultimate/Microsoft Windows Vista Enterprise/Microsoft Windows Vista Business/
PowerBook 145B/80 B1433 MIT 1370 PowerBook Duo 230/ 120 B1432 MIT 2480 ThinkPad 720/160 9552-308 MIT 3245 ThinkPad 720C/160 9552-30J MIT 4540 DeskJet 500 HP-C2106A MIT 370 LaserJet lIP Plus HP-C2007A MIT 790 Value Bundle 4MB RAM/120MB hard disk MIT 1215 Value Bundle
Microsoft Windows 7, 32-bit and 64-bit Microsoft Windows 8 & 8.1, 32-bit and 64-bit Microsoft Windows 10, 32-bit and 64-bit Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012, 64-bit only RAM: Minimum 2 GB for the 32-bit versions of Microsoft Windows 7, Windows 8, Windows 8.1, and Windows 10.
Machine Edition Product Windows 7SP1 Windows 8 and 8.1 Windows 10 QP View Developer - QP Logic Developer – PC - o Windows 7 Ultimate, Windows 7 Enterprise, Windows 7 Professional and Windows 10. Notes The above versions of Windows are supported in both 32-bit and 64-bit. Windows regional settings must be set to English.
- 32 & 64 bit Windows 7, Windows 8 & Windows 10 - 32 & 64 bit Windows 2008 Server - Windows 2008 Server R2 - Windows Server 2012 - Windows Server 2012 R2 - Windows Server 2016 NOTE: Microsoft .Net Framework 4.5 is required on all o