Windows 10 [email protected]
Windows10Windows Windows 10
Windows10 . Windows , , .2
Windows10 , Windows7/8.1 Windows10, Windows Software
AssuranceWindows10 ,
OEM/ESD 1Windows10 Pro
OEM/ESD 1Windows10 2 Microsoft Desktop Optimization Pack
(MDOP)2
Windows10 , , Windows10 Windows10
Windows, .
Windows10 Windows10, . , . Windows10 , .
Windows10 Pro , , , . Windows10 Pro , CYOD ( ), . Windows10 Pro
, . Windows10 Pro , .
Windows10 , Windows10 Pro, , . , , . Windows10 , . Windows10
.
Windows10 Windows10 Pro , . , . , Windows10 Windows10 Pro
Windows10 , . Windows10 .
3
Microsoft User Experience Virtualization (UE-V)Microsoft
Application Virtualization (App-V)Microsoft BitLocker
Administration & Monitoring (MBAM) (AGPM)Microsoft Diagnostic
and Recovery Toolset (DaRT)MDOP , LTSB Windows To Go - TechNet ,
Long Term Servicing Branch (10- )
:Current Branch Current Branch for Business Long Term Servicing
Branch (LTSB) Windows - Pass-the-Hash MDMDevice
GuardDirectAccessWindows To Go AppLockerBranchCache Windows10
Software Assurance
SA
Windows10 Windows10 Pro, Windows8.1 , :
. - Windows , , ( ) ( ).
Pass-the-Hash. (, NTLM Kerberos) (, LSASS) Hyper-V. (VSM). VSM
Windows. Pass-the-Hash (PtH), .
Device Guard. Device Guard Windows . Device Guard Windows, (,
EXE-, DLL-), ( , ). , Windows, , . Device Guard AppLocker.
Applocker , , , .
MDOPMDOP , , . Windows10 MDOP SA.
, . , Windows, Microsoft User Experience Virtualization (UE-V).
Microsoft Application Virtualization (App-V) , . Microsoft
Enterprise Desktop Virtualization (MED-V) Windows, Windows7.
MDOP , Windows. Microsoft BitLocker Administration and
Monitoring (MBAM) BitLocker , . (AGPM) , , .
, Microsoft Diagnostics and Recovery Toolset (DaRT) , .
SA Windows. SA Current Branch/Current Branch for Business . SA ,
SA .
, , , Windows. , , - - .
4
Long Term Servicing Branch
Current Branch Windows , WSUS: -,
-Current Branch for Business
Windows
Windows 4 2015. Windows, Windows . : Windows . : , . : .
, . , , ., , , - , , , , . Windows10 , Long Term Servicing . , :
. , (5), ( 5) . Long Term Servicing , Windows Server Update
Services (WSUS) , Windows. WSUS , System Center Configuration
Manager. , , , . , , . - , . , , . Current Branch for Business. , ,
, . . - , ( , Windows). Current Branch for Business Windows , . . ,
Windows Windows WSUS, ., Windows, , , .
10/29/2015 10:39 AM (Microsoft Corporation), 2015. . , , , ,
.5
. , , , - . 10, . , , , . ., , , , , ?
2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES
NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION
IN THIS PRESENTATION.10/29/2015 11:03 AM6
BLASTER, SLAMMER
: 2003-2004
10 2003
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/28/20157
2005-
.
RANSOMWARE, CLICK-FRAUD, IDENTITY THEFT
:
BLASTER, SLAMMER
: 2003-2004
2005
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/28/20158
2005-
.
RANSOMWARE, CLICK-FRAUD, IDENTITY THEFT
:
BLASTER, SLAMMER
:
2012 , ,
, ,
: ,,
2003-2004
2012
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/28/20159
,
Windows HelloMicrosoft PassportBitLockerEnterprise Data
ProtectionDevice GuardWindows Defender
DLP DLP Windows300Ks+ Windows
UEFI Secure BootTPM 2.0, Virtualization
MICROSOFT CONFIDENTIAL INTERNAL ONLY
10 7 ---- . DLP . 10 enterprise data protection . (EDP) , ---- ,
. ? Device guard.----- - Windows 8 desighned for win uefi uefi
secure boot. Secure Boot? , . , , , / , , .
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/29/201510
, 10 . ?
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/29/201511
, ,
!!
, , . ? , , .
, 10 2 2 Microsoft passport Hello Microsoft passport windows
Hello :
, , 20% , 2014
12
1
Social.com
Bank.com
Network.com
LOL.com
Obscure.com
1
2
: . . . . .
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/28/201513
135 ADWindows
IDP
IDP
IDP
24
, , ., . .. . () , .
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/28/201514
.
, .15
MICROSOFT PASSPORT
PKI Windows 10
. . , . . , . ?
: TPM user gesture win hello .. : , , , - , 10 , = , api js
, Windows 10, - , . . ( ), Windows. , PKI. Windows 10 , PKI. - ,
PKI . Active Directory, Azure Active Directory - , , - . , , -.
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/29/201516
IDPActive DirectoryAzure ADGoogleFacebookMicrosoft Account1
2
Windows10
3
IntranetResource44 IDP
IntranetResource
, . . , TPM. IDP (Identity provider), ,. , AD, , FB , . (3) ,
(4) . ? , ! , .
.. , .. pki
. ( ), Windows. , PKI. Windows 10 , PKI.
(, . PKI - Public Key Infrastructure)
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/29/201517
PIN .
Windows Hello
Sample design, UI not final
, TPM - . Windows10 : ( )
TMP () 100 18
WINDOWS HELLO
(, , ) , ,
10 , . + api win 10 ,
19
:)
, 60 15-20
20
VIRTUAL SECURE MODE
Virtual Secure Mode (VSM)Local Security Auth
ServiceWindowsVirtual TPMHyper-Visor Code Integrity
. , . , , , , . . , -
21
VSM Windows Hyper-V Windows Kernel
LSA NTLM . (VT-X, VT-D)VIRTUAL SECURE MODE (VSM) Windows
22
Device Guard
. . - , . . ., .
Applocker . .
Device Guard , , (APT). Windows 10 : , , . . , , Windows . ,
Device Guard . (Win32) , . 10 2 , , ---- 10 , ..
Windows 10 , . . Windows 10 , , , . , Windows, . , , , Windows
Phone. , : , ; , ; Windows . Windows Phone, (Win32). , , Windows, .
, Windows 10, , .
23
DEVICE GUARD Win32 , (: Windows Phone)
, (TPM) (code integrity) , MDM PowerShell
( , .. -)
- . , : , , , , , . , , ,
Device Guard. HP, Acer, Lenovo, Toshiba, Fujitsu
24
2HIPPA Secure Now, A look at the cost of healthcare data
breaches, Art Gross, March 30, 2012
158%
187%
2$240
1Stroz Friedberg, On The Pulse: Information Security In American
Business, 2013
? , . , . , .
, 87 % , , 58 % , .---- ,
,
,
, edp Edp , ..
( , , ) ,
2012 Microsoft Corporation. All rights reserved. Microsoft,
Windows, and other product names are or may be registered
trademarks and/or trademarks in the U.S. and/or other countries.The
information herein is for informational purposes only and
represents the current view of Microsoft Corporation as of the date
of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.10/29/201525
Enterprise Data Protection . , , . Windows, iOS, Android
EFS, Applocker, Bitlocker,RMS. , .
. , .
, ()
edp efs
Epd Windows 10 (DLP), . , , . , . , . Windows 10 , , , - . , . ,
, , . , , , .
10 10 , -
26
2015 Microsoft Corporation. All rights reserved. Microsoft,
Windows, Windows Vista and other product names are or may be
registered trademarks and/or trademarks in the U.S. and/or other
countries.The information herein is for informational purposes only
and represents the current view of Microsoft Corporation as of the
date of this presentation. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a
commitment on the part of Microsoft, and Microsoft cannot guarantee
the accuracy of any information provided after the date of this
presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
27IT GETTING STARTED10/28/2015 2014 Microsoft Corporation. All
rights reserved. Microsoft, Windows, and other product names are or
may be registered trademarks and/or trademarks in the U.S. and/or
other countries.The information herein is for informational
purposes only and represents the current view of Microsoft
Corporation as of the date of this presentation. Because Microsoft
must respond to changing market conditions, it should not be
interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.
