La descarga está en progreso. Por favor, espere

La descarga está en progreso. Por favor, espere

Windows Firewall con seguridad avanzada.

Publicada porErnesta Del Rosario Modificado hace 10 años

Presentaciones similares

Presentación del tema: "Windows Firewall con seguridad avanzada."— Transcripción de la presentación:

1 Windows Firewall con seguridad avanzada.
Alberto Camina Álvarez

2 Agenda Windows Vista Firewall
Configuración y como solucionar problemas. Integrar el Firewall con IPSec

3 Conocimientos necesarios.
TCP/IP Políticas de grupo. Conocimientos de Firewall Level 200

4 Problemas actuales de las redes.

5 Nueva Pila TCP/IP de Windows Vista
3/24/2017 3:58 PM 3/24/2017 3:58 PM Winsock User Mode Kernel Mode WSK Clients AFD TDI Clients TDI WSK TDX Next Generation TCP/IP Stack (tcpip.sys) TCP UDP RAW IPv4 IPv6 Windows Filtering Platform API 802.3 WLAN Loop-back IPv4 Tunnel IPv6 Tunnel NDIS Arquitectura Dual-IP para un soporte nativo de IPv4 y IPv6. Mejor integración con IPsec. Mejor rendimiento gracias a la aceleración por HW. Capacidad de auto-tuning y mejores algoritmos de optimización. Mejor extensibilidad y fiabilidad gracias a nuevos APIs © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. 5 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Nuevas Características.
3/24/2017 3:58 PM 3/24/2017 3:58 PM Technologies Security Experience Scalability IPsec X VPN Routing Compartments Windows Filtering Platform (WFP) Secure Sockets API IPv6 TCP Chimney TCP-A (I/OAT) Receive Side Scaling Receive Window Auto-Tuning Compound-TCP (CTCP) – Congestion Control Wireless Reliability Black-Hole Router Detection (BHRD) Dead Gateway Detection Network Diagnostics / Extended TCP Statistics Policy-based Quality of Service (eQoS) © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. 6 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Drill-down: Performance
3/24/2017 3:58 PM Automatically adjusts for maximum efficiency Faster network transfers, especially across WAN links Optimized use of available network bandwidth Reduced packet loss resulting in fewer retransmits Optimized performance without loss Intelligent, automated tuning of TCP receive window size Better packet loss resiliency (e.g. wireless connectivity) Advanced congestion control for better throughput © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

8 The Receive Window Limitation
3/24/2017 3:58 PM 3/24/2017 3:58 PM The Receive Window Limitation North America Satellite Intercontinental Fiber © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. 8 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Historia del Windows Firewall

10 Características del Windows Firewall

11

12 Windows Firewall Features - Notes

13 Connection Security Rules Authenticated Bypass Rules
Reglas del Firewall Service Restrictions Connection Security Rules GPO Authenticated Bypass Rules Block Rules Allow Rules Local Policy Default Rules

14 Nuevos algoritmos criptográficos.
Encryption: AES-128, AES-192, AES-256 Key Exchange: ECDH P-256, ECDH P-384

15 Nueva consola de seguridad avanzada
Por nombre de aplicación Todos los adaptadores wireless Todos ó múltiples puertos Usuario de AD ó cuenta de maquina. Todas las IP’s en un rango. ICMP ó ICMP v6 Todas la direcciones dentro de una subnet. Servicios

16 Consola de seguridad avanzada
By application name All wireless adapters All or multiple ports Active Directory user or computer account All addresses in a numeric range ICMP or ICMP v6 type or code value All addresses on a local subnet For services

17 Netsh Advfirewall

18 Demo demo Administrando Windows Firewall

19 Agenda Windows Vista Firewall
Configuración y como solucionar problemas Integrar el Firewall con IPSec

20 Reglas del Firewall Cuentas y grupos del Active Directory
Direcciones Ip de Origen y Destino Puertos TCP y UDP de Origen y Destino Tipos de Interfaces. Servicios

21 Conocimiento de la RED Ping Ping Ping

22 Conocimiento de la RED (2)
Ping Ping Ping

23 Demo demo Configurar el Firewall

24 Troubleshooting

25 Demo demonstration Solucionar problemas del Firewall

26 Mixed Environments

27 Agenda Windows Vista Firewall
Configuración y como solucionar problemas Integrar el Firewall con IPSec

28 IPSec Overview Key Exchange Methods (IKE) IPSec Policy
Rules Authentication Methods (Kerberos, Certificates, Static Keys) Filter List Security Methods (Encryption, Hashing, Key Lifetimes) Action Filters

29 IPSec Overview - Notes Key Exchange Methods (IKE) IPSec Policy
Rules Authentication Methods (Kerberos, Certificates, Static Keys) Filter List Security Methods (Encryption, Hashing, Key Lifetimes) Action Filters

30 Firewall con IPSec IPSec

31 Windows Firewall and IPSec - Notes

32 Segmentación Dinámica basada en Políticas

33 Policy-Based Dynamic Segmentation - Notes

34 Configuración de Políticas IPSec

35 Simplified IPSec Policy Configuration - Notes

36 Protección IPSec Cliente -a- DC
Improved load balancing and clustering server support. You don’t need to configure rules for domain controllers. IPSec policy in the domain can request protected traffic but not require it. You can require protected traffic for domain controllers.

37 Client-to-DC IPSec Protection - Notes
Improved load balancing and clustering server support. You don’t need to configure rules for domain controllers. IPSec policy in the domain can request protected traffic but not require it. You can require protected traffic for domain controllers.

38 Autentificación IPSec mejorada
Health Certificate Server Health Certificate Kerberos credentials of the logged-on user account NTLM v2 credentials of the logged-on user account A user certificate A computer health certificate Extended Mode Multiple Authentication Methods

39 Improved IPSec Authentication - Notes
Health Certificate Server Health Certificate Kerberos credentials of the logged-on user account NTLM v2 credentials of the logged-on user account A user certificate A computer health certificate Extended Mode Multiple Authentication Methods

40 Resumen Mejores Opciones de configuración
Solución de problemas mas sencilla Mejor integración de IPSec con Windows Firewall

41 Where Else Can I Get Help?
Free chats and webcasts List of newsgroups Microsoft community sites Community events and columns

Descargar ppt "Windows Firewall con seguridad avanzada."

Presentaciones similares

UNIDAD IV SERVICE DE GATEWAY. OBJETIVOS Use Asistente para configuración de Gateway para configurar de servicios Firewall, NAT y VPN. Use Asistente para.

UNIDAD IV SERVICE DE GATEWAY. OBJETIVOS Use Asistente para configuración de Gateway para configurar de servicios Firewall, NAT y VPN. Use Asistente para.
111 © 2002, Cisco Systems, Inc. All rights reserved. Presentation_ID.

111 © 2002, Cisco Systems, Inc. All rights reserved. Presentation_ID.
Maestría en Data Mining

Maestría en Data Mining
POLICY MAKING ON MIGRATION THE COSTA RICAN EXPERIENCE Luis Alonso Serrano Echeverría Head of the Planning Department General Direction of Migration & Alien.

POLICY MAKING ON MIGRATION THE COSTA RICAN EXPERIENCE Luis Alonso Serrano Echeverría Head of the Planning Department General Direction of Migration & Alien.
RENAISSANCE es un proyecto del programa CONCERTO co-financiado por la Comisión Europea dentro del Sexto Programa Marco RENAISSANCE - ZARAGOZA - SPAIN 1.

RENAISSANCE es un proyecto del programa CONCERTO co-financiado por la Comisión Europea dentro del Sexto Programa Marco RENAISSANCE - ZARAGOZA - SPAIN 1.
RENAISSANCE es un proyecto del programa CONCERTO co-financiado por la Comisión Europea dentro del Sexto Programa Marco RENAISSANCE - ZARAGOZA - SPAIN 1.

RENAISSANCE es un proyecto del programa CONCERTO co-financiado por la Comisión Europea dentro del Sexto Programa Marco RENAISSANCE - ZARAGOZA - SPAIN 1.
Como Configurar el Internet

Como Configurar el Internet
No hay un límite para su crecimiento. Arquitectura de Transporte y Ruteo en Exchange 2007 Carlos Dinapoli Especialista en Mensajeria Ternium Siderar Microsoft.

No hay un límite para su crecimiento. Arquitectura de Transporte y Ruteo en Exchange 2007 Carlos Dinapoli Especialista en Mensajeria Ternium Siderar Microsoft.
© 2006 Microsoft Corporation. All rights reserved.

© 2006 Microsoft Corporation. All rights reserved.
Enchúlame la Máquina SQL Server 2005

Enchúlame la Máquina SQL Server 2005
Bienvenidos. Hasta el Vista Baby: Seguridad en Windows Vista Christian Linacre Asesor de Comunidades IT Microsoft Cono Sur.

Bienvenidos. Hasta el Vista Baby: Seguridad en Windows Vista Christian Linacre Asesor de Comunidades IT Microsoft Cono Sur.
Encriptación de Correo FrontBridge TLS Encrypted Tunnel Policy Enforcement: Encrypt Rule Key Server On-Premise Software Interrupted Mail Flow If corporate.

Encriptación de Correo FrontBridge TLS Encrypted Tunnel Policy Enforcement: Encrypt Rule Key Server On-Premise Software Interrupted Mail Flow If corporate.
Productividad personal Estar al día Colaboración Limitada.

Productividad personal Estar al día Colaboración Limitada.
Grupos de Trabajo 6 - Informe Working Group 6 – Report Transparency.

Grupos de Trabajo 6 - Informe Working Group 6 – Report Transparency.
USING THE INTERNET. 2 Concept 6.1 What Is the Internet? The Internet is millions of computers from all parts of the world connected so that they can communicate.

USING THE INTERNET. 2 Concept 6.1 What Is the Internet? The Internet is millions of computers from all parts of the world connected so that they can communicate.
OSPF Configuration IPs configured on a router / /24

OSPF Configuration IPs configured on a router / /24
Subnetting Class B Addresses and Troubleshooting IP Addressing COMP 417.

Subnetting Class B Addresses and Troubleshooting IP Addressing COMP 417.
Prof. Carlos Rodríguez Sánchez Texto: Networking A Beginners Guide Bruce Hallberg Introducción a la Seguridad en las Redes.

Prof. Carlos Rodríguez Sánchez Texto: Networking A Beginners Guide Bruce Hallberg Introducción a la Seguridad en las Redes.
PAT & NAT COMP 423. Network Address Translation/Port Address Translation Métodos de direccionamiento que hacen que las direcciones internas de un network.

PAT & NAT COMP 423. Network Address Translation/Port Address Translation Métodos de direccionamiento que hacen que las direcciones internas de un network.
Conexiones VPN usando RouterOS

Conexiones VPN usando RouterOS

Presentaciones similares

Anuncios Google