With the release of Microsoft's Vista operating system, network and security administrators have much more flexibility in centrally managing workstations. The following are four changes I consider very important for network security administrators:
- It's now possible to configure wired connections to require 802.1x for authentication.
- Instead of allowing users to connect to any available wireless network, administrators can centrally configure workstations to connect only to an approved list of SSIDs.
- Network Access Protection (NAP) is supported. NAP is Microsoft's approach to ensuring that only systems that comply with business and security policies are allowed to connect to the production network. NAP configuration can be managed through GPO settings.
- Windows Firewall with Advanced Security is more easily managed. Using GPOs, security administrators can configure firewall settings by computer or by groups of computers.
Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be published in Q1/2013). Before joining the private sector, he served 10 years in the United States Army Military Police with four years as a military police investigator. He has an MBA and CISSP certification. He is also an online instructor for the University of Phoenix.