Learn iT! Technology Kickoff 2009
advertisement
Learn iT! Technology Kickoff 2009 A First Look at Windows 7 Jennelle Crothers jennelle@pacitpros.org Learn iT! Technology Kickoff 2009 System Requirements • The Basics – – – – – 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit) 16 GB available hard disk space (32-bit) or 20 GB (64-bit) DirectX 9 graphics device with WDDM 1.0 or higher driver The average netbook meets these requirements. • Extras – BitLocker requires Trusted Platform Module (TPM) 1.2 – BitLocker To Go requires a USB flash drive – Windows XP Mode requires an additional 1 GB of RAM, an additional 15 GB of available hard disk space, and a processor capable of hardware virtualization with Intel VT or AMD-V turned on Learn iT! Technology Kickoff 2009 Windows 7 Versions • Starter – No Aero, No 64-bit • Home Basic – Emerging markets only • Home Premium – Areo, Media Center and Touch • Professional – No DirectAccess, BranchCache or Bitlocker • Enterprise – Supports all features, volume licensing only • Ultimate – Supports all features Learn iT! Technology Kickoff 2009 Learn iT! Technology Kickoff 2009 Productivity and Reliability • • • • • New Aero Features Libraries Instant Search XP Mode Performance and System Improvements – – – – Action Center Backup and Restore Problem Step Recorder Reliability Monitor Learn iT! Technology Kickoff 2009 Aero Features - The Mouse Got Better • Peek – move your mouse over the little transparent rectangle in the lower right corner of your screen—and watch open windows instantly turn transparent, revealing all your hidden icons and gadgets. • Shake – Click a window, hold down, and give your mouse a shake. Every open window except that one instantly disappears. Jiggle again—and your windows are back. • Snap – Size and arrange windows by simply dragging their borders to the edges of your screen. Expand to full screen and back, or arrange two windows side by side. Learn iT! Technology Kickoff 2009 Libraries – A Place for Everything • Consolidates files stored in multiple areas • Starts with precreated ones for documents, music, pictures and videos. • Quick and easy way to collect all your files in one area for viewing and backup Learn iT! Technology Kickoff 2009 Instant Search – Faster, More Accessible • Searches for file names, properties or text within files, and searches external hard drives, networked computers and libraries • Can search directly from the start menu • Results are grouped by category Learn iT! Technology Kickoff 2009 XP Mode – More Compatibility • Install applications on virtual Windows XP and run them on Windows 7 (transparent to the user) • Windows XP Mode requires Virtual PC and comes as a separate download and works only with Windows 7 Professional and Ultimate. • CPU must support virtualization • XP Mode machine can be joined to a domain for better control, but MED-V allows for more control for larger enterprises. Learn iT! Technology Kickoff 2009 Performance Improvements • Sleep – Windows 7 is designed to sleep, resume, and reconnect to your wireless network more quickly. • Search – Search results pop up faster. Sorting and grouping of search results is also significantly quicker. • USB devices – When you plug in a portable flash drive or other USB device for the first time, Windows 7 can have it ready for you in seconds. If you've used it before, the wait's even shorter. • Leaner and less busy – Windows 7 is designed to run speed-sapping background services (like Bluetooth) only when you need them. – Less memory hungry than Windows Vista, which can boost boost overall performance. Learn iT! Technology Kickoff 2009 Backup and System Restore • Backup and Restore your Data – Let Windows choose what to back up, or pick individual folders, libraries, or drives. – You can back up files to another drive, your network, or a DVD. Backup and Restore for your personal PC and attached DVD or external hard drives comes with all editions of Windows. – If you want to backup to a network location, network attached storage, or another computer on your network, you'll need Windows 7 Professional or Ultimate. • System Restore for OS Files and Settings – You can create more system restore points and see exactly what files will be removed or added when your PC is restored. Learn iT! Technology Kickoff 2009 Problem Step Recorder • Solving problems unique to a machine can be an arduous task for both the end-user and the help desk • The Problem Steps Recorder is a screen-capture tool that allows the end-user to record the problems they’re having step-by-step • The program is accessible from the Control Panel under “Record steps to reproduce a problem” or run psr.exe from Explorer Learn iT! Technology Kickoff 2009 Action Center • Action Center gives you one place to go to address system notifications and tasks. • If Windows wants your attention, the Action Center icon appears in the taskbar. Click it and you'll see alerts and suggested fixes for any problems. Learn iT! Technology Kickoff 2009 Reliability Monitor • Measures the hardware and software problems and other failures in the system • Tracks 5 kinds of issues: Software uninstalls, application failures, hardware failures, Windows failures, and other miscellaneous failures • Calculates the stability index of your system and specifies results in the range from 1-10 • Trending - an application failure will make , for the score will go down. The score will slowly rise after successive days with no issues. Learn iT! Technology Kickoff 2009 Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable. Fundamentally Secure Platform Windows Vista Foundation User Account Control Enhanced Auditing Securing Anywhere Access Network Security Network Access Protection DirectAccessTM Protect Users & Infrastructure AppLockerTM Internet Explorer 8 Data Recovery Protect Data from Unauthorized Viewing RMS EFS BitLockerTM Learn iT! Technology Kickoff 2009 User Account Control • Introduced in Windows Vista and improved in Windows 7- helps to avoid the need or desire to run everything as an Administrator. • Separated standard user privileges and tasks from those that require Administrator access • Increases security by enabling Administrators to make Standard User the default user account for everyday use Learn iT! Technology Kickoff 2009 Windows 7 Reduces “Prompt Fatigue” • Users express frustration with UAC prompts with Vista – How many is too many? – Because there were none in XP, some would say that “any” is “too many” • User habits: user needs to get used to some operations requiring privilege. – For any given UAC prompt, ask yourself “Would it be ok if malware silently did this to me?” – Windows 7 reduces the number of OS applications and tasks that require elevation – Windows 7 also reduces the number of prompts and provides 4 levels to adjust prompting behavior • Applications: need to stop using privilege unless truly necessary – File and registry virtualization helps applications that are not UAC compliant Learn iT! Technology Kickoff 2009 User Account Control System works for Standard User All users, including administrators, run as Standard User by default Administrators use full privilege only for administrative tasks or applications Challenges User provides explicit consent before using elevated privilege Disabling UAC removes protections, not just consent prompt Streamlined UAC Reduce the number of OS applications and tasks that require elevation Refactor applications into elevated/non-elevated pieces Flexible prompt behavior for administrators Customer Value Users can do even more as a standard user Administrators will see fewer UAC Elevation Prompts Learn iT! Technology Kickoff 2009 Security Enhancement - AppLocker AppLockerTM Users can install and run non-standard applications Even standard users can install some types of software Unauthorized applications may: Introduce malware Increase helpdesk calls Reduce user productivity Undermine compliance efforts Eliminate unwanted/unknown applications in your network Enforce application standardization within your organization Easily create and manage flexible rules using Group Policy Learn iT! Technology Kickoff 2009 AppLocker Features • • • Easy way to allow the programs you want and block the rest. Has more options than Software Restriction Policies which blocked software based on hashes or executable names. Rule creation tools & wizard which can automatically create rules based on software already installed. – Simple Rule Structure: Allow, Exception & Deny – Publisher Rules: Product Publisher, Name, Filename & Version – Multiple Policies - Executables, installers, scripts & DLLs • Audit only mode Learn iT! Technology Kickoff 2009 Using Simple Rules • Allow – • Deny – • Limit execution to “known good” and block everything else Deny “known bad” and allow execution of everything else Exception – Exclude files from allow/deny rule that would normally be included “Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft EXCEPT Microsoft Access.” Learn iT! Technology Kickoff 2009 Using Publisher Rules • • • Rules based upon application digital signatures Can specify application attributes Allow for rules that survive application updates “Allow all versions greater than 12 of the Office Suite to run if it is signed by the software publisher Microsoft.” Learn iT! Technology Kickoff 2009 Multiple Rule Types • Rule Types – – – – • • Executable Installer Script DLL Allows construction of rules beyond executable only solutions Provides greater flexibility and enhanced protection “Allow users to install updates for Office as long as it is signed by Microsoft and is for version 12.*” Learn iT! Technology Kickoff 2009 Rules Targeted by Users • • • Rules can be associated with any user or group Provides granular control of specific applications Supports compliance by enforcing who can run specific applications “Allow users in the Finance Department to run…” Learn iT! Technology Kickoff 2009 BitLocker and BitLocker-to-Go • Available in Ultimate and Enterprise versions • Encrypts the entire disk drive, even non-boot partitions • Doesn’t require the creation of a special partition like Vista, Windows 7 does that automatically at setup • BitLocker-to-Go encrypts removable storage devices like USB flash drives and external hard drives. • Create group policies to mandate the use of encryption and block unencrypted drives Learn iT! Technology Kickoff 2009 Evolving Needs for Remote Workers Mobile & Remote Work-Force needs: • Work anywhere • Fast access • Same experience inside and outside the office IT Professional needs: • Secure and flexible infrastructure for “work anywhere” • Reduce costs • Easy to service mobile PCs and distribute updates and polices Learn iT! Technology Kickoff 2009 Remote Access for Mobile Workers Situation Today Windows 7 Solution DirectAccess Office Home • Challenging for IT to manage, update, • patch mobile PCs while disconnected from company network Difficult for users to access corporate resources from outside the office Office Home • Corporate network boundary • • includes managed assets no matter where they are on the Internet Easy to service mobile PCs and distribute updates and polices New network paradigm increases mobile user productivity by providing same experience inside & outside the office Learn iT! Technology Kickoff 2009 Even Better with Server 2008 R2 -DirectAccess • The DirectAccess Setup wizard uses these Group Policy settings to configure DirectAccess clients with the DirectAccess server. • DirectAccess leverages end-to-end global IPv6 addressing and connectivity to transparently connect remote computers to an intranet as if they were connected with an Ethernet cable. • DirectAccess clients running Windows 7 automatically create a protected and tunneled IPv6 connection to a DirectAccess server running Windows Server 2008 R2 whenever a client determines it is on the Internet. Learn iT! Technology Kickoff 2009 Direct Access Components Server • • • • • Runs on Windows Server 2008 R2 Sits on network edge Single box by default Services can be split up for scalability IPv6 infrastructure is required Client • • • Runs on Windows 7 Domain-joined Initial configuration done on Corpnet or over VPN Learn iT! Technology Kickoff 2009 Questions? Learn iT! Technology Kickoff 2009 About Jennelle Crothers • Jennelle Crothers is a Sr. Network Administrator for The Conservation & Liquidation Office. Jennelle migrates, maintains and supports multiple Microsoft AD configurations due to the function of the Conservation & Liquidation Office which is to serve in receivership insolvent insurance companies in the State of California. • She is actively involved in Pacific IT Professionals (formerly SFNTUG). • Jennelle is a Microsoft Certified Systems Engineer (MCSE): Messaging, a MCITP: Enterprise Administrator and an MCTS for Virtualization, Windows 7 and Exchange 2007. She graduated from Trenton State College in 1996 with a BS in Education. • When she is not playing on server equipment she enjoys raising dogs for Guide Dogs for the Blind. She is married to her wonderful husband Dennis and they live together in San Francisco, CA. Learn iT! Technology Kickoff 2009 Thank you for attending our Technology Kickoff What’s Next? Look for us to be in touch next week with links to the following: • Resources discussed in the presentation • Access to the PowerPoint presentations Coming soon: • Information about webinar presentations for all the subjects we presented this evening.
