Table of contents
TOC
Collapse the table of content
Expand the table of content

Security and Assurance in Windows Server 2016

Corey Plett|Last Updated: 11/16/2016

Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Icon representing a lock Rely on new layers of protection built into the operating system to further safeguard against security breaches. Help block malicious attacks and enhance the security of your virtual machines, applications, and data.





Windows Server 2016 Security Blog Post

This blog post from the Windows Server security team highlights many of the improvements in Windows Servers 2016 that increase security for hosting and hybrid cloud environments.

Datacenter and Private Cloud Security Blog

This is the central blog site for technical content from the Microsoft Datacenter and Private Cloud Security team.

Addressing emerging threats and landscape shifts

In this 6-minute video, Anders Vinberg provides an overview of Microsoft's security and assurance strategy, and discusses industry trends and landscape shifts as they relate to security. He then focuses on Microsoft's key initiatives to protect workloads from the underlying fabric, and protect against direct attacks from privileged accounts. Finally, in case of breach, he explains how new detection and forensic capabilities can help better identify the threat.

Protecting Your Datacenter and Cloud from Emerging Threats blog post

This blog post discusses how you can use Microsoft technologies to protect your datacenter and cloud investments from emerging threats.

Security and Assurance Overview session at Ignite 2015

This Ignite session addresses persistent threats, insider breaches, organized cybercrime, and securing the Microsoft Cloud Platform (on-premises and connected services with Azure). It includes scenarios for securing workloads, large enterprise tenants, and service providers.

Secure virtualization with Shielded VMs

Shielded VM in Channel 9

A walkthrough of Shielded VM technology and benefits

Shielded VM Demo

This 4-minute video describes the value of shielded VMs and the differences between a shielded VM and a non-shielded VM.

Shielded Virtual Machines in Windows Server video walkthrough

This video walkthrough shows how the Host Guardian Service, a new role available in Windows Server 2016, enables shielded virtual machines so that sensitive data is protected from unauthorized access by Hyper-V host administrators.

Harden the Fabric: Protecting Tenant Secrets in Hyper-V (Ignite Video)

This Ignite presentation discusses enhancements in Hyper-V, Virtual Machine Manager, and a new Guardian Server role to enable shielded VMs.

Guarded Fabric Deployment Guide

This guide provides installation and validation information for Windows Server 2016 and System Center Virtual Machine Manager for Guarded Fabric Hosts and Shielded VMs.

Shielded VM and Guarded Fabric Operations Guide

This guide provides best practices and recommendations for how to configure your Shielded VM environment, including information specific to Guarded Hosts and tenants.

Shielded VM and Guarded Fabric Troubleshooting Guide

This guide provides information about how to resolve issues you may encounter in your Shielded VM environment.

Shielded VM Article

This white paper provides an overview of how shielded VMs provide increased overall security to prevent tampering.

Privileged Access Management

Securing Privileged Access

A road-map for how you can secure your privileged access. This road-map is built based on the combined expertise of the server security team, Microsoft IT, Azure team and the Microsoft Consulting Services

Just in Time Administration with Microsoft Identity Manager

This article discusses features and capabilities included in Microsoft Identity Manager, including support for Just In Time (JIT) Privileged Access Management.

Protecting Windows and Microsoft Azure Active Directory with Privileged Access Management

This Ignite presentation covers Microsoft's strategy and investments in Windows Server, PowerShell, Active Directory, Identity Manager, and Azure Active Directory for addressing the risks of administrator access through stronger authentication, and managing access using Just in Time and Just Enough Administration (JEA).

Just Enough Administration Article

This document shares the vision and technical details of Just Enough Administration, a PowerShell toolkit designed to help organizations reduce risk by restricting operators to the only access required to perform specific tasks.

Just Enough Administration demo video

Just Enough Administration demo walk through

Credential Protection

Protect derived domain credentials with Credential Guard

Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets.

Protect Remote Desktop credentials with Remote Credential Guard

Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that's requesting the connection. It also provides single sign on experiences for Remote Desktop sessions. |

Credential Guard demo video

This 5-minute video demos Credential Guard and Remote Credential Guard

Hardening the OS and applications

Device Guard Deployment Guide

Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications that you define in your code integrity.

Device Guard demo video

This 7-minute video presents Device Guard and its usage on Windows Server 2016

Control Flow Guard

Control Flow Guard provides built-in protection against some classes of memory corruption attacks.

Windows Defender

Windows Defender provides active detection capabilities to block known malware. Windows Defender is turned on by default and is optimized to support the various server roles in Windows Server 2016.

Detecting and Responding to Threats

Security Threat Analysis Using Microsoft Operations Management Suite

This Ignite presentation discusses how you can use Operational Insights to perform security threat analysis.

Microsoft Operations Management Suite (OMS)

The Microsoft Operations Management Suite (OMS) Security and Audit solution processes security logs and firewall events from on-premises and cloud environments to analyze and detect malicious behavior.

OMS and Windows Server 2016

This 3-minute video shows how OMS can help detect potential malicious behavior that is blocked by Windows Server 2016

Microsoft Advanced Threat Analytics

This blog post discusses Microsoft Advanced Threat Analytics, an on-premises product that uses Active Directory network traffic and SIEM data to discover and alert on potential threats.

Microsoft Advanced Threat Analytics

This 3-minute video presents an overview of how Microsoft is adding threat analytics capabilities in Windows Server 2016. |

Network Security

Datacenter Firewall Overview

This overview discusses Datacenter Firewall, a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall.

What's New in DNS in Windows Server 2016

This overview topic provides brief descriptions of new capabilities in DNS, along with links for more information.

Mapping security features to compliance regulations

Compliance is an important aspect of security features. We leave the expert advice on how to achieve your compliance and what compliance looks like to your trusted compliance advisers, but we also want to provide initial mapping for you to be able to use when evaluating Windows Server 2016.

© 2017 Microsoft