First session was about Windows 7. A few new things, but evolutionary not revolutionary (tick that one off!)
One key technology is "DirectAccess" - need to get more information about this but apparently this, when used in conjunction with Windows Server 2008 R2, will allow seamless and secure access to corporate networks without needing a VPN. I have my doubts on what their definition of "secure" is, but will research further while I'm here.
Bitlocker encryption is being extended to removable disks/USB drives, and can be enforced by group policy - you can prevent a user writing to a USB device unless it's BitLocker protected. Someone should tell the UK Government this. Another advantage, of course, is that recovery keys can be backed up to Active Directory for easy recovery in the event of a forgotten password.
They've also made the Application controls (allowing only whitelisted applications) more flexible, - still could be a nightmare to implement first time, but would help prevent users from self-installing apps down the track.
Subscribe to:
Post Comments (Atom)
Posts
4 comments:
I think it is RPC over https (like people can use with Exchange now)tied with NAP in W2K8, but I could be wrong, it does look interesting though.
Are you seeing any compellign business reason to go Win 7 over Vista? Or indeed XP?
Nothing really compelling as yet.
The BitLocker stuff is nice, but you can do USB level encryption with TrueCrypt or PGPDisk at the moment. Having it integrated into the OS is nice, but not in itself a complete business case.
The other thing which might make it worthwhile is that they've supposedly made a lot more performance improvements for VDI-like implementations. (Which, in the surface, suggests that they've built the later version of RDP protocol in there.) It now has microphone support, which means you could use an IP Softphone over a remote desktop link.
Just a follow up to that - had a chat with some other people here and one "compelling" (maybe) reason to move to Vitsa or Win7 would be that, in conjuction with Server 2008 we'd be using SMB v2 which does have a lot of performance benefits.
TrueCrypt doesn't restrict you to the Microsoft environment either - a consideration if we may use a proportion of non-Windows hardware in the future.
Post a Comment