• Windows Server 2016 Security

    Windows Server 2016 gives you the power to prevent attacks and detect suspicious activity with new
    features to control privileged access, protect virtual machines (VMs), and harden the platform against
    emerging threats. Here’s what Windows Server 2016 can do for you:

    - Prevent the risk associated with compromised administrative credentials
    Using the new privileged identity management features, you can limit access to Just Enough and
    Just-in-Time 1. And, using Credential Guard, you can prevent administrative credentials from being stolen by Pass-the-Hash attacks.

    - Protect your VMs from compromised fabric administrators by using shielded VMs
    A shielded VM is a Generation 2 VM that has a virtual Trusted Platform Module (TPM), is encrypted by using BitLocker, and can run only on approved hosts in the fabric.

    - Reduce your datacenter footprint and increase availability with just-enough OS.
    The new Nano Server deployment option is 25 times smaller than Windows Server, while still
    offering a desktop experience. This minimizes the attack surface, increases availability, and reduces deployment time, resource usage, and startup time.

    - Add even more protection to every deployment of Windows Server 2016.
    Whether you’re running in any cloud or on-premises, you can take advantage of additional security features such as Code Integrity and Control Flow Guard to ensure that only permitted binaries are run and protect against unknown vulnerabilities.

    - Detect malicious behavior through enhanced security auditing optimized for threat detection.
    Using new audit categories for group membership and PNP to identify and add additional information to audit events, administrators can dive deeper than ever to discover new threats

    - Defend against malware attacks by using the built-in antimalware
    Windows Defender is now included in Windows Server 2016 and optimized to support the various
    server roles and integrate with Windows PowerShell for malware scanning.

    - Limit exposure in case of a security intrusion
    If you were to suffer a security breach, Windows Server 2016 can limit the exposure by
    segmenting your network based on workload or business needs using a distributed firewall and network security groups. You can apply rich policies within and across segments.

    - Use Hyper-V Containers for a unique additional level of isolation for containerized applications
    without any changes to the container image.
    Hyper-V containers provide isolation at the hardware level, giving administrators the peace of
    mind that they have come to appreciate with hardware-based virtualization protection as it
    incorporates the same isolation methods.

    Soure of Information : Microsoft Inroduction Windows Server 2016


0 comments:

Leave a Reply

Subscribe to: Post Comments (Atom)