Security and Assurance in Windows Server
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016
Tip
Looking for information about older versions of Windows Server? Check out our other Windows Server libraries. You can also search this site for specific information.
You can rely on new layers of protection built into the operating system to further safeguard against security breaches. Help block malicious attacks and enhance the security of your virtual machines, applications, and data.
Windows Server Security Blog Post
This blog post from the Windows Server security team highlights many of the improvements in Windows Server that increase security for hosting and hybrid cloud environments.
Datacenter and Private Cloud Security Blog
This is the central blog site for technical content from the Microsoft Datacenter and Private Cloud Security team.
Addressing emerging threats and landscape shifts
In this 6-minute video, Anders Vinberg provides an overview of Microsoft's security and assurance strategy, and discusses industry trends and landscape shifts as they relate to security. He then focuses on Microsoft's key initiatives to protect workloads from the underlying fabric, and protect against direct attacks from privileged accounts. Finally, in case of breach, he explains how new detection and forensic capabilities can help better identify the threat.
Protecting Your Datacenter and Cloud from Emerging Threats blog post
This blog post discusses how you can use Microsoft technologies to protect your datacenter and cloud investments from emerging threats.
Security and Assurance Overview session at Ignite
This Ignite session addresses persistent threats, insider breaches, organized cybercrime, and securing the Microsoft Cloud Platform (on-premises and connected services with Azure). It includes scenarios for securing workloads, large enterprise tenants, and service providers.
Secure virtualization with Shielded VMs
Shielded VM in Channel 9
A walkthrough of Shielded VM technology and benefits.
Shielded VM Demo
This 4-minute video describes the value of shielded VMs and the differences between a shielded VM and a non-shielded VM.
Shielded Virtual Machines in Windows Server video walkthrough
This video walkthrough shows how the Host Guardian Service enables shielded virtual machines so that sensitive data is protected from unauthorized access by Hyper-V host administrators.
Harden the Fabric: Protecting Tenant Secrets in Hyper-V (Ignite Video)
This Ignite presentation discusses enhancements in Hyper-V, Virtual Machine Manager, and a new Host Guardian Server role to enable shielded VMs.
Guarded Fabric Deployment Guide
This guide provides installation and validation information for Windows Server and System Center Virtual Machine Manager for Guarded Fabric Hosts and Shielded VMs.
Shielded VM and Guarded Fabric in Branch Offices
This guide provides best practices for running shielded virtual machines in branch offices and other remote scenarios where Hyper-V hosts may have periods of time with limited connectivity to HGS.
Shielded VM and Guarded Fabric Troubleshooting Guide
This guide provides information about how to resolve issues you may encounter in your Shielded VM environment.
Shielded VM Article
This white paper provides an overview of how shielded VMs provide increased overall security to prevent tampering.
Privileged Access Management
Securing Privileged Access
A road-map for how you can secure your privileged access. This road-map is built based on the combined expertise of the server security team, Microsoft IT, Azure team and the Microsoft Consulting Services
Just in Time Administration with Microsoft Identity Manager
This article discusses features and capabilities included in Microsoft Identity Manager, including support for Just In Time (JIT) Privileged Access Management.
Protecting Windows and Microsoft Entra ID with Privileged Access Management
This Ignite presentation covers Microsoft's strategy and investments in Windows Server, PowerShell, Active Directory, Identity Manager, and Microsoft Entra ID for addressing the risks of administrator access through stronger authentication, and managing access using Just in Time and Just Enough Administration (JEA).
Just Enough Administration Article
This document shares the vision and technical details of Just Enough Administration, a PowerShell toolkit designed to help organizations reduce risk by restricting operators to the only access required to perform specific tasks.
Just Enough Administration demo video
Just Enough Administration demo walkthrough.
Credential Protection
Protect derived domain credentials with Credential Guard
Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets.
Protect Remote Desktop credentials with Remote Credential Guard
Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that's requesting the connection. It also provides single sign on experiences for Remote Desktop sessions. |
Credential Guard demo video
This 5-minute video demos Credential Guard and Remote Credential Guard.
Hardening the OS and applications
Windows Defender Application Control (WDAC) Deployment Guide
WDAC is configurable code integrity (CI) policy that helps enterprises control what applications run in their environmemnt and carries no specific hardware or software requirements other than running Windows 10.
Device Guard demo video
Device Guard is a combination of WDAC and Hypervisor-protected code integrity (HVCI). This 7-minute video presents Device Guard and its usage on Windows Server.
Transport Layer Security Registry Settings
Supported registry setting information for the Windows implementation of the Transport Layer Security (TLS) protocol and the Secure Sockets Layer (SSL) protocol.
Control Flow Guard
Control Flow Guard provides built-in protection against some classes of memory corruption attacks.
Windows Defender
Windows Defender provides active detection capabilities to block known malware. Windows Defender is turned on by default and is optimized to support the various server roles in Windows Server.
Detecting and Responding to Threats
Security Threat Analysis Using Microsoft Operations Management Suite
This Ignite presentation discusses how you can use Operational Insights to perform security threat analysis.
Microsoft Operations Management Suite (OMS)
The Microsoft Operations Management Suite (OMS) Security and Audit solution processes security logs and firewall events from on-premises and cloud environments to analyze and detect malicious behavior.
OMS and Windows Server
This 3-minute video shows how OMS can help detect potential malicious behavior that is blocked by Windows Server.
Microsoft Advanced Threat Analytics
This blog post discusses Microsoft Advanced Threat Analytics, an on-premises product that uses Active Directory network traffic and SIEM data to discover and alert on potential threats.
Microsoft Advanced Threat Analytics
This 3-minute video presents an overview of how Microsoft is adding threat analytics capabilities in Windows Server. |
Network Security
Datacenter Firewall Overview
This overview discusses Datacenter Firewall, a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall.
What's New in DNS in Windows Server
This overview topic provides brief descriptions of new capabilities in DNS, along with links for more information.
Mapping security features to compliance regulations
Compliance is an important aspect of security features. We leave the expert advice on how to achieve your compliance and what compliance looks like to your trusted compliance advisers, but we also want to provide initial mapping for you to be able to use when evaluating Windows Server.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for