Windows Server 中的安全和保障Security and Assurance in Windows Server

适用于:Windows Server(半年频道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016


要查找有关较旧版 Windows Server 的信息?Looking for information about older versions of Windows Server? 在 上查看我们的其他 Windows Server 库Check out our other Windows Server libraries on 也可以搜索此站点了解具体信息。You can also search this site for specific information.

Icon representing a lock 你可以依靠内置于操作系统的新保护层进一步防止出现安全漏洞。You can rely on new layers of protection built into the operating system to further safeguard against security breaches. 帮助阻止恶意攻击并提高虚拟机、应用程序和数据的安全性。Help block malicious attacks and enhance the security of your virtual machines, applications, and data.

Windows Server 安全博客文章Windows Server Security Blog Post

Windows Server 安全团队的这篇博客文章重点介绍了 Windows Servers 中可以提高托管和混合云环境的安全的许多改进。This blog post from the Windows Server security team highlights many of the improvements in Windows Server that increase security for hosting and hybrid cloud environments.

数据中心和私有云安全博客Datacenter and Private Cloud Security Blog

这是来自 Microsoft 数据中心和私有云安全团队的技术内容的中心博客站点。This is the central blog site for technical content from the Microsoft Datacenter and Private Cloud Security team.

应对新兴威胁和横向转移Addressing emerging threats and landscape shifts

在这段时长 6 分钟的视频中,Anders Vinberg 概述了 Microsoft 的安全和保障策略,并讨论了与安全相关的行业趋势和横向转移。In this 6-minute video, Anders Vinberg provides an overview of Microsoft's security and assurance strategy, and discusses industry trends and landscape shifts as they relate to security. 随后重点讨论了通过基础构造保护工作负荷,以及防止从特权帐户发起的直接攻击等 Microsoft 主要计划。He then focuses on Microsoft's key initiatives to protect workloads from the underlying fabric, and protect against direct attacks from privileged accounts. 最后,他介绍了在出现漏洞的情况下,如何利用新的检测和取证功能来帮助更好地识别威胁。Finally, in case of breach, he explains how new detection and forensic capabilities can help better identify the threat.

保护你的数据中心和云免受新兴威胁博客文章Protecting Your Datacenter and Cloud from Emerging Threats blog post

这篇博客文章讨论了如何使用 Microsoft 技术保护你的数据中心和云投资免受新兴威胁。This blog post discusses how you can use Microsoft technologies to protect your datacenter and cloud investments from emerging threats.

Ignite 的安全和保障概述会议Security and Assurance Overview session at Ignite

此 Ignite 会话解决了持续威胁、内部违规、有组织的网络犯罪以及保护 Microsoft 云平台(本地服务以及使用 Azure 的连接的服务)。This Ignite session addresses persistent threats, insider breaches, organized cybercrime, and securing the Microsoft Cloud Platform (on-premises and connected services with Azure). 它包括用于保护工作负荷、大型企业租户和服务提供商的方案。It includes scenarios for securing workloads, large enterprise tenants, and service providers.

使用受防护的 VM 保障虚拟化Secure virtualization with Shielded VMs

频道 9 中的受防护的 VMShielded VM in Channel 9

受防护的虚拟机技术演练和权益。A walkthrough of Shielded VM technology and benefits.

受防护的 VM 演示Shielded VM Demo

这段时长 4 分钟的视频介绍了受防护的 VM 的价值以及受防护的 VM 和未受防护的 VM 之间的区别。This 4-minute video describes the value of shielded VMs and the differences between a shielded VM and a non-shielded VM.

[Windows Server 中受防护的虚拟机视频演练Shielded Virtual Machines in Windows Server video walkthrough]( Virtual Machines in Windows Server.htm)

本视频演练介绍主机保护者服务如何启用受防护的虚拟机,以便防止 Hyper-V 主机管理员对敏感数据进行未授权的访问。This video walkthrough shows how the Host Guardian Service enables shielded virtual machines so that sensitive data is protected from unauthorized access by Hyper-V host administrators.

增强构造:保护 Hyper-V 中的租户密钥(Ignite 视频)Harden the Fabric: Protecting Tenant Secrets in Hyper-V (Ignite Video)

此 Ignite 演示讨论了 Hyper-V 中的改进、Virtual Machine Manager 以及启用受防护的虚拟机的新主机保护者服务器角色。This Ignite presentation discusses enhancements in Hyper-V, Virtual Machine Manager, and a new Host Guardian Server role to enable shielded VMs.

受保护的构造部署指南Guarded Fabric Deployment Guide

本指南提供用于受保护的构造主机和受防护的 VM 的 Windows Server 和 System Center Virtual Machine Manager 的安装和验证信息。This guide provides installation and validation information for Windows Server and System Center Virtual Machine Manager for Guarded Fabric Hosts and Shielded VMs.

分支机构中的受防护的虚拟机和受保护的构造Shielded VM and Guarded Fabric in Branch Offices

本指南提供在分支机构和其他远程场景(Hyper-V 主机在一段时间内与 HGS 的连接受限)中运行受防护的虚拟机的最佳做法。This guide provides best practices for running shielded virtual machines in branch offices and other remote scenarios where Hyper-V hosts may have periods of time with limited connectivity to HGS.

受防护的 VM 和受保护的构造故障排除指南Shielded VM and Guarded Fabric Troubleshooting Guide

本指南提供有关如何解决在受防护的 VM 环境中可能遇到的问题的信息。This guide provides information about how to resolve issues you may encounter in your Shielded VM environment.

受防护的 VM 文章Shielded VM Article

本白皮书概述了受防护的 VM 如何提供增强的总体安全性以防止篡改。This white paper provides an overview of how shielded VMs provide increased overall security to prevent tampering.

保护 Windows 和 Microsoft Azure Active DirectoryPrivileged Access Management

保护特权访问Securing Privileged Access

有关如何保护特权访问的道路地图。A road-map for how you can secure your privileged access. 此道路地图基于服务器安全团队、Microsoft IT、Azure 团队和 Microsoft 咨询服务部门的综合专业知识建立而成This road-map is built based on the combined expertise of the server security team, Microsoft IT, Azure team and the Microsoft Consulting Services

使用 Microsoft Identity Manager 进行恰时管理Just in Time Administration with Microsoft Identity Manager

本文讨论 Microsoft Identity Manager 中所包含的特性和功能,包括对实时 (JIT) 特权访问管理的支持。This article discusses features and capabilities included in Microsoft Identity Manager, including support for Just In Time (JIT) Privileged Access Management.

使用 Privileged Access Management 保护 Windows 和 Microsoft Azure Active DirectoryProtecting Windows and Microsoft Azure Active Directory with Privileged Access Management

此 Ignite 演示文稿介绍用于解决通过更强的身份验证进行管理员访问的风险,以及使用实时和 Just Enough Administration (JEA) 管理访问的 Windows Server、PowerShell、Active Directory、Identity Manager 和 Azure Active Directory 中的 Microsoft 策略和投资。This Ignite presentation covers Microsoft's strategy and investments in Windows Server, PowerShell, Active Directory, Identity Manager, and Azure Active Directory for addressing the risks of administrator access through stronger authentication, and managing access using Just in Time and Just Enough Administration (JEA).

Just Enough Administration 文章Just Enough Administration Article

本文档分享 Just Enough Administration 的愿景和技术详细信息,这是一个 PowerShell 工具包,旨在帮助组织通过限制操作员仅具有执行特定任务所需的访问权限来降低风险。This document shares the vision and technical details of Just Enough Administration, a PowerShell toolkit designed to help organizations reduce risk by restricting operators to the only access required to perform specific tasks.

Just Enough Administration 演示视频Just Enough Administration demo video

Just Enough Administration 演示演练。Just Enough Administration demo walkthrough.

凭据保护Credential Protection

使用 Credential Guard 保护派生的域凭据Protect derived domain credentials with Credential Guard

凭据保护使用基于虚拟化的安全性来隔离密钥,以便只有特权系统软件可以访问它们。Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. 对这些机密的未经授权访问可能会导致凭据盗窃攻击,例如哈希传递或票证传递。Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. 凭据保护可通过保护 NTLM 密码哈希和 Kerberos 票证授予票证防止这些攻击。Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets.

使用远程 Credential Guard 来保护远程桌面凭据Protect Remote Desktop credentials with Remote Credential Guard

远程凭据保护可通过将 Kerberos 请求重定向回请求连接的设备,通过远程桌面连接帮助保护凭据。Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that's requesting the connection. 它还提供远程桌面会话的单一登录体验。It also provides single sign on experiences for Remote Desktop sessions. |

Credential Guard 演示视频Credential Guard demo video

这段时长 5 分钟的视频演示了 Credential Guard 和远程 Credential Guard。This 5-minute video demos Credential Guard and Remote Credential Guard.

强化的操作系统和应用程序Hardening the OS and applications

Windows Defender 应用程序控制 (WDAC) 部署指南Windows Defender Application Control (WDAC) Deployment Guide

WDAC 是可配置代码完整性 (CI) 策略,有助于企业控制其环境中运行的应用程序,但除了运行 Windows 10 之外没有具体的硬件或软件要求。WDAC is configurable code integrity (CI) policy that helps enterprises control what applications run in their environmemnt and carries no specific hardware or software requirements other than running Windows 10.

Device Guard 演示视频Device Guard demo video

Device Guard 是 WDAC 和虚拟机监控程序保护的代码完整性 (HVCI) 的组合。Device Guard is a combination of WDAC and Hypervisor-protected code integrity (HVCI). 这段时长 7 分钟的视频展示了 Device Guard 及其在 Windows Server 上的使用。This 7-minute video presents Device Guard and its usage on Windows Server.

传输层安全性注册表设置Transport Layer Security Registry Settings

支持用于传输层安全性 (TLS) 协议和安全套接字层 (SSL) 协议的 Windows 实现的注册表设置信息。Supported registry setting information for the Windows implementation of the Transport Layer Security (TLS) protocol and the Secure Sockets Layer (SSL) protocol.

控制流保护Control Flow Guard

控制流防护针对一些类的内存损坏攻击提供内置保护。Control Flow Guard provides built-in protection against some classes of memory corruption attacks.

Windows DefenderWindows Defender

Windows Defender 提供阻止已知恶意软件的活动检测功能。Windows Defender provides active detection capabilities to block known malware. Windows Defender 默认开启且经过优化,可在 Windows Server 中支持各种服务器角色。Windows Defender is turned on by default and is optimized to support the various server roles in Windows Server.

检测和响应威胁Detecting and Responding to Threats

使用 Microsoft Operations Management Suite 的安全威胁分析Security Threat Analysis Using Microsoft Operations Management Suite

此 Ignite 演示文稿讨论如何使用操作见解执行安全威胁分析。This Ignite presentation discusses how you can use Operational Insights to perform security threat analysis.

Microsoft Operations Management Suite (OMS)Microsoft Operations Management Suite (OMS)

Microsoft Operations Management Suite (OMS) 安全和审核解决方案处理本地和云环境中的安全日志和防火墙事件以分析和检测恶意行为。The Microsoft Operations Management Suite (OMS) Security and Audit solution processes security logs and firewall events from on-premises and cloud environments to analyze and detect malicious behavior.

OMS 和 Windows ServerOMS and Windows Server

这段时长 3 分钟的视频演示 OMS 如何可以帮助检测 Windows Server 阻止的潜在的恶意行为。This 3-minute video shows how OMS can help detect potential malicious behavior that is blocked by Windows Server.

Microsoft 高级威胁分析Microsoft Advanced Threat Analytics

这篇博客文章讨论了 Microsoft 高级威胁分析,这是一种本地产品,可使用 Active Directory 网络流量和 SIEM 数据发现潜在威胁并发出警报。This blog post discusses Microsoft Advanced Threat Analytics, an on-premises product that uses Active Directory network traffic and SIEM data to discover and alert on potential threats.

Microsoft 高级威胁分析Microsoft Advanced Threat Analytics

这个 3 分钟的视频概述了 Microsoft 如何在 Windows Server 中添加威胁分析功能。This 3-minute video presents an overview of how Microsoft is adding threat analytics capabilities in Windows Server. |

网络安全性Network Security

数据中心防火墙概述Datacenter Firewall Overview

本概述介绍了数据中心防火墙、网络层、5 元组(协议、源端口号、目标端口号、源 IP 地址和目标 IP 地址)、有状态的多租户防火墙。This overview discusses Datacenter Firewall, a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall.

Windows Server 中 DNS 的新增功能What's New in DNS in Windows Server

本概述主题简要描述了 DNS 中的新增功能以及详细信息的链接。This overview topic provides brief descriptions of new capabilities in DNS, along with links for more information.

将安全功能映射到合规性法规Mapping security features to compliance regulations

合规性是安全功能的一个重要方面。Compliance is an important aspect of security features. 对于如何实现合规性以及对受信任的合规性顾问而言合规性是什么,我们同意专家就此提出的建议,但我们也希望提供初始映射,以便在评估 Windows Server 时能够使用。We leave the expert advice on how to achieve your compliance and what compliance looks like to your trusted compliance advisers, but we also want to provide initial mapping for you to be able to use when evaluating Windows Server.