Tuesday, March 8, 2011

Service account generally have a higher authority

Large inventory of security features of Windows7 (2)

1. Direct Access
Direct Acces is a new feature of Windows 7. With this feature, users can  high-speed, secure access to the company's resources behind a firewall directly without the need to establish VPN.
Direct Access function has overcome many limitations of VPN, it can use IPv6 to connect the network with the company network client. And it can use IPSec to authenticate between computers.
The main advantage of direct access is to improve employee's productivity and  easier to manage the remote users.
2. Managed Service Accounts (Service Account Management)
Service account generally have a higher authority, also led to the difficult to manage it. The most common and easiest way to protect the security is to change your password frequently. And to avoid losses after the password is lost. However, it's necessary to unified the management because modify the service account is very complicated.
And similar with the DirectAccess, the service account management model also includes updates, PowerShell2 and a series of operations.

No comments:

Post a Comment