Now, when it comes to Windows 7, Microsoft has lowered UAC's control functions (but has not relaxed its focus on security) and added security features that are more beneficial to end users and in many ways. System security administrator. Let's take a look at the following.
Application Control Strategy
A new security feature introduced in Windows 7 is AppLocker, which controls the installation and use of applications in the enterprise to ensure security. Keep in mind that AppLocker is only included in the Ultimate and Enterprise editions of Windows 7, in order to work closely with Windows Server 2008 R2.
AppLocker allows you to create rules through attributes such as digital signatures of files. These rules can be used to control user access and the use of any type of executable. Of course, as a flexible tool, you can use AppLocker to create exception rules. You can apply the rules to the entire security team, or more precisely to create rules for individual users. To learn more about AppLocker, you can check out the demo on the Microsoft TechNet website.
BitLocker and BitLocker To Go
BitLocker was introduced in Windows Vista and is now also available in Windows 7, as a security feature that prevents unauthorized access to the desktop system. And data leakage in lost/stolen laptops. As we all know, BitLocker's Encrypting File System (EFS) has reached a new level of functionality, using hardware-level encryption on the hard disk, which not only protects the actual data files, but even system files can be included, including temporary files. Data blocks such as swap files and hibernation files.
In Windows 7, BitLocker's functionality has been further extended, and with the new BitLocker To Go, it now supports mobile storage (USB flash drive) protection. This means that USB flash drives that are very easy to lose now do not present a risk of data leakage.
Remember, BitLocker and BitLocker To Go are only included in the Ultimate and Enterprise versions of Windows 7. If you want to learn more about BitLocker and BitLocker To Go, you can check out the demo on the Microsoft TechNet website.
User Account Control
It is well known that in Vista, user account control is not very popular; but for Vista, it is still an important security tool, "You are sure The prompt can prevent malware from running due to negligence, and permission control can be used to prevent potentially risky processes. In Windows 7, UAC has been improved and is easier to use.
For example, some types of tasks can now be approved by standard users without the intervention of system administrators, which can reduce the number of prompts, provide convenience for end users, and reduce the burden on system administrators. And, listening to the call from the administrator, a professional system administrator can adjust the UAC level or even close it in the control panel. In addition, new local security policies can be used for UAC prompts to local system administrators and standard users.
ActiveX Control Installation Service
As we all know, ActiveX control is a self-registered COM used by Internet Explorer, Office and Windows Media Player to provide users with a more interactive experience. Since ActiveX controls are usually distributed in .cab files, users of standard accounts do not have permission to install them. However, in Windows 7, the new ActiveX Control Installation Service is enabled by default, which helps system administrators to more easily deploy sites configured with trusted site zones by using Group Policy, without intervention. Install ActiveX controls. This reduces unnecessary time for unnecessary phone support and operations such as re-packaging and distributing the required ActiveX controls.
The new direct access feature of Windows 7 is tightly integrated with Windows Server 2008 R2, making enterprise networks without VPNs more convenient for end users. As long as the direct access function is used, a secure two-way connection between the mobile system and the corporate network can be automatically established, and the mobile worker can securely connect to any location on the corporate network via the Internet without relying on the VPN. With the help of direct access, IT professionals no longer have to worry about the extra cost of providing and maintaining a VPN configuration.
Multi-Action Firewall Policy
It is well known that the Windows Firewall policy in Vista is based on the type of network connection (public, home, and work/domain) and can only support one connection type at a time. Unfortunately, such limitations can cause various problems when different firewall policies are required, for example, when a mobile user accesses the public network and then initiates a VPN connection to the corporate network.
In order to adapt to this situation, Windows 7 Firewall provides new features that allow multiple firewall policies to be enabled at the same time, so that whatever type of connection is being used, the appropriate firewall policy will take effect, ensuring that Mobile/remote users are secure and can access the appropriate network. On the other hand, the new multi-action firewall strategy allows security professionals to maintain only one system for mobile/remote systems and physical connections.
There are more...
Although I have been impressed by the new features of Windows 7 security, there are many improvements in existing security features. For example, the Encrypting File System (EFS) architecture has been adapted to include the Elliptic Curve Cryptography (ECC) model, which allows it to meet the Class B security requirements set by the National Security Agency.
With the new ECC support, the Kerberos authentication mode can also support more powerful smart card login passwords. The NTLM authentication protocol now supports a minimum 128-bit security encryption policy by default, but you can also lower its rating.
Windows7 system has a sleep function, the advantage of this feature is that you can continue the wor
The Screensaver captures screenshots of any object on the desktop, such as a picture or part
Windows Desktop Gadget is a small plug-in provided by Microsoft. Some can check the time and weather
Please remind the user that this operation will cause all data on the hard disk t
Windows 7 Application Tutorial: History of the Start Menu
How to listen to music with Bluetooth headset under Win7 system
Detailed explanation of the magnifying glass function of Windows 7 gadget
Speed up the pop-up speed of Windows 7 preview thumbnails
If you want to teach you to modify the Windows 7 login screen
Windows 7 Resource Manager Amnesia Operation Skills
Step laptop connected to a projector
Windows 7 Load Virtual PC Image Tips
Close two major functions and get back the space occupied by Win7
Mouse drag and drop Win7 desktop window easily row (2)
How to make the computer power supply of Win7 system cool down
Windows 7 system can not run the program emergency method (1)
Retrieve the partitions hidden by Windows Optimizer
Win7 system fax scanning can not be used to reinstall
How to check the Windows XP system computer configuration?
Win8 cancels Media Playe as the default player method
Have you met? The 10 most prone to PC disasters (8)
Windows10 Home Edition can not connect to the remote server How to solve
Connect the USB flash drive to the VMware virtual machine Tutorial
Windows 8 System Tips for Conserving Battery Power
Download: DX12 official extraction package Win7/8.1 can also be installed normally