Запознайте се с новите характеристики на Windows 7 в синтезиран вид:
- UAC (User Account Control) – прецизно настройване
- BitLocker Data Encryption за преносими устройства за съхранение на данни
- AppLocker - създаване и прилагане на правила за ограничаване на изпълнимите приложения
- Повишаване на сигурността чрез Windows Defender
- DirectAccess – по-добра свързаност за отдалечени потребители
- По-добра навигация и организираност, благодарение на обновените Тaskbar и Control Panel
- Windows Backup & Restore
- Ефективен troubleshooting с помощта на: Problem Steps Recorder, Performance Monitor, Event Viewer, Windows PowerShell 2.0
4. Windows History
Release date Version Support
1990 May Windows 3.x Unsupported
1993 July Windows NT Unsupported
1995 August Windows 95 Unsupported
1998 June Windows 98 Unsupported
2000 February Windows 2000 Unsupported
2000 September Windows Me Unsupported
2001 October Windows XP Current for SP2 and SP3
2006 November (VL) 2007
January (retail)
Windows Vista Current
2008 February Windows 2008 Current
2009 July 22 (VLK), 2009
October 22, (retail
Windows 2008 R2 Current
2009 July 22 (VLK), 2009
October 22, (retail)
Windows 7 Current
5. Graphic user interface
New Taskbar (Super BAR)
Aero Peek
Jump lists
Desktop snap
Libraries
Instant search and Federated search
Screen resolution is one click away
No side bar
… and GUI is faster then ever
6. User Account Control Settings in
Group policy
Two type of user group (Standard Users and
Administrators
Type of Elevation prompt
Consent Prompt
Displayed to administrators in Admin
Approval mode when they attempt to
perform an administrative task.
Request approval
Credential Prompt
Displayed to standard users when
they attempt to perform an
administrative task. Require user
name and password.
7. UAC Security Settings
Never notify UAC is off.
No notifications appear during software installation or when making manual changes.
Notify me only when programs try to make changes to my computer (do
not dim my desktop)
When a program makes a change, a prompt appears, but the desktop is not dimmed.
Otherwise, the user is not prompted.
Default - Notify me only when programs try to make changes to my
computer
When a program makes a change, a prompt appears, and the desktop is dimmed to
provide a visual cue that installation is being attempted. Otherwise, the user is not
prompted.
Always notify me
The user is always prompted when changes are made to the computer, including new
software installations.
9. BitLocker To Go
BitLocker To Go extends BitLocker Drive Encryption to portable
devices, such as USB flash drives, and is manageable through
Group Policy.
An administrator configures Group Policy to require that data can
be saved only onto data volumes protected by BitLocker (device is
read only )
You can use encrypted USB flash drive in previous version OS but
Read-only
You can unlock the drive using one of the following methods:
A Recovery Password or passphrase (complexity is
configurable in Group Policy)
•A Smart Card
Always auto-unlock this device on this PC
11. AppLocker
AppLocker ® Enables IT professionals to specify exactly what is allowed to
run on user’s Desktop.
Rules defined based on attributes derived from a file’s digital signature,
including the publisher, product name, file name, and file version.
A user interface accessed through an extension to the Local Policy snap-in
and Group Policy Management snap-in.
An audit-only enforcement mode that allows administrators to determine
which files will be prevented from running if the policy were in effect.
Default rules:
All users to run files in the default Program Files directory.
All users to run all files signed by the Windows operating system.
Members of the built-in Administrators group to run all files.
13. Direct Access benefits:
Provide remote users with seamless access to
company, internal network without VPN connections.
Manage remote computers when every time they have
Internet connectivity, even if the user is not logged on.
Remote desktop, remote assistance
Distributing software updates
Apply group policy on computer in internet
DirectAccess separates intranet from Internet traffic,
which reduces unnecessary traffic on the intranet.
Support multifactor authentication methods.
Configurable to restrict which servers, user and
individual applications are accessible.
14. Direct access Prerequisites
Windows server 2008 R2 with two network
cards
DNS and AD DS running on Windows Server
2008 or 2008 R2
PKI infrastructure
Windows 7 Enterprise of Ultimate on clients
IPv6-over-Ipsec, ISATAP, Teredo and 6to4
15. BranchCache
Helps reduce WAN link utilization
Improves file transfer time
Supports SMB, HTTP,HTTPS and BITS.
End-to end encryption between clients and servers
(SSL, IPsec)
Cached content is encripted
Transparent to the users
16. BranchCache scenarios
Distributed caching mode
Cache is distributed across client computers in the branch.
Peer-to-peer architecture
Suitable for branches that do not have a local computer running
Windows Server 2008 R2.
Hosted Caching
Cache resides on a Windows 2008 R2 server that is deployed
in the branch office
Client computers that need the same content retrieve it directly
from the server
Content is available even when the client that originally
requested the data is offline.
17. BranchCache requirement
Windows Server 2008 R2 is required either in
the main server location or at the branch office,
depending on the type of caching being
performed.
Windows 7 Beta Enterprise is required on the
client PC.
BranchCache is off by default.
Configure it manually (netsh) or by Group Policy
Set firewall rules (UDP 3702, TCP 80)
18. News in Networking
New features:
Multiple Active Firewalls
Every connection may have separate
firewall profile settings.
Home Group
Share files in home scenario.
Password protected.
VPN Reconnect
Automatically re-establishes a VPN
connection when users temporally lose
internet connections. Transparent to
users.
20. Back up and Recovery
Windows Backup allows you to capture all files,
specific files, and system files (system state)
Store backup file and folders in a zip format.
System image backup enables recovery of the entire
computer. Stored in VHD format.
Free space is validated before the backup is started
The Startup Repair tool is preinstalled and help
recover systems that do not start.
System restore display application that will be removed
or added prior to restoration
22. PowerShell 2.0
Build in Windows 7
.NET managed scripting language
Interactive command line shell and a graphical
Integrated Scripting Environment (ISE)
Uses the standard management protocol WS
management for remote execution of cmdlets.
Can be used to create Group Policy logon, logoff,
startup, or shutdown scripts
Supports partitioning using modules
Includes transactions support
23. Virtual machine integration
Create and Mount .vhd from Disk Management
in Windows 7
New boot loader with ability to boot from .vhd
files
XP mode and Windows Virtual PC
In Windows 7 Beta, the second partition is not assigned a drive letter. Therefore, userscannot see this unencrypted partition and inadvertently store information on it. The drivesize requirement has also been reduced to 200 MB.
During configuration, the user specifies how to unlock the drive using one of thefollowing methods:• A Recovery Password or passphrase (complexity is configurable in Group Policy)• A Smart Card• Always auto-unlock this device on this PCOnce the device is configured to use BitLocker, the user saves documents to the externaldrive without error. When the user inserts the USB flash drive on a different PC, thecomputer detects that the portable device is BitLocker protected; the user is prompted toIf a user forgets the passphrase for the device, there is an option from the BitLockerUnlock wizard, I forgot my passphrase, to assist. Clicking this option displays arecovery Password ID that can be supplied to an administrator. The administrator uses thePassword ID to obtain the Recovery Password for the device. This Recovery Passwordcan be stored in AD and recovered with the BitLocker Recovery Password tool.
Computer settings\\Administrative Templates\\Windows Components\\Bitlocker Drive Encryption\\Removable Data
Creating rules based on the digital signature of an application helps make it possible tobuild rules that survive application updates. For example, an organization can create arule to "allow all versions greater than 9.0 of a program to run if it is signed by thesoftware publisher." In this way, when the program is updated, IT professionals cansafely deploy application updates without having to build another rule.Note: Without the default rules, critical system files might not run. Once you havecreated one or more rules in a rule collection, only applications that are affected bythose rules are allowed to run. If the default rules are not created and you areblocked from performing administrative tasks, restart the computer in safe mode,add the default rules and delete any deny rules that are preventing access, andthen refresh the computer policy.
The Action Center is integrated in Control Panel and provides a central place for tasksand notifications associated with keeping the computer running smoothly. This centerhelps users resolve problems by providing a streamlined experience for addressingnotifications and managing computer issues. The Action Center assists with problemavoidance and problem solving. By unifying notifications that inform and lead users tothe necessary actions to take, problems are avoided. Additionally, providing users withone location for information and tools helps them troubleshoot and resolve issues withtheir system more accurately.The Action Center consolidates alerts from ten existing Windows features:• Security CenterProblem Reports and Solutions• Windows Defender• Windows Update• Diagnostics• Network Access Protection• Back and Restore• Recovery• User Account ControlSome troubleshooters that come with Windows 7 Beta automatically run in thebackground. If the system discovers a problem, it makes a notification the Action Center.The following are examples of automatic tasks on Windows 7 Beta:• Cleaning up temporary files• Detecting hard disk errors• Removing broken shortcuts• Ensuring the system time is correct
Unified tracing provides a single tool for determining what is happening in the Windows7 Beta networking stack, helping to simplify the process of diagnosing and problemsolving for IT professionals, system administrators, and developers. It collects event logsand captures packets across all layers of the networking stack using only in-box tools,and it groups the data into activities across individual components.
The .vhd file created by system backup is usable in a virtual environment. However, it isnot supported as a startup disk. There are three ways to access the .vhd file:• Virtual PC• Virtual Server• Disk manager which is new in Windows 7 Beta