Запознайте се с новите характеристики на Windows 7 в синтезиран вид: - UAC (User Account Control) – прецизно настройване - BitLocker Data Encryption за преносими устройства за съхранение на данни - AppLocker - създаване и прилагане на правила за ограничаване на изпълнимите приложения - Повишаване на сигурността чрез Windows Defender - DirectAccess – по-добра свързаност за отдалечени потребители - По-добра навигация и организираност, благодарение на обновените Тaskbar и Control Panel - Windows Backup & Restore - Ефективен troubleshooting с помощта на: Problem Steps Recorder, Performance Monitor, Event Viewer, Windows PowerShell 2.0

2. Windows 7 в 60 минути
30 декември 2010
Дарин Йончев
MCT, MCITP, MCSE, Security +

3. So let’s begin

4. Windows History
Release date Version Support
1990 May Windows 3.x Unsupported
1993 July Windows NT Unsupported
1995 August Windows 95 Unsupported
1998 June Windows 98 Unsupported
2000 February Windows 2000 Unsupported
2000 September Windows Me Unsupported
2001 October Windows XP Current for SP2 and SP3
2006 November (VL) 2007
January (retail)
Windows Vista Current
2008 February Windows 2008 Current
2009 July 22 (VLK), 2009
October 22, (retail
Windows 2008 R2 Current
2009 July 22 (VLK), 2009
October 22, (retail)
Windows 7 Current

5. Graphic user interface
New Taskbar (Super BAR)
Aero Peek
Jump lists
Desktop snap
Libraries
Instant search and Federated search
Screen resolution is one click away
No side bar
… and GUI is faster then ever 

6. User Account Control Settings in
Group policy
Two type of user group (Standard Users and
Administrators
Type of Elevation prompt
Consent Prompt
Displayed to administrators in Admin
Approval mode when they attempt to
perform an administrative task.
Request approval
Credential Prompt
Displayed to standard users when
they attempt to perform an
administrative task. Require user
name and password.

7. UAC Security Settings
Never notify UAC is off.
No notifications appear during software installation or when making manual changes.
Notify me only when programs try to make changes to my computer (do
not dim my desktop)
When a program makes a change, a prompt appears, but the desktop is not dimmed.
Otherwise, the user is not prompted.
Default - Notify me only when programs try to make changes to my
computer
When a program makes a change, a prompt appears, and the desktop is dimmed to
provide a visual cue that installation is being attempted. Otherwise, the user is not
prompted.
Always notify me
The user is always prompted when changes are made to the computer, including new
software installations.

8. UAC Group policy settings

9. BitLocker To Go
BitLocker To Go extends BitLocker Drive Encryption to portable
devices, such as USB flash drives, and is manageable through
Group Policy.
An administrator configures Group Policy to require that data can
be saved only onto data volumes protected by BitLocker (device is
read only )
You can use encrypted USB flash drive in previous version OS but
Read-only
You can unlock the drive using one of the following methods:
A Recovery Password or passphrase (complexity is
configurable in Group Policy)
•A Smart Card
Always auto-unlock this device on this PC

10. BitLocker To Go Group Policy

11. AppLocker
AppLocker ® Enables IT professionals to specify exactly what is allowed to
run on user’s Desktop.
Rules defined based on attributes derived from a file’s digital signature,
including the publisher, product name, file name, and file version.
A user interface accessed through an extension to the Local Policy snap-in
and Group Policy Management snap-in.
An audit-only enforcement mode that allows administrators to determine
which files will be prevented from running if the policy were in effect.
Default rules:
All users to run files in the default Program Files directory.
All users to run all files signed by the Windows operating system.
Members of the built-in Administrators group to run all files.

12. Applocker Group policy

13. Direct Access benefits:
Provide remote users with seamless access to
company, internal network without VPN connections.
Manage remote computers when every time they have
Internet connectivity, even if the user is not logged on.
Remote desktop, remote assistance
Distributing software updates
Apply group policy on computer in internet
DirectAccess separates intranet from Internet traffic,
which reduces unnecessary traffic on the intranet.
Support multifactor authentication methods.
Configurable to restrict which servers, user and
individual applications are accessible.

14. Direct access Prerequisites
Windows server 2008 R2 with two network
cards
DNS and AD DS running on Windows Server
2008 or 2008 R2
PKI infrastructure
Windows 7 Enterprise of Ultimate on clients
IPv6-over-Ipsec, ISATAP, Teredo and 6to4

15. BranchCache
Helps reduce WAN link utilization
Improves file transfer time
Supports SMB, HTTP,HTTPS and BITS.
End-to end encryption between clients and servers
(SSL, IPsec)
Cached content is encripted
Transparent to the users

16. BranchCache scenarios
Distributed caching mode
Cache is distributed across client computers in the branch.
Peer-to-peer architecture
Suitable for branches that do not have a local computer running
Windows Server 2008 R2.
Hosted Caching
Cache resides on a Windows 2008 R2 server that is deployed
in the branch office
Client computers that need the same content retrieve it directly
from the server
Content is available even when the client that originally
requested the data is offline.

17. BranchCache requirement
Windows Server 2008 R2 is required either in
the main server location or at the branch office,
depending on the type of caching being
performed.
Windows 7 Beta Enterprise is required on the
client PC.
BranchCache is off by default.
Configure it manually (netsh) or by Group Policy
Set firewall rules (UDP 3702, TCP 80)

18. News in Networking
New features:
Multiple Active Firewalls
Every connection may have separate
firewall profile settings.
Home Group
Share files in home scenario.
Password protected.
VPN Reconnect
Automatically re-establishes a VPN
connection when users temporally lose
internet connections. Transparent to
users.

19. Troubleshooting
Notifications Area
Action Center
Problem Step Recorder
Resource Monitor
Reliability Monitor
Event Viewer
System Restore
Unified Tracing

20. Back up and Recovery
Windows Backup allows you to capture all files,
specific files, and system files (system state)
Store backup file and folders in a zip format.
System image backup enables recovery of the entire
computer. Stored in VHD format.
Free space is validated before the backup is started
The Startup Repair tool is preinstalled and help
recover systems that do not start.
System restore display application that will be removed
or added prior to restoration

21. Group policy for Backup

22. PowerShell 2.0
Build in Windows 7
.NET managed scripting language
Interactive command line shell and a graphical
Integrated Scripting Environment (ISE)
Uses the standard management protocol WS
management for remote execution of cmdlets.
Can be used to create Group Policy logon, logoff,
startup, or shutdown scripts
Supports partitioning using modules
Includes transactions support

23. Virtual machine integration
Create and Mount .vhd from Disk Management
in Windows 7
New boot loader with ability to boot from .vhd
files
XP mode and Windows Virtual PC

24. А сега е време за въпроси

25. New Horizons Bulgaria
Бул. “Драган Цанков” 36
Интерпред, блок A, етаж 6
1040 София
Тел.: +359 2 421 0040
+359 2 421 0044
Email: office@newhorizons.bg
Сайт: www.newhorizons.bg
Блог: newhorizons.bg/blog