Learning Microsoft Windows Server 2012 Dynamic Access Control


Learning Microsoft Windows Server 2012 Dynamic Access Control
eBook: $20.99
Formats: PDF, PacktLib, ePub and Mobi formats
$17.84
save 15%!
Print + free eBook + free PacktLib access to the book: $55.98    Print cover: $34.99
$34.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Understand the advantages of using Dynamic Access Control and how it simplifies access control
  • Learn how to monitor, maintain, and secure your Dynamic Access Control environment
  • Troubleshoot and solve common misconfigurations and problems with professional techniques

Book Details

Language : English
Paperback : 146 pages [ 235mm x 191mm ]
Release Date : December 2013
ISBN : 178217818X
ISBN 13 : 9781782178187
Author(s) : Jochen Nickel
Topics and Technologies : All Books, Enterprise


Table of Contents

Preface
Chapter 1: Getting in Touch with Dynamic Access Control
Chapter 2: Understanding the Claims-based Access Model
Chapter 3: Classification and the File Classification Infrastructure
Chapter 4: Access Control in Action
Chapter 5: Auditing a DAC Solution
Chapter 6: Integrating Rights Management Protection
Chapter 7: Extending the DAC Base Solution
Chapter 8: Automating the Solution
Chapter 9: Troubleshooting
Index
  • Chapter 1: Getting in Touch with Dynamic Access Control
    • Business needs, purpose, and benefits
    • Inside the architecture of DAC
      • Building blocks
        • Infrastructure requirements
        • User and device claims
        • Expression-based access rules
        • Classification enhancements
        • Central Access and Audit policies
        • Access-denied assistance
    • Building your smart test lab
    • Configuring Dynamic Access Control
    • Summary
  • Chapter 2: Understanding the Claims-based Access Model
    • Understanding claims
    • Claims support in Windows 8/2012 and newer
      • Kerberos authentication enhancements
    • Kerberos Armoring and Compound Authentication
      • Kerberos Armoring
      • Compound Authentication
    • Managing Claims and Resource properties
      • Naming conventions
      • Authoritative system and data validation
      • Administrative delegation
      • Resource properties
    • Using Claim Transformation and Filtering
    • Groups or DAC, let's extend our first solution
    • Summary
  • Chapter 3: Classification and the File Classification Infrastructure
    • Map the business and security requirements
    • Different types and methods for tagging and classifying information
    • Manual Classification
    • Using the Windows File Classification Infrastructure
    • Data Classification Toolkit 2012
    • The Data Classification Toolkit wizard
      • The Data Classification Toolkit Claims wizard
    • Designing and configuring classifications
    • Summary
  • Chapter 4: Access Control in Action
    • Defining expression-based Access policies
    • Deploying Central Access Policies
      • Protecting the legal department's information with Central Access Policies
    • Identifying a Group Policy and registry settings
    • Configuring FCI and Central Access Policies
    • Building a staging environment using proposed permissions
    • Applying Central Access Policies
    • Access Denied Remediation
      • Understanding the ADR process
      • ADR – a step-by-step guide
    • Summary
  • Chapter 5: Auditing a DAC Solution
    • Auditing with conditional expressions
    • Claims-based Global Object Access Auditing
      • Monitoring your Dynamic Access Control scenarios
    • Configuring an effective auditing solution
    • Policy considerations
    • Extending the solution with System Center
    • Summary
  • Chapter 6: Integrating Rights Management Protection
    • Windows 2012 AD RMS
    • Installing Rights Management Services
    • Rights Protected Folder
    • Classification-based encryption
    • Protecting your information with a combination
      • The Rights management template
      • Encryption rule
      • Information access
      • Building the RPF example in your environment
      • File retention
      • AD RMS in a SAP environment
    • Summary
  • Chapter 7: Extending the DAC Base Solution
    • Keeping Active Directory attributes up-to-date
    • Third-party tools for Dynamic Access Control
      • Classification
      • Central Access Policy
      • RMS Protection
      • Auditing
      • Using DAC in SharePoint
    • BYOD – using Dynamic Access Control
    • Summary
  • Chapter 8: Automating the Solution
    • Identifying the complete solution
    • How other Microsoft products can assist you
    • Advanced architectures for Information Protection
    • Summary
  • Chapter 9: Troubleshooting
    • Common misconfigurations
    • General troubleshooting
      • Domain Controller count
      • Data quality of Active Directory attributes
      • Checking the user and device claims
      • Domain connectivity
      • Advanced Security Editor
        • The order of entries in the Permissions tab
        • The Central Policy tab
      • FCI - resource conditions and resource properties
      • Access Control Lists
    • Advanced troubleshooting
      • Domain function level
      • Active Directory trust
      • Claim Transformation Policy (CTP)
    • Summary

Jochen Nickel

Jochen Nickel is an Identity and Access Management Solution Architect working for inovit GmbH in Switzerland, and every day he tries to understand new business needs of his customers, to provide better, more comfortable, and more flexible Microsoft Identity and Access Management Solutions.

He has been working on a lot of projects, proof of concepts, reviews, and workshops in this field of technology. Furthermore, he is a Microsoft V-TSP Security, Identity and Access Management, Microsoft Switzerland, and uses his experience for the directly managed business accounts in Switzerland. He has also been an established speaker at many technology conferences.

Jochen is very focused on Dynamic Access Control, Direct Access, Forefront UAG/TMG, ADFS, Web Application Proxy, AD RMS, and the Forefront Identity Manager. Committed to continuous learning, he holds Microsoft certifications such as MCT, MCSE/A, MCTS, MTA, and many other security titles. He enjoys spending as much time as possible with his family to get back the energy to handle such interesting technologies.

For more information about Microsoft Windows Server 2012 Dynamic Access Control, you can visit my blog at http://blog.idam.ch.

Sorry, we don't have any reviews for this title yet.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.

Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

Learning Microsoft Windows Server 2012 Dynamic Access Control +    VMware View 5 Desktop Virtualization Solutions =
50% Off
the second eBook
Price for both: $38.55

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • Understand how Dynamic Access Control can help your organization control access to information
  • Identify and get to know the main building blocks and functionality of Dynamic Access Control
  • Create Central Access and Auditing Policies, including Transformation Policies
  • Classify information using different methods, including a deep dive into the File Classification infrastructure
  • Design and implement Rights Management integration
  • Extend your solution with third-party tools in particular for classification
  • Integrate Dynamic Access Control in SharePoint and other products
  • Discover the possibilities you get by using Dynamic Access Control for BYOD
  • Explore how other Microsoft solutions can be used as an enhancement of your solution

In Detail

Identifying and classifying information inside a company is one of the most important prerequisites for securing the sensitive information of various business units. Windows Server 2012 Dynamic Access Control helps you not only to classify information, but it also gives you the opportunity and the functionality to provide a safe-net policy across your file servers, showing you some helpful ways of auditing and access denied assistance to improve usability.

Understanding the architecture, the design, and implementing the solution, to troubleshooting will be covered in a practical and easy-to-read manner. This book is packed with project-based examples with plenty of information about the architecture, functionality, and extensions of Dynamic Access Control to help you excel in real-life projects. The book guides you through all the stages of a successful implementation of Dynamic Access Control.

Microsoft Windows Server 2012 Dynamic Access Control will teach you everything you need to know to create your own projects, and is an essential resource for reviewing or extending already existing implementations.

The book initially takes you through the task of understanding all of the functionality and extensions with ideas and overviews to help guide you in the decision process. The whole architecture will be explained in the main building blocks of Dynamic Access control. You will have a strong foundation and understanding of the claims model and Kerberos. Classifying information, the hardest part of the prerequisites to fulfil, is also covered in depth. You will also spend time understanding conditional expressions, and the method used to deploy them across your file server infrastructure. A special chapter is included for handling the data quality and the integration in other systems and strategies. Last, but not least, to get your solution up and running you will learn how to troubleshoot a Dynamic Access Control solution.

Approach

This practical tutorial-based book is filled with information about the architecture, functionality, and extensions of Microsoft Windows Server 2012 Dynamic Access Control

Who this book is for

If you are an IT consultant/architect, system engineer, system administrator, or security engineers planning to implement Dynamic Access Control in your organization, or have already implemented it and want to discover more about the abilities and how to use them effectively, this book will be an essential resource.

You should have some understanding of security solutions, Active Directory, Access Privileges/ Rights and Authentication methods, and a fundamental understanding of Microsoft technologies. Programming knowledge is not required but can be helpful for using PowerShell or the APIs to customize your solution.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software