Learning Microsoft Windows Server 2012 Dynamic Access Control

When you know Dynamic Access Control, you know how to take command of your organization’s data for security and control. This book is a practical tutorial that will make you proficient in the main functions and extensions.

Learning Microsoft Windows Server 2012 Dynamic Access Control

Learning
Jochen Nickel

When you know Dynamic Access Control, you know how to take command of your organization’s data for security and control. This book is a practical tutorial that will make you proficient in the main functions and extensions.
$20.99
$34.99
RRP $20.99
RRP $34.99
eBook
Print + eBook
$12.99 p/month

Want this title & more? Subscribe to PacktLib

Enjoy full and instant access to over 2000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.
Code Files
+ Collection
Free sample

Book Details

ISBN 139781782178187
Paperback146 pages

About This Book

  • Understand the advantages of using Dynamic Access Control and how it simplifies access control
  • Learn how to monitor, maintain, and secure your Dynamic Access Control environment
  • Troubleshoot and solve common misconfigurations and problems with professional techniques

Who This Book Is For

If you are an IT consultant/architect, system engineer, system administrator, or security engineers planning to implement Dynamic Access Control in your organization, or have already implemented it and want to discover more about the abilities and how to use them effectively, this book will be an essential resource.

You should have some understanding of security solutions, Active Directory, Access Privileges/ Rights and Authentication methods, and a fundamental understanding of Microsoft technologies. Programming knowledge is not required but can be helpful for using PowerShell or the APIs to customize your solution.

Table of Contents

Chapter 1: Getting in Touch with Dynamic Access Control
Business needs, purpose, and benefits
Inside the architecture of DAC
Building your smart test lab
Configuring Dynamic Access Control
Summary
Chapter 2: Understanding the Claims-based Access Model
Understanding claims
Claims support in Windows 8/2012 and newer
Kerberos Armoring and Compound Authentication
Managing Claims and Resource properties
Using Claim Transformation and Filtering
Groups or DAC, let's extend our first solution
Summary
Chapter 3: Classification and the File Classification Infrastructure
Map the business and security requirements
Different types and methods for tagging and classifying information
Manual Classification
Using the Windows File Classification Infrastructure
Data Classification Toolkit 2012
The Data Classification Toolkit wizard
Designing and configuring classifications
Summary
Chapter 4: Access Control in Action
Defining expression-based Access policies
Deploying Central Access Policies
Identifying a Group Policy and registry settings
Configuring FCI and Central Access Policies
Building a staging environment using proposed permissions
Applying Central Access Policies
Access Denied Remediation
Summary
Chapter 5: Auditing a DAC Solution
Auditing with conditional expressions
Claims-based Global Object Access Auditing
Configuring an effective auditing solution
Policy considerations
Extending the solution with System Center
Summary
Chapter 6: Integrating Rights Management Protection
Windows 2012 AD RMS
Installing Rights Management Services
Rights Protected Folder
Classification-based encryption
Protecting your information with a combination
Summary
Chapter 7: Extending the DAC Base Solution
Keeping Active Directory attributes up-to-date
Third-party tools for Dynamic Access Control
BYOD – using Dynamic Access Control
Summary
Chapter 8: Automating the Solution
Identifying the complete solution
How other Microsoft products can assist you
Advanced architectures for Information Protection
Summary
Chapter 9: Troubleshooting
Common misconfigurations
General troubleshooting
Advanced troubleshooting
Summary

What You Will Learn

  • Understand how Dynamic Access Control can help your organization control access to information
  • Identify and get to know the main building blocks and functionality of Dynamic Access Control
  • Create Central Access and Auditing Policies, including Transformation Policies
  • Classify information using different methods, including a deep dive into the File Classification infrastructure
  • Design and implement Rights Management integration
  • Extend your solution with third-party tools in particular for classification
  • Integrate Dynamic Access Control in SharePoint and other products
  • Discover the possibilities you get by using Dynamic Access Control for BYOD
  • Explore how other Microsoft solutions can be used as an enhancement of your solution

In Detail

Identifying and classifying information inside a company is one of the most important prerequisites for securing the sensitive information of various business units. Windows Server 2012 Dynamic Access Control helps you not only to classify information, but it also gives you the opportunity and the functionality to provide a safe-net policy across your file servers, showing you some helpful ways of auditing and access denied assistance to improve usability.

Understanding the architecture, the design, and implementing the solution, to troubleshooting will be covered in a practical and easy-to-read manner. This book is packed with project-based examples with plenty of information about the architecture, functionality, and extensions of Dynamic Access Control to help you excel in real-life projects. The book guides you through all the stages of a successful implementation of Dynamic Access Control.

Microsoft Windows Server 2012 Dynamic Access Control will teach you everything you need to know to create your own projects, and is an essential resource for reviewing or extending already existing implementations.

The book initially takes you through the task of understanding all of the functionality and extensions with ideas and overviews to help guide you in the decision process. The whole architecture will be explained in the main building blocks of Dynamic Access control. You will have a strong foundation and understanding of the claims model and Kerberos. Classifying information, the hardest part of the prerequisites to fulfil, is also covered in depth. You will also spend time understanding conditional expressions, and the method used to deploy them across your file server infrastructure. A special chapter is included for handling the data quality and the integration in other systems and strategies. Last, but not least, to get your solution up and running you will learn how to troubleshoot a Dynamic Access Control solution.

Authors

Table of Contents

Chapter 1: Getting in Touch with Dynamic Access Control
Business needs, purpose, and benefits
Inside the architecture of DAC
Building your smart test lab
Configuring Dynamic Access Control
Summary
Chapter 2: Understanding the Claims-based Access Model
Understanding claims
Claims support in Windows 8/2012 and newer
Kerberos Armoring and Compound Authentication
Managing Claims and Resource properties
Using Claim Transformation and Filtering
Groups or DAC, let's extend our first solution
Summary
Chapter 3: Classification and the File Classification Infrastructure
Map the business and security requirements
Different types and methods for tagging and classifying information
Manual Classification
Using the Windows File Classification Infrastructure
Data Classification Toolkit 2012
The Data Classification Toolkit wizard
Designing and configuring classifications
Summary
Chapter 4: Access Control in Action
Defining expression-based Access policies
Deploying Central Access Policies
Identifying a Group Policy and registry settings
Configuring FCI and Central Access Policies
Building a staging environment using proposed permissions
Applying Central Access Policies
Access Denied Remediation
Summary
Chapter 5: Auditing a DAC Solution
Auditing with conditional expressions
Claims-based Global Object Access Auditing
Configuring an effective auditing solution
Policy considerations
Extending the solution with System Center
Summary
Chapter 6: Integrating Rights Management Protection
Windows 2012 AD RMS
Installing Rights Management Services
Rights Protected Folder
Classification-based encryption
Protecting your information with a combination
Summary
Chapter 7: Extending the DAC Base Solution
Keeping Active Directory attributes up-to-date
Third-party tools for Dynamic Access Control
BYOD – using Dynamic Access Control
Summary
Chapter 8: Automating the Solution
Identifying the complete solution
How other Microsoft products can assist you
Advanced architectures for Information Protection
Summary
Chapter 9: Troubleshooting
Common misconfigurations
General troubleshooting
Advanced troubleshooting
Summary

Book Details

ISBN 139781782178187
Paperback146 pages
Read More