Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By : Jochen Nickel
Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By: Jochen Nickel

Overview of this book

Identifying and classifying information inside a company is one of the most important prerequisites for securing the sensitive information of various business units. Windows Server 2012 Dynamic Access Control helps you not only to classify information, but it also gives you the opportunity and the functionality to provide a safe-net policy across your file servers, showing you some helpful ways of auditing and access denied assistance to improve usability. Understanding the architecture, the design, and implementing the solution, to troubleshooting will be covered in a practical and easy-to-read manner. This book is packed with project-based examples with plenty of information about the architecture, functionality, and extensions of Dynamic Access Control to help you excel in real-life projects. The book guides you through all the stages of a successful implementation of Dynamic Access Control. Microsoft Windows Server 2012 Dynamic Access Control will teach you everything you need to know to create your own projects, and is an essential resource for reviewing or extending already existing implementations. The book initially takes you through the task of understanding all of the functionality and extensions with ideas and overviews to help guide you in the decision process. The whole architecture will be explained in the main building blocks of Dynamic Access control. You will have a strong foundation and understanding of the claims model and Kerberos. Classifying information, the hardest part of the prerequisites to fulfil, is also covered in depth. You will also spend time understanding conditional expressions, and the method used to deploy them across your file server infrastructure. A special chapter is included for handling the data quality and the integration in other systems and strategies. Last, but not least, to get your solution up and running you will learn how to troubleshoot a Dynamic Access Control solution.
Table of Contents (16 chapters)
Learning Microsoft Windows Server 2012 Dynamic Access Control
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Extending the solution with System Center


With the Audit Collection Service (ACS) of the System Center Operations Manager 2012, you are able to collect the security audit information generated by an audit policy in a central database. Using ACS helps you to consolidate security log information and gives you the option to analyze the information and provide proper reports to your CISO.

ACS requires the following components:

  • ACS Forwarders: It enables audit collection; all security events are sent to the ACS Collector

  • ACS Collector: It receives and processes events from ACS Forwarders and sends the data to the ACS Database

  • ACS Database: The ACS Database is a central repository for events that are generated by an audit policy within an ACS deployment. You can find more details at http://technet.microsoft.com/en-us/library/hh212908.aspx