Original URL: http://www.theregister.co.uk/2009/04/21/win7_security/

MS opens kimono on Windows 7 security features

Less invasive control

By John Leyden

Posted in Security, 21st April 2009 17:08 GMT

Microsoft has unveiled the security improvement is expects to deliver with Windows 7, the next version of its flagship operating system.

To coincide with the opening of the RSA Conference on Monday, Redmond unveiled a much more detailed list of security enhancements and tweaks. It is, of course, routine for Microsoft to describe the next version of its OS as the most secure it has ever created.

But leaving cynicism about such pronouncements to one side, there are a significant numbers of enhancements with Windows 7 in areas including remote access, biometric integration, and ease of use.

User account control (UAC), a feature that debuted with Vista, is been tuned to generate fewer invasive pop-ups.

BitLocker encryption will be extended to cover USB drives, a feature described as BitLocker To Go. A remote access feature, called DirectAccess, will be included that makes setting up secure remote access far easier than was previously possible. The same feature will allow sys admins to patch remotely-connected devices. Network Access Protection, a separate feature, can be used to restrict access to corporate networks to only fully-patched PCs.

Another feature, AppLocker, will give sys admins the ability to control what applications can run on corporate systems, including the ability to remotely purge disavowed applications.

Microsoft recommends that users run Windows 7 clients in conjunction with Windows 2008 R2 servers in order to get the benefit of BranchCache, a caching application that makes networked applications faster and more responsive.

A full run-down of the security features expected to ship with Windows 7 security can be found on the Windows Security Blog here. A shorter summary can be found on the Windows blog here. ®