For Microsoft Corporation Information Security Windows users have always been at the forefront and to this day remains the number one priority. You can be ironic about this as much as you like, but whatever is true is true. The company persistently and almost continuously (development is underway in almost all time zones!) improves the mechanisms for protecting its operating systems and with each new generation introduces solutions that increase the level of security. A striking example of work in this direction is Windows 7 - a system built on a solid foundation of security Windows Vista and incorporating the latest developments in this area. This material talks about what the “Seven” can please users in terms of security.

Owners of computers with Vista have probably appreciated the convenience of the Windows Security Center. IN new version operating system, Microsoft specialists have significantly expanded the capabilities of this tool and given it a new, self-explanatory name - support center. Unlike Vista, the updated component informs the user not only about Windows 7 security problems, but also about all other events, the degree of significance of which can be assessed by the color of the messages. With the help of the Help Center, it's easy to make sure that the system is functioning without errors, the firewall is turned on, antivirus applications are updated and the computer is configured for automatic installation updates and Reserve copy important data. If problems are detected, the center Windows updates 7 will search for available solutions on the Internet and provide links to software to eliminate any errors that have occurred.

In Windows 7, the account control mechanism, also known as User Account Control, which caused a lot of controversy among advanced users, has evolved. In the "seven", UAC has become much less intrusive and has acquired additional parameters, guided by which you can flexibly configure the User Account Control function and significantly reduce the number of requests for confirmation of certain actions that require administrative rights in the system. User Account Control helps prevent undetected infiltration malicious code to the computer and therefore disabling the protection system (and such an option is provided) is not recommended.

Encrypting drives with BitLocker

Content encryption mechanism hard drives, which debuted in Vista, also migrated with some improvements to the corporate (Enterprise) and maximum (Ultimate) editions of Windows 7. If in the previous version of the system it was necessary to manually split the disk into two partitions to enable the cryptographic data protection function, now the “seven” "automatically reserves space on the media during the installation of the operating system. In addition, Windows 7 introduced a data recovery agent and introduced the ability to encrypt not only the system partition with BitLocker, but also all other partitions of the disk. file system NTFS. We draw the readers' attention to the fact that, unlike the EFS system, which allows encryption separate files, BitLocker performs cryptographic protection all files on the selected media or disk partition. This approach significantly improves data protection from unauthorized access during physical access to the computer and disks.

A further development of BitLocker technology was the BitLocker To Go feature that appeared in Windows 7, providing reliable data protection on removable media (flash drives and external hard drives) even if the device is lost or stolen. An important feature is that the new encryption mechanism interacts not only with portable media, formatted in NTFS, but also with FAT, FAT32 and ExFAT partitions. You can work with BitLocker To Go protected drives in previous versions operating rooms Microsoft systems- Windows XP and Vista. True, only in reading mode.

For enterprise administrators various scales Often you have to analyze the applications used by employees and limit access to certain software products, the launch of which may pose a threat to the security of the corporate network. To solve this problem, Windows 7 includes an improved version of the Software Restriction Policies tool, called AppLocker. It is easier to use, and its new capabilities and extensibility reduce management costs and allow you to audit running programs, as well as flexibly manipulate access rules for certain applications and files, using various rules and conditions, even digital signatures of products. AppLocker is configured within a domain using Group Policy or local computer in the Local Security Policies snap-in.

From network attacks, computers under Windows control Firewall protects. In the "seven" he also provides a strong line of defense against many types malware. Like internetwork Windows screen Vista SP2, the "seven" firewall is automatically turned on after installation and carefully filters both incoming and outgoing traffic, promptly informing the user about suspicious network activity in the operating system. In Vista, only one network profile could function at a time. In Windows 7, this limitation was removed, and the system now has the ability to use several active profiles simultaneously, one per network adapter. The advantages of such an innovation are obvious. You can, for example, sitting in a cafe where there is wireless point access, connect via VPN (Virtual Private Network) to the corporate network and at the same time be sure that the Windows 7 firewall will apply the general profile to the WiFi adapter and activate the domain profile for the VPN tunnel.

Secure access to corporate network resources

Since we are talking about VPN connections, it would be useful to draw the readers’ attention to DirectAccess - new technology Microsoft Corporation, which provides a secure connection to the corporate network for remote users working over public networks. The main difference between DirectAccess and VPN is that the secure connection is established in background without user intervention. This approach makes it possible to make the work of mobile employees as simple and convenient as possible without compromising the level of security provided. Working with the new function is possible only if the corporate or maximum edition of Windows 7 is installed on users’ computers, and the company’s servers use the platform Windows Server 2008 R2.

Biometric security technologies

Devices designed to identify users using fingerprints could also be used in previous versions of Microsoft operating systems. To do this, we had to be content with software solutions from third-party developers. Windows 7 has its own biometric drivers and software components that can be used not only by owners of computers equipped with fingerprint readers, but also by developers of third-party software organizations. To configure biometric devices, a menu of the same name is provided in the control panel of the operating system.

Windows 7 includes a browser Internet Explorer 8, which is characterized by advanced security features. It is enough to mention the function of highlighting a second-level domain, which allows you to notice that something is wrong in time and avoid the tricks of online scammers who lure users to a fake site with a similar name to a well-known one. domain name, giving up administrative privileges when running ActiveX, and Data technology Execution Prevention. The essence of the latter is that when the browser tries to execute any code located in memory, the system simply will not allow it to do so. The browser has a model for preventing XSS attacks (Cross-Site Scripting), as well as a SmartScreen system that generates notifications when you try to visit potentially dangerous sites and protects against malware. Automatic Crash Recovery tools allow you to restore everything previously open tabs after an application crashes, and InPrivate web browsing mode allows you to leave no traces when working on public computers.

To protect against spyware, Windows 7 includes a special module that automatically starts every time the operating system boots and scans files both in real time and user-specified schedule. To regularly update malicious app signatures, Windows Defender uses Windows Update to automatic download and establishing new definitions as they are issued. Additionally, Windows Defender can be configured to search the Internet for updated definitions before scanning data stored on your computer's drive. A curious feature The anti-spyware module is the ability to work in tandem with the Microsoft SpyNet network community, designed to teach users to adequately respond to threats posed by spyware. For example, if Windows Defender detects a suspicious app or a change it made that hasn't yet received a severity rating, you can see how others in the community responded to the same alert and make the right decision.

Microsoft Security Essentials antivirus - now for Russian users!

In addition to the security technologies listed above, Microsoft also offers Microsoft Security Essentials- a free antivirus solution that provides reliable protection for your computer against all possible threats, including viruses, spyware, rootkits and Trojans. Microsoft Security Essentials runs quietly and unnoticed in the background without restricting user activity or slowing down any computer, even low-performance computers. The antivirus offered by Microsoft is easy to use, equipped with an intuitive interface, and contains the most modern technologies for protection against viruses and complies with all computer security standards.

Conclusion

Many foreign users of Windows 7 appreciated the user-friendly interface of the application, ease of installation, settings and speed of the anti-virus Microsoft solutions. Beginning with today, domestic users can also taste all the delights of Microsoft Security Essentials. Today, December 16, Microsoft opens access to the Russified version of the antivirus to Russian users and provides technical support product in Russian. The Russified version of Microsoft Security Essentials can be downloaded from the website microsoft.com/security_essentials/?mkt=ru-ru, of course, completely free. This product is installed on the computers of a good half of our editorial staff (not counting, of course, Mac drivers) and makes you forget about free analogues other developers. And sometimes paid ones too.

Trying to answer this question, PCMag security guru Neil J. Rubenking reviewed the security capabilities of Windows 7 and wrote an article in which he assessed everything in the new product - starting from the interface and the infamous UAC (User Account Control) to the firewall (firewall), networking opportunities and BitLocker encryption.

He even talked to some security-savvy people to try to get their impressions of the Windows platforms Filtering - a core set of key capabilities that other manufacturers may or may not use.

Overall, Rubenking found that Windows 7's system security closely resembled that of other operating systems. In particular, there are many similarities to Vista, but security has been improved in some areas.

Yes, Microsoft has made a lot of changes to various areas of Windows 7, but these are not changes that the majority of users will immediately benefit from. Rubenking himself wrote that Vista is inherently more secure than Windows XP.

This is due to the fact that Microsoft made significant changes to the Vista platform that affected user habits and even required some fancy driver rewrites and the like.

In the same time security improvements between Vista and Windows 7 not so serious.

In security, as in other areas, Windows 7 is Vista, only better.

So, let's look at Rubenking's notes and evaluate for ourselves how safe or how dangerous we are under Windows 7.

Windows 7 Security - Getting Started Microsoft claims that.

Windows 7 has improved security, reliability and performance

Introducing concepts such as kernel patch protection, data execution prevention, address space randomization, and mandatory integrity levels into the operating system sounds good, except that early Vista propaganda also touted the security of the operating system, but most of these promises failed to materialize.

So will Windows 7 be better than Vista, will the latest operating system live up to the expectations placed on it?

In fact, Windows 7's goals sound a little better than Vista's unlikely concepts. It's clear that Windows 7 has better security than Vista. True, not by much.

Automatic updates Installation of Beta and RC went quite quickly, because... I was doing clean install operating system on the test machine. At the same time upgrade my working system

Getting to the final version of Windows 7 turned out to be a much longer and more difficult process. However, I would prefer to see Windows 7 set to full inclusion

This seemingly simple step would protect millions of machines in the world from everyday exploits, etc. Well, maybe in Windows 8...

Security Center - Action Center

Windows 7 did not swear at my Norton Internet Security 2010, since Norton was not an obstacle to upgrade. At the same time without installing Norton new security center Action Center would alert me to the absence antivirus protection.

Old Vista Security Center Security Center I simply monitored the presence of a firewall (firewall or firewall) and anti-virus protection, plus automatic updates. However, the new Action Center, which replaces Security Center, also reports problems with spyware protection, Internet security, UAC, system maintenance, and more.

The Security Center icon in the notification area replaces the five separate icons in Vista. In addition, according to the Windows 7 Development Blog, it should only show a notification to the user if some kind of response is required from him.

You should no longer see any pop-up notifications that just tell you something.

All pop-ups are now important and practical. security center So, what did he warn me about in the first place?

? "Windows will install updates on a schedule." That's it! The center was honored to warn me that installing updates may cause the computer to reboot. Just warn me before any reboot!

Virus protection

If you don't have an antivirus or some kind of anti-spyware protection installed, then Security Center will pester you until you give in and install something that it knows.

And he knows, I must say, almost all modern security products. If you install something that the center does not know, then you can turn off its annoying messages.

At the beginning of beta testing, a link to information about security programs led to a page under development. At the same time, by the time Windows 7 RC was released, this page already had links to seven major security software developers with compatible products.

There are currently about 20 developers of compatible security products listed on this page. You can try Microsoft Security Essentials 1.0, AVG Anti-Virus Free Edition 9.0 or Avast for free! 4.8 Home Edition. 7 Beta I was tormented by UAC pop-ups, which Microsoft was still working on taming. However, in the final Windows versions 7 everything has improved significantly both in terms of the number of pop-ups and in terms of UAC settings....

Windows Filtering Platform -
Windows Filtering Platform

Firewalls must work with Windows 7 at a very low level, which Microsoft programmers absolutely hate. Some Microsoft technologies, such as PatchGuard, present in 64-bit editions of Windows 7 (64-bit Windows 7 have a number of security advantages over 32-bit Windows 7), block attackers and also protect the kernel from access to it.

Still, Microsoft does not provide the same level of security as third-party programs.

So what to do? The solution to this problem is the Windows Filtering Platform (WFP). The last one, by according to Microsoft, allows third party firewalls to be based on key

Windows capabilities Firewall - allows you to add custom capabilities to them and selectively enable and disable parts of the Windows Firewall. As a result, the user can

choose your firewall

, which will coexist with Windows Firewall.

But how useful is it really for security developers? Will they use it? I asked a few people and got a ton of responses.

BitDefender LLC Product development manager Iulian Costache said his company is currently using this platform in Windows 7. However, they have encountered significant memory leaks. The error is on Microsoft's side, which the largest software giant has already confirmed. However, Julian does not know when it will be resolved. In the meantime, they have temporarily replaced

new driver

WFP on old TDI.

Check Point Software Technologies Ltd

Check Point Software Technologies Ltd PR manager Mirka Janus said his company has been using WFP since Vista. They also use the platform under Windows 7.

"Using supported APIs means improved stability and fewer BSODs. Many drivers can be registered and each driver developer does not have to worry about compatibility with others.

If any driver is, say, blocked, no other registered driver can bypass that blocking. On the other hand, an incompatible driver can become a problem, bypassing all other registered ones.

We don't rely on WFP alone for network security."

F-Secure Corporation

Senior researcher at F-Secure Corporation Mikko Hypponen said that for some reason WFP never became popular among security software developers. At the same time, his company used WFP for quite a long time, and was happy with it.

McAfee, Inc.

In turn, McAfee lead architect Ahmed Sallam said that WFP is a more powerful and flexible network filtering interface than the previous NDIS-based interface. McAfee actively uses WFP in its security products.

At the same time, despite the fact that WFP has positive capabilities, cybercriminals can also take advantage of the platform’s advantages. The platform could allow malware to enter the Windows kernel level network stack. Therefore, 64-bit Windows drivers kernel level must have digital signatures

to protect the kernel from loading malware into it. However, digital signatures are not required on 32-bit versions.

Yes, in theory, digital signatures are a reasonable security mechanism, but in reality, malware authors can still acquire them for themselves.

Panda Security

Panda Security spokesman Pedro Bustamante said his company monitors the WFP platform but does not currently use it. The company considers the main disadvantages of WFP to be, firstly, the inability to create a technology that would combine various techniques to maximize protection.

Technology is useless if a company can't look at the packets going into and out of the machine. It should also act as a sensor for other security technologies. None of these features are provided by WFP. Secondly, WFP is only supported by Vista and newer operating systems.

The platform is not backward compatible. And thirdly, WFP is quite

Dan Nadir, director of consumer product management at Symantec, said that WFP is not yet used in their products due to its relative novelty. However, over time the company plans to migrate to it, because... the old interfaces they currently rely on will not be able to provide the full functionality they require.

They consider WFP a good platform because... it was specifically designed to provide interoperability between a variety of third party programs. In principle, the platform should have even fewer compatibility problems in the future. WFP is also great because it is integrated with the Microsoft Network Diagnostic Framework.

This is extremely useful because... greatly facilitates the search for specific programs that are an obstacle to network traffic. And finally, WFP should lead to improved operating system performance and stability because... The platform avoids emulation and problems with driver conflicts or stability.

However, on the other hand, according to Nadir, WFP can create certain problems that exist in any structure - developers relying on WFP cannot close vulnerabilities within WFP itself, nor can they expand the specific capabilities offered by WFP.

Also, if many programs rely on WFP, malware creators could theoretically try to attack WFP itself.

Trend Micro Inc.

Director of Research at Trend Micro Inc. Dale Liao said that the platform's biggest advantage is its compatibility with the operating system. Also, a standard firewall has now become useful.

So now they can focus on what really matters to the user.

The bad thing about WFP is that when an error is discovered in the platform, the company has to wait for it to be fixed by Microsoft.

WFP: Conclusion

As a result, most of the security developers I interviewed already use WFP. True, some in parallel with other technologies. They like interoperability, like the documentation and formality of the platform, and also the perceived stability of its operation. With another, negative side

Another big disadvantage of WFP is that it is not available in Windows XP. Therefore, developers who want to support XP will have to run two parallel projects. However, as XP leaves the market, I think WFP will become more popular among developers.

Firewall and Network

The Windows firewall (firewall or firewall) does not inspire respect. Changed slightly from XP to Vista, it does its simple job well, but it lacks the ambition to be the best personal firewall.

However, despite the fact that the Windows 7 firewall received several new features, it still did not receive what I expected to see in it.

Hanging out with Homegroup

During Windows installations 7 suggests creating a "home group". As other Windows 7 computers are discovered on the network, they are also invited to join the group.

And all they need for this is a password to it. However, having one computer running Windows 7, I did not see the process of logging into a group of other computers, although a notification about this would not hurt. However, while any computer running Windows 7 can join a homegroup, computers running Windows 7 Home Basic and Windows 7 Starter cannot create one.

Computers in the same homegroup can share (or, as they say, "share") printers and specific file libraries. By default, libraries of pictures, music, videos and documents are shared, but the user can limit them at his own discretion.

Help in the operating system gives clear explanations of how to exclude a file or folder from sharing, or how to make it read-only, or how to restrict access to it.

In his home network, the user can share his content to other computers and devices, and even to computers that do not run Windows 7 and even to non-computers at all. In particular, Microsoft showed examples of how you can share content on the Xbox 360. However, the company does not offer to connect the Wii to the network. Alas, the company did not qualify the Wii as a streaming media device.

So how much home network Is Windows 7 more secure? Typically, users who fail to share files and folders begin to disable everything around them, including filewall, antivirus, etc., which, in their opinion, may interfere with this process. At the same time, if you make sharing simple, then turning off everything around you can be avoided.

If Vista divides networks into public (Public) and private (Private), then Windows 7 divides the private network into home (Home) and work (Work). HomeGroup is only available when you select your home network.

However, even on a work network, your computer can still see and connect to other devices on it. In turn, on a public network (like a wireless one in an Internet cafe), Windows 7 blocks access to and from you to other devices, for your safety. This is a small but nice opportunity.

Dual-mode firewall

In Vista and XP, firewall management comes down to simple switching on and shutdown. At the same time, Windows 7 offers the user various configurations settings for private (home and work) and public networks.

At the same time, the user does not need to enter the firewall settings in order to work, say, in a local cafe.

All he needs to do is select a public network, and the firewall itself will apply the entire set of restrictive parameters.

Most likely, users will configure the public network to block all incoming connections. In Vista, this could not be done without also cutting off all incoming traffic on the user's own network.

Some users do not understand why a firewall is needed. If UAC works, isn't a firewall overkill? In reality, these programs have completely different goals. UAC monitors programs and their operation within the local system. The firewall looks closely at incoming and outgoing data. If you imagine these two programs as two heroes standing back to back and repelling zombie attacks, then, one might say, you can hardly go wrong. At first I was intrigued new opportunity"Notify me when Windows Firewall blocks new program"Is this a sign that the Windows Firewall has taken control of programs and has become a true two-way firewall? I was tempted to disable this feature. And in

result Windows

I do not require intelligent monitoring of program behavior, as, for example, in Norton Internet Security 2010 and other packages. But I hope that by the release of Windows 8, Microsoft will still implement a set of features of the ten-year-old ZoneAlarm into its firewall.

Microsoft is well aware that many users install third-party firewalls and security packages and simply disable Windows Firewall. In the past, many third-party security programs automatically disabled Windows Firewall to avoid conflicts.

In Windows 7, Microsoft did this themselves. When installing a firewall known to it, the operating system disables its built-in firewall and reports that “the firewall settings are controlled by such and such a program from such and such a manufacturer.”

Whether you use it or not, Windows Firewall present in every Windows 7, while having thorough integration with the operating system.

So wouldn't it be better if third party security applications could use the Windows firewall for their own purposes? This is the idea behind a programming interface called the Windows Filtering Platform. But will developers use it? Rhetorical question :-)

Windows 7 Security - UAC

People who bought computers with Vista pre-installed are usually happier than those who upgraded from XP (especially if the upgrade did not go according to the update wizard's plan). The same can be said about Windows 7.

Even after following all the steps in the Windows 7 Upgrade Wizard when upgrading from Vista, I still had to dance with a tambourine to restore my connection to the PCMag network.

However, even big Vista fans who have never experienced any problems with an upgrade must admit that UAC can be very annoying. Fortunately, while developing Windows 7, Microsoft made significant improvements to UAC...... see more about the "evil UAC"

BitLocker Drive Encryption

BitLocker drive encryption first appeared in Windows Vista. BitLocker prevents thieves using a different operating system or running malicious software from hacking your files and Windows systems or view files stored on a secure drive offline.

AppLocker Application Execution Limit

Windows 7 introduced AppLocker, an application control policy that gives IT departments the ability to control the programs that can run on desktop PCs in an organization.

Conclusions about security in Win 7

So, is Windows 7 safe? Overall, the operating system's security isn't bad, but it still can't be said to be a stunning improvement over Vista. Not much has changed since my beta testing of Windows 7 about a year ago.

Microsoft engineers introduced new levels of UAC protection, reducing the number of notifications from the security program, and completed work on BitLocker To Go. At the same time, during beta testing, I thought Windows Firewall would become a full-fledged program. However, this was not destined to come true.

When Windows Vista came out change Windows XP, security was one of the key points that Microsoft relied on in advertising the new product. Vista has a ton of new security features aimed at correcting the perception that Windows is an insecure OS.

At the same time, there is no such significant gap between Windows 7 and Vista. UAC is still UAC, although he is now much more pleasant and mannered. And the new capabilities of the operating system firewall are only evolutionary, but not revolutionary.

All the secrets and subtleties of Windows 7

Download free wallpaper - background pictures for desktop

Download Windows 7 Gadgets - Widgets and Gadget Panel

Introduction

If your computer is connected to computer network(no matter whether it is the Internet or an Intranet), then it is vulnerable to viruses, malicious attacks and other intrusions. To protect your computer from these dangers, you must have a firewall (firewall) and antivirus software (with the latest updates) running on it at all times. In addition, it is necessary that everything Latest updates were also installed on your computer.

Not every user can constantly monitor this. Not every user knows how to do this. And even if the user is competent in these matters, he simply may not have enough time for such checks. Microsoft took care of all these users by including such a tool in SP2 for Windows XP. It is called "" (Windows Security Center) (Fig. 1).

Rice. 1. Windows Security Center

The main purpose of this tool is to inform and guide the user in the right direction. Firstly, it constantly monitors the states of the three main components of the OS (firewall, antivirus, system automatic update). If the settings of any of these components do not meet the computer's security requirements, the user will receive a notification. For example, in Fig. Figure 2 shows one of these notifications.

Rice. 2. Alert

Secondly, when opening the Windows Security Center, the user can not only receive specific recommendations on how to fix the current situation, but also find out where other settings related to computer security are located, and where on the Microsoft website you can read additional information to ensure safety.

It should be noted right away that when you connect a computer to a domain, the Windows Security Center does not display information about the computer's security status (Fig. 3) and does not send security messages. In this case, it is believed that security settings should be managed by a domain administrator.

To enable Windows Security Center for a computer that is part of a domain, you must enable the Computer Configuration, Administrative Templates setting in the domain's Group Policy. Windows components, Security Center, Enable "Security Center (for computers in a domain only)".

Rice. 3. Windows Security Center

Windows Security Settings

To open the Windows Security Center, click the Start button, select Control Panel, then double-click the Security Center icon (Figure 4).

Rice. 4. Icon

The Windows Security Center window can be divided into three parts (Fig. 5):

Rice. 5. Security Center

1. Resources. Here are links to go to Internet resources, to the built-in Windows help service, and to the window for configuring alert settings.
2. Security components. Here are the information elements of the three main security components: firewall, automatic updates, anti-virus protection.
3. Security settings. Here are buttons for accessing the security settings of the following components: Internet Explorer, automatic updates, Windows Firewall.

Let's look at these parts in more detail.

Resources

In Fig. 5, the number 1 indicates links, the first three of them are intended to go to the corresponding pages on the Microsoft website. The penultimate link is intended to open the help desk. Windows services On the page " General information about Windows Security Center." The last link is intended to open the "Alert Settings" window (Fig. 6).

Rice. 6. Alert Settings

If your computer has a firewall and antivirus software that is not detected by the Security Center, you can disable the corresponding alerts (see Figure 6).

Security Components

In Fig. 5, number 2 - each information board reports the status of the corresponding component. Figure 7 shows possible states.

Rice. 7. Information board states

States A-C understandable without comment. State D - "Not Found" - corresponds to the inability to determine the presence of the corresponding software (for example, an antivirus or firewall). State E - "Expired" - is possible for anti-virus protection when anti-virus database updates are out of date. State F - "Not Observed" - corresponds to disabled control over the corresponding component.

Security Center takes a two-tier approach to determining the state of components:

1. Checking the contents of the registry and files with information about the status of the software (Microsoft receives a list of files and registry settings from software manufacturers).

2. Information about the software status is transmitted from installed programs using WMI tools ( Windows Management Instrumentation - Windows Management Instrumentation).

Figure 8 shows one of the possible states of the Firewall component. By clicking the "Recommendations..." button, you will have the opportunity to either enable the firewall (Fig. 9, "Enable Now" button) or disable monitoring the state of this component (Fig. 9, the "I install and monitor the firewall myself" option).

Rice. 8. Firewall status

After clicking the "Enable now" button (see Fig. 9), if the Windows firewall is successfully launched, a corresponding message will appear on the screen (Fig. 10).

Rice. 10. Message

Figure 11 shows one of the possible states of the "Automatic Update" component. By clicking the "Enable Automatic Updates" button, you will enable the "Automatic Updates" operating mode recommended by Microsoft (Fig. 12).

Rice. eleven."Automatic update" status

Rice. 12. Automatic update

Please note that depending on the set operating mode of "Automatic update" (see Fig. 12) in the "Security Center" window it is indicated short description this mode.

Figure 13 shows one of the possible states of the “Virus Protection” component. By clicking the "Recommendations..." button, you will receive laconic instructions (Fig. 14): "enable antivirus program" (if it is disabled), "install another antivirus program." In this window, you can disable monitoring the status of this component (the "I install and monitor the antivirus myself" option).

Rice. 13. Virus protection status

Security Settings

In Fig. 5, under number 3, there are buttons for going to the security settings of the following components: Internet Explorer, automatic updates, Windows Firewall.

By pressing the button , you will be taken to the “Security” tab in the Internet Explorer settings window (Fig. 15).

Fig. 15. Internet settings Explorer

By clicking the button, you will open the “Automatic Update” settings window (see Fig. 12).

By clicking the button, you will be taken to the corresponding settings window (Fig. 16).

Rice. 16.

In Windows XP SP2, the following icons are used to indicate security-related settings (see, for example, Fig. 16), as well as for notifications about the computer’s security status (see, for example, Fig. 2):

1. - Indicates important information and safety settings.

2. - Notifies you of a potential security risk.

3. - The situation is safer. Your computer is using recommended security settings.

4. - Warning: the situation is potentially dangerous. Change your security settings to make your computer more secure.

5. - It is not recommended to use the current security settings.

Internet Options

As stated earlier, by clicking the button in the "Windows Security Center", you will be taken to the Internet Explorer settings window on the "Security" tab (Fig. 17).

Rice. 17.

Let's look at the options available on this tab. At the top there are four zones: Internet, Local Intranet, Trusted Sites, Restricted Sites. Table 1 provides a description for each zone.

Table 1. Description of zones

For all zones except the Internet zone, you can define the hosts included in the zone. To do this, you need to select the desired zone (see Fig. 17) and click the “Nodes...” button. In this case, for the “Local intranet” zone, the window shown in Fig. 18 will open. If you want to specify specific nodes, click the "Advanced..." button. As a result, the window shown in Fig. 19 will appear. A similar window will open if you define nodes included in the "Trusted Sites" and "Restricted Sites" zones. Only the "Restricted Sites" zone will not have the "All sites in this zone require server verification (https:)" option.

Rice. 18. Local intranet

Rice. 19. Specifying specific nodes

Each zone can be assigned the desired security level: high, medium, below average, low. Low level Security is the minimum security setting and is used for sites that you fully trust.

Select the desired zone (see Fig. 17) and click the "Default" button. The "Security" tab will change its appearance (Fig. 20). At the bottom of the window you can determine the desired security level. If you do not want to use the proposed security levels, you can click the “Other…” button and define all the security parameters yourself (Fig. 21).

Rice. 20. Internet Explorer Security Settings

Rice. 21. Security Settings

The Internet Explorer security settings described above are also available through Group Policy (Computer Configuration, Administrative Templates, Windows Components, Internet Explorer, Internet Control Panel, Security Page).

Automatic update

As mentioned earlier, by clicking the button in the “Windows Security Center”, you will open the “Automatic Updates” settings window (Fig. 22).

Rice. 22. Automatic update options

Built into Windows XP reference system describes the automatic update system in great detail. To access this help, click on "How does automatic updating work?" (see Fig. 22). Let's just dwell on a few points.

First, it is necessary to distinguish between the concepts of “downloading” and “installing” updates. Download refers to the process of transferring update files from a Microsoft server (or internal server updates in the organization) to the user's computer. Installation refers to the actual process of installing updates on the user’s computer. It is possible that updates have been downloaded to a user's computer, but have not yet been installed.

Secondly, if you selected the “Automatic” option (see Fig. 22), then updates will be downloaded and installed at the time you specified. If the computer is always turned off at the specified time, the updates will never be installed. When you log on to your computer, a user with local administrator rights can run the installation manually without waiting for the scheduled time. When the scheduled time arrives, the user will be notified that the updates will begin installation. If an administrator is working on the system at this time, they will have the option to defer installation until the next scheduled time. Other users (without administrator rights) will not have the opportunity to cancel the scheduled installation of updates.

In all other cases (except for the "turn off automatic updates" option), notifications about existing updates for your computer (ready to download or install) will only appear when a user with local administrator rights is registered on your computer. Thus, if on your computer you constantly work with account, which is not a member of the local administrators group, the updates will never be installed.

The automatic update settings described above are also available for configuration through Group Policy (Computer Configuration, Administrative Templates, Windows Components, Windows Update). In addition, only through Group Policy can you set additional settings. For example, you can specify the address of the internal update server, which centrally receives updates from Microsoft servers and sends them to internal computers organizations. An example of such a server is Microsoft® Windows Server™ Update Services (WSUS).

Windows Firewall

As mentioned earlier, by clicking the button in the “Windows Security Center”, you will open the “Windows Firewall” settings window (Fig. 23).

Rice. 23. Windows Firewall Settings

If you click on the inscription “More about the Windows Firewall” (see Fig. 23), you can read brief information about the capabilities of the firewall (firewall) included in Windows XP SP2.

Let us only note that, unlike products from other manufacturers, the built-in Windows firewall is intended only to control incoming traffic, i.e. it protects your computer only from external intrusions. It does not control outgoing traffic from your computer. Thus, if your computer has already been infected by a Trojan horse or virus that itself establishes connections with other computers, Windows Firewall will not block their network activity.

Additionally, by default the firewall protects everything network connections, and incoming ICMP echo request is disabled. This means that if Windows Firewall is enabled on your computer, then checking the presence of such a computer on the network using the PING command is a pointless exercise.

Very often in organizations where it is used software, which requires allowing incoming connections to user computers, there is a need to open some ports on computers with installed Windows XP SP2. To solve this problem, you need to set exceptions in the Windows Firewall settings. There are two ways to solve this problem:

1. You can set an exception by specifying a program that requires incoming connections. In this case, the firewall itself will determine which ports need to be opened, and will open them only for the duration of the execution of the specified program (more precisely, for the time when the program will listen on this port).

2. You can set an exception by specifying a specific port on which the program listens for incoming connections. In this case, the port will always be open, even when this program is not running. From a security point of view, this option is less preferable.

There are several ways to set an exception in Windows Firewall settings. You can use the graphical interface (Fig. 24). This option is covered in some detail in the Help Center and Windows support XP SP2. You can use domain group policy. This option is preferable if there are a large number of computers in an organization. Let's look at it in more detail.

Rice. 24. Exceptions tab

Windows Firewall settings in Group Policy are located in the Computer Configuration, Administrative Templates, Network, Network connections"Windows Firewall".

When configuring via Group Policy, you need to configure two profiles:

1. Domain profile. The settings in this profile are used when the computer is connected to a network that contains an organization's domain controller.

2. Standard profile. The settings in this profile apply when the computer is not connected to a network that contains an organization's domain controller. For example, if an organization's laptop is used on a business trip and is connected to the Internet through an Internet service provider. In this case, the firewall settings must be more restrictive than the domain profile settings, since the computer is connecting to the public network, bypassing its organization's firewalls.

Let's look at how to set exceptions for a program and for a given port. As a specific example, let’s take the Server request Kaspersky administration Administration Kit to the computer on which Network Agent is installed to obtain information about the status of anti-virus protection. In this case, it is necessary that the client computer has UDP port 15000 or the program “C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe” is allowed to receive incoming messages.

Related information.

A security policy is a set of parameters for regulating PC security by applying them to a specific object or to a group of objects of the same class. Most users rarely make changes to these settings, but there are situations when it needs to be done. Let's figure out how to perform these steps on computers running Windows 7.

First of all, it should be noted that by default the security policy is configured optimally to perform the everyday tasks of an ordinary user. It is necessary to manipulate it only if there is a need to resolve a specific issue that requires adjustment of these parameters.

The security settings we're looking at are controlled using GPOs. In Windows 7 you can do this using the tools or "Local Group Policy Editor". A prerequisite is to log into the system profile with administrator rights. Next we will look at both of these options.

Method 1: Using the Local Security Policy tool

First of all, let's study how to solve the problem using the tool "Local Security Policy".

1. To launch the specified snap-in, click "Start" and go to "Control Panel".



2. Next, open the section "System and Security".



3. Click "Administration".



4. From the proposed set of system tools, select an option "Local Security Policy".

   

   You can also launch the snap-in through a window "Run". To do this, dial Win+R and enter the following command:

   Then click "OK".



5. The above steps will launch the GUI of the tool you are looking for. In the vast majority of cases, it becomes necessary to adjust the parameters in the folder "Local Politicians". Then you need to click on the element with this name.



6. This directory contains three folders.

   In the directory the powers of individual users or groups of users are determined. For example, you can specify whether individuals or categories of users are prohibited or allowed to perform specific tasks; determine who is allowed local access to a PC, and to others only via the network, etc.

   In the catalog "Audit Policy" The events to be recorded in the security log are specified.

   In folder "Security Settings" various administrative settings are specified that determine the behavior of the OS when entering it both locally and via the network, as well as interaction with various devices. These parameters should not be changed unless absolutely necessary, since most of the relevant tasks can be solved through standard account settings, parental control and NTFS permissions.

   

7. For further actions for the problem we are solving, click on the name of one of the above directories.



8. A list of policies for the selected directory will open. Click on the one you want to change.



9. After this, the policy editing window will open. Its type and the actions that need to be performed differ significantly from which category it belongs to. For example, for objects from the folder "Assigning user rights" in the window that opens, you need to add or delete the name of a specific user or group of users. Adding is done by pressing the button “Add user or group...”.

   

   If you need to remove an element from the selected policy, select it and click "Delete".



10. After completing the manipulations in the policy editing window, do not forget to click the buttons to save the adjustments made "Apply" And "OK", otherwise the changes will not take effect.

We described changing security settings using the example of actions in the folder "Local Politicians", but by the same analogy you can perform actions in other equipment directories, for example in the directory "Account Policies".

Method 2: Using the Local Group Policy Editor tool

You can also configure local policy using the snap-in "Local Group Policy Editor". True, this option is not available in all editions of Windows 7, but only in Ultimate, Professional and Enterprise.

1. Unlike the previous snap-in, this tool cannot be launched via "Control Panel". It can only be activated by entering a command into the window "Run" or in « Command line» . Dial Win+R and enter the following expression in the field:

   Then click "OK".

   

Latest version Microsoft Windows operating system Windows 7, is one of the most efficient computer operating systems available today. Windows 7 not only convenient, but also safe in all respects. Although it has user interface elements very similar to Windows Vista, Windows 7 has a much higher level of security. In this article, let's analyze these security features in detail.

Windows 7 Security Features broken down into six categories, Windows Firewall, Windows Defender, User Account Control, BitLocker, Parental Controls, and Backup and Restore. We will check more detailed information about each of these functions.

Windows Firewall

Viruses, computer worms, hackers, spyware, or any other threat affecting your computer? Windows Firewall can protect it. Windows Firewall in Windows 7 is more convenient than in Windows Vista. Windows 7 Firewall Supports three network profiles, home, work, and public. Each one suits specific needs. For example, if your computer is connected to a public network such as Wi-Fi access, you can activate the general network profile. It filters out all incoming connections that may be a security risk. In the same way, if you are connected to a work environment, you may want to have trusted connections that can be made through the work network profile.

Windows Defender

Do you know Windows Vista Defender? . This program protects your system from all types of malware. Windows 7 has a Defender version that is much simpler and easier to use than Windows Vista. IN Windows 7, Defender is included in Action Center, a utility that reports important system events. This version has additional parameters scanning and simple notification defender. In addition, resource consumption is significantly reduced. Exists new feature"system cleanup" which will help you remove everything unwanted programs with one click.

User Account Control (UAC)

This feature, first introduced in Vista, notifies you of any activity initiated by any program on the system that requires permission from the system administrator. When this happens, UAC notifies you in a search dialog about the administrator login details. If you System Administrator, you can click “Yes” in the dialog box and the system will raise its access level. Otherwise, you need to contact the system administrator and get him to perform the task for you. However, soon after the task is completed, the permission level will revert to standard users. The UAC dialog box has various notification icons that indicate the type of task you are about to do.

BitLocker and BitLocker To Go.

BitLocker is a data encryption tool available in Windows Vista and Windows 7. However, this tool is part of the final edition only Windows 7. This tool will help you protect important information on your computer, encrypting it with a so-called virtual lock. With this utility, you can block all HDD. Once enabled, the program automatically encrypts any new file, saved on your hard drive.

IN Windows 7, the tool has improved significantly, and there is another option called BitLocker To Go, which allows you to encrypt portable storage devices such as external hard disks and USB drives.

Parental control

If you have kids at home and they work on the computer, Parental Controls is something you can't forget about keeping an eye on your kids. You can check how children use the system. By enabling the parental management tool, you can easily monitor their activities on PC. Possibly to limit computer use for children in certain time, and they won't play destructive games.

Backup and Restore

Backup and Restore is an excellent tool available for all versions of Windows. This insures you against data loss that may be caused by system failures. With this tool you can backup all your important data to external hard disks or optical drives. Additionally, you can use the backup and restore schedule option, which automates the backup process so you don't have to worry about it at all. In publications Windows 7 PRO and Maximum, you can create backups files to network folders.

Conclusion

As you can see, Windows 7 comes with pretty good security loads. The good news is that most of these features can work in tandem with any third-party security tools you want to install on your computer. Windows 7 is much more feature rich and secure than older versions of Windows. If you learn to use all these security features properly, you won't have to worry about your system at all.