Without showing my age, I have been in the computer industry for over 30 years. When I first got into networking, security basically was just protecting files from unauthorized access from people in your own organization. Today, that is completely changed. We still have to make sure that our servers and data is protected from unauthorized employee access, but we also have to spend much of our time protecting our networks from outside threats.
Unfortunately, there is no magic pill or solution to stop these external threats. Even if you decide that you want to completely disconnect your network from the Internet, your organization can still be attacked. One of the main reasons is because of our end users. In today’s technology world, most of our users have devices that they use at home and also on their corporate network.
So, when we talk about network security, it’s not just a single thing that we can do to protect our network. To truly protect our networks, we need to use multiple layers of security. This not only includes tools and devices that we can put on our physical network like hardware- based firewalls and intrusion detection systems, but also tools that we can add to our devices to help keep them secure.
Microsoft Windows devices (client and server based) include built- in Windows Security (see Figure 15.1), such as antivirus protection. Windows devices are automatically protected from the very moment that your users start using Windows. Windows Security is always scanning the system for viruses, malware (malicious software), and security dangers.
Managing Windows Security
Not only does Windows provide real- time protection, but Microsoft also continually releases operating system updates to make sure that your corporate devices stay safe and that the devices are protected from any new threats.
Windows Security Basics
Windows Security is built into Windows and includes an antivirus program called Microsoft Defender Antivirus. In early versions of Server, Windows Security was called Microsoft Defender Security Center. Windows Security is where the tools that protect a device and data can be found. This is one of many ways that you can protect your system.
Windows Security (see Figure 15.2) is a built-i n Windows application that protects your system from viruses and spyware. It is included free with the operating system, and once you turn your operating system on, Windows Security starts automatically protecting your system.
FIGURE 15.2 Security At A Glance
Windows Security has multiple options to help protect your system. Let’s take a look at some of these options. I am going to show the options that are available on a Windows 10/11 client system. Windows Server 2022 only has the following options: Virus and Threat Protection, Firewall and Network Protection, App & Browser Control, and Device Security. The reason that I am covering the client- side options is because it is important to configure both the Server Firewall protection and the Client Firewall protection to ensure that your network has multiple layers of security. The options include the following:
Virus and Threat Protection Windows will automatically monitor for threats that can impact your device, run scans on your system, and get updates to help protect against any new threats. Windows has an antivirus built in, and it will get automatic updates when your Windows systems get updated.
Account Protection You can configure the user’s sign- in options and account settings. These settings are included while using Windows 10/11.
Firewall and Network Protection Windows includes a Windows Defender Firewall that allows you to help prevent unauthorized users or malicious software from accessing your computer.
App and Browser Control You can configure update settings for Microsoft Defender SmartScreen and this helps protect your Windows devices against potentially dangerous applications, downloads, files, and websites. This gives you the ability to control exploit protection and customize settings that will help protect your Windows devices.
Managing Windows Security
Device Security Device Security allows you to use built- in security options to defend your organization’s Windows devices from malicious software attacks.
Device Performance and Health Windows allows you to view the status information about the device’s performance health. This helps you keep your organization’s devices clean and up to date with the latest version of Windows. These settings are included while using Windows 10/11.
Family Options The Family Options feature in Windows Security is not a feature that most administrators will configure in a corporate environment. These options provide tools to help manage children’s computer access. Parents can use Family Options to help keep their children’s devices clean and up to date with the latest version of Windows and to protect their children when they are on the Internet. These settings are included while using Windows 10/11.
You may notice status icons on the protection areas; these indicate the level of safety:
■ Green indicates that there aren’t any recommended actions that need to be taken right now.
■ Yellow indicates that there is a safety recommendation.
■ Red indicates that there is a warning that something needs immediate attention.
In Exercise 15.1, I will show you how to run an advanced virus and threat scan on your Windows device.
EXERCISE 15.1
Running an Advanced Scan
- In Windows 10, click Start ➢ Settings ➢ Update & Security ➢ Windows Security and then choose Virus & Threat Protection.
In Windows 11, click Start ➢ Settings ➢ Privacy & Security ➢ Windows Security and then choose Virus & Threat Protection.
- Under Current Threats, select Scan Options (or in early versions of Windows 10, under Threat History, select Run A New Advanced Scan).
- Make sure the Full Scan radio button is selected and click the Scan Now button.
In the Scan Options menu (see Figure 15.3), you will see a list of four different types of scans you can perform:
Quick Scan Scans folders on your device where threats are usually found, such as the Downloads and Windows folders. This usually only takes a few minutes to finish.
Full Scan This scan scans all files on your computer and all running programs. The scan may take longer to complete than other scans.
Custom Scan If you select this option, Windows Security will ask you for a specific file or folder location that you want to scan.
EXERCISE 15.1 (continued)
Microsoft Defender Offline Scan This option restarts your computer and scans system files and programs while they are not running; this can be handy if there is malware running on the computer that may interfere with the scan.
FIGURE 15.3 Scan Options
4. The scan will take a while. After the scan finishes, close the Defender Security Center.