Submission + - How Microsoft fights off 100,000 attacks per month
El Lobo writes: Microsoft, of course, maintains valuable intellectual property on its internal network, including the source code to all its operating systems and applications. These are constant targets for hackers...What do I mean by a constant target? Last year, Microsoft IT said it was the target of more than 100,000 intrusion attempts per month.
So how does Microsoft mitigate those risks while continuing to offer VPN access to remote employees and contractors? "Today, we require a smartcard with a valid certificate and PIN as well as network credentials and authorization to use the network remotely" says the director of MS's internal security. The second layer of protection for the Microsoft corporate VPN is a connection "sandbox," implemented using Windows Server 2003's Network Access Quarantine Control.
A very good reading about MS internal security:
http://www.computerworld.com/action/article.do?com mand=viewArticleBasic&articleId=9005756&pageNumber =1
So how does Microsoft mitigate those risks while continuing to offer VPN access to remote employees and contractors? "Today, we require a smartcard with a valid certificate and PIN as well as network credentials and authorization to use the network remotely" says the director of MS's internal security. The second layer of protection for the Microsoft corporate VPN is a connection "sandbox," implemented using Windows Server 2003's Network Access Quarantine Control.
A very good reading about MS internal security:
http://www.computerworld.com/action/article.do?co
