Network Infrastructure

·         The Network Policy Server is an improved version of the Remote Authentication Dial-In User Service (RADIUS) server, incorporating NAPand IPv6support.

·         Remote Access and Virtual Private Network (VPN) connection enhancements allow smoother connections with greater security.

·         Dynamic Host Configuration Protocol (DHCP) enhancements include support for IPv6(DHCPv6), the new Internet Protocol (IP) addresses (128 bit instead of the current 32).

Probably the most important of these enhancements are:

1. Group Policy additions, which allow network administrators to configure the wireless behavior of all laptops when they connect to the base network through Active Directory (AD).

2. Enhanced diagnostics, which allow better end-user support in business environments and make it easier for individual users to figure out why they are having trouble connecting. [11]

User Account Control (UAC)

In Windows XP, all users are automatically created as local administrators in order to allow them to install, update and remove software, backup files and directories, and other system-wide tasks. Local administrators have read, write, and execute permissions to all Windows resources, as well as all Windows privileges. Although convenient for the user, this exposes the computer to a variety of threats originating from hackers or malware. Since the user has all permissions and privileges, any process that impersonates that user will also have the same power to install and run programs, change existing programs, and add, delete, and modify files and folders.

The solution for XP is to remove the user from the local administrator group and run as a standard user (a user with the least amount of permissions and privileges required to perform basic tasks). This, however, creates another set of problems, because administrative privileges are required to run some programs, and to install, update and change others. In fact, standard users do not have privileges necessary to change and add printers or even modify time settings. There was no plan in XP to allow standard users to temporarily acquire administrative privileges in order to perform tasks for which they had inadequate authority.

UAC fulfills that function in Windows Vista. Instead of using the “Run As” procedure, or logging off and logging on as a local administrator, the standard user in Windows Vista has the option of seamlessly acquiring the necessary privileges and permissions during the flow of the task that requires them, by providing administrator credentials. In addition, administrators themselves actually run as standard users, acquiring administrator rights seamlessly only when necessary.

In this way, all interactive users normally run with minimum permissions, so it is much more difficult for the system to be compromised. An additional benefit of running with minimum permissions is that malicious software must also request permission before it can install itself. [12]

Figure 1 - Windows Vista Sidebar

Sidebar Gadgets