Several Windows 7 security features that users should know about

Microsoft's next-generation operating system, Windows 7, has achieved record-breaking sales, with a 31-year increase in sales of boxed operating systems, bringing huge business to Microsoft. profit. Recently, security expert Rogge · Corem from a more objective point of view of the security features of Windows7: 1, UAC (user account control) As we all know, UAC is Microsoft's old version of the operating system Vista first, but many Vista users are right The UAC function is very unsuitable. Because UAC's ability to block unauthorized operations is very powerful, suspicious processes are excluded from the kernel and can only be run with user permission. Comments: Win7 has improved the UAC function. Under the premise of ensuring system security, minimizing the number of UAC pop-up prompts does not affect the fluency of the operation. It can be said that UAC is an important part of the Win7 security system and a feature that most Win7 users are most exposed to. 2, BitLocker (disk lock) BitLocker drive encryption technology is also a new data protection function in Vista, mainly used to solve the problem of data theft or malicious leakage caused by computer equipment loss. Win7 modified BitLocker's potentially exploited vulnerabilities and enhanced TPM (Trusted Platform Module) for hardware-based full disk encryption. Comments: BitLocker's key can be saved on disk or mobile disk, and also supports print and save, suitable for enterprises or individual users with high security requirements. 3. Suite B (Encryption Support) SuiteB is a mandatory cryptographic algorithm developed by the National Security Agency (NSA) to support government and military system secret (SECRET) and top secret (TOP SECRET) communications. With this algorithm, the NSA believes they can encourage collaboration between US domestic departments. According to different security requirements, it can be divided into 128, 256 or even higher. AES and SHA-256, with 128-bit or 256-bit keys, are designated to protect confidential information from the highest to the secret (SECRET) level. TOP SECRET information requires a 256-bit AES key combined with SHA-384. Comments: Suite B is a very strict cryptographic algorithm. Windows 7 adopts such high specification standards in order to improve its security. 4. Direct Access Direct Access is a new feature in Windows 7 and Server 2008 R2. With this feature, users on the external network can directly access the resources behind the corporate firewall from the Internet at high speed and without the need to establish a VPN connection. The Direct Access function overcomes many of the limitations of VPN. It uses IPv6 to automatically connect two-way connections between external clients and corporate intranet servers, and uses IPSec for authentication between computers. Comments: The advantages of direct access are primarily to improve employee productivity; remote users are easier to manage; and improved security. 5. Managed Service Accounts Service accounts usually have high privileges and make it difficult to manage them. The easiest and most common way to protect your security is to change your password frequently to avoid loss after the password is lost. However, modifying the service account is very cumbersome, so it is necessary to manage it uniformly. Comments: Similar to DirectAccess, service account management also includes a series of operations including mode update, PowerShell2, etc. It will be more convenient to be familiar with it.