Transcript Sony Hacked White House Hacked Anthem Hacked Lockheed Hacked Aramco Hacked Bushehr nuclear reactor Hacked NSA Hacked Microsoft, Google, Apple, Facebook Hacked.

Sony Hacked
White House Hacked
Anthem Hacked
Lockheed Hacked
Aramco Hacked
Bushehr nuclear reactor Hacked
NSA Hacked
Microsoft, Google, Apple, Facebook Hacked
Secure
Identities
Threat
Resistance
Device Guard
Information
Protection
What is Device Guard?
 Combination of hardware + software security features
 Enables businesses to strongly control what is allowed to run
 Brings mobile-like security protections to desktop OS with
support for existing line of business apps
The Parts to the Solution
 Hardware security
 Configurable code integrity
 Virtualization based security
 Protects critical parts of the OS against admin/kernel level malware
 Manageability via GP, MDM, or PowerShell
 Secure Boot
 Includes Secure Firmware Updates and Platform Secure Boot
 Kernel Mode Code Integrity (KMCI)
 User Mode Code Integrity (UMCI)
 AppLocker
Platform Secure Boot
ROM/Fuses
Bootloaders
UEFI Secure Boot
Native UEFI
Windows
OS Loader
UMCI
KMCI
Windows
Kernel and
Drivers
3rd Party
Drivers
AppLocker
User mode code (apps,
etc.)








Tightly managed


Very well-defined software and hardware
configurations
Secure Boot restricted to only boot
Windows

Virtualization-based security (VBS)
enabled

Low churn

No user or standard user only
Corporate lightly managed

Kernel mode code integrity protected by
VBS

User mode code integrity enforced

Tightly managed

Well-defined hardware configurations

Managed software only

Ideally standard user only

Secure Boot restricted to only
boot Windows

Virtualization-based security
(VBS) enabled

Kernel mode code integrity
protected by VBS

User mode code integrity
enforced

Multiple and varied hardware
configurations

Secure Boot may be restricted to
only boot Windows

User can install “unmanaged”
software

VBS enabled

KMCI may be protected by VBS

Code Integrity in audit mode

Standard or Admin users
Corporate lightly
managed

Personally owned devices

Secure Boot not required

Highly-variable hardware and
software

No VBS

No enterprise code integrity
policy
Corporate lightly managed
1. Know your target(s)
2. Use Powershell cmdlets to create policy from “golden” system(s)

Defaults to Audit Mode

Merge multiple policies OR Deploy differentiated policies
3. Deploy policy in audit mode and test
4. Use Powershell cmdlets to create policy from audit log and merge
5. Enable enforcement
New-CIPolicy





Merge-CIPolicy


Set-RuleOption




#Create a ShadowCopy to avoid locks
$s1 = (gwmi -List Win32_ShadowCopy).Create("C:\",
"ClientAccessible")
$s2 = gwmi Win32_ShadowCopy | ? { $_.ID -eq
$s1.ShadowID }
PS C:\> $d = $s2.DeviceObject + "\"
cmd /c mklink /d C:\scpy "$d"
#Create policy from current system
New-CIPolicy -l PcaCertificate -f C:\IgnitePolicy.xml
–s C:\scpy –u
#Remove ShadowCopy
"vssadmin delete shadows /Shadow=""$($s2.ID.ToLower())""
/Quiet" | iex
#Create policy from audit log events
New-CIPolicy -l PcaCertificate -f C:\AuditPolicy.xml –a –u
#Merge audit policy with other policy/policies
Merge-CIPolicy –OutputFilePath C:\MergedPolicy.xml
–PolicyPaths C:\AuditPolicy.xml,C:\IgnitePolicy.xml
#Set policy options e.g. Audit Mode (option 3)
Set-RuleOption –option 3 –FilePath C:\MergedPolicy.xml
#Compile policy as binary
ConvertFrom-CIPolicy C:\MergedPolicy.xml C:\MergedPolicy.bin
#Install compiled policy
cp C:\MergedPolicy.bin
c:\Windows\System32\CodeIntegrity\SIPolicy.p7b
#Policy takes effect after reboot
 Just as most malware is unsigned, so too are the vast
majority of LOB apps
 “Codesigning is hard”
 Decentralized LOB app development
 Lack of codesigning expertise
 Enterprises don’t want to (and shouldn’t) blindly trust all
software from an ISV even if signed
 Windows 10 includes tools to enable IT to address
codesigning for existing apps
Embedded Signature


Catalog Signing





Adopting Code Signing







Raising the bar for what runs in the kernel
 Windows 10 drivers must be signed by Microsoft
 Strong driver publisher identity verification via Extended Validation (EV)
certificates
 Enterprises can enforce Windows 10 driver requirements via Device Guard policy
Signed Device Guard CI policy protects from local admin
 Signed policy stored in pre-OS secure variable
 Requires a newer signed policy to update – cannot be deleted by admin
 Becomes a “machine” level policy which means boot from media must be
compliant
 Measured into the TPM and part of device health attestation
 Together, AppLocker and code integrity are the basis for
enforcing code and application rules on Windows
 Think of code integrity as the bouncer at the door, and
AppLocker as the bartender
 Code integrity best expresses high level expression of trust
 AppLocker allows for granular rules
 Managed through common management tools in
Windows 10
 Service whitelisting for managing non-interactive processes
 AppLocker management now available via MDM and WMI
Provides a new trust boundary for system software
 Leverage platform virtualization to enhance platform security
 Limit access to high-value security assets from supervisor mode (CPL0) code
Provides a secure execution environment to enable:
 Protected storage and management of platform security assets
 Enhanced OS protection against attacks (including attacks from kernel-mode)
 A basis for strengthening protections of guest VM secrets from the host OS
Windows 10 services protected with virtualization based security
 LSA Credential Isolation
 vTPM (server only)
 Kernel Mode Code Integrity
Host OS
Normal World
Howdy Peer!
User
Kernel
Malware
KMCI
Firmware (UEFI)
Hardware (TPM 2.0, Vt-x2, IOMMU)
I thought we could be
friends 
Host OS
Normal World
Measured
Secure World
User
Kernel
KMCI
Malware
Hardened Boundary
Hypervisor
Firmware (UEFI)
Hardware (TPM 2.0, Vt-x2, IOMMU)
 CI rules are still enforced even if a vulnerability
allows unauthorized kernel mode memory access
 Memory pages are only marked executable if CI
validation succeeds
 Kernel memory cannot be marked both writable
and executable
 BUT… not all drivers will be compatible initially
Device Guard “capable”
Device Guard “ready” PCs








http://myignite.microsoft.com