*. +hat is !perating Sstem
,. +indo(s !perating Sstem and its features
-. Introduction to (indo(s ,...
/. 0eatures of (indo(s ,...
5. Securit features of (indo(s ,...
1. Introduction to (indo(s 23
4. 0eatures of (indo(s 23
5. Securit features of (indo(s 23
The operating sstem acts as a &in% 'et(een user and the computer hard(are.
6&timate& a computer sstem (or%s using 'inar signa&s (i.e.*s and .s). Actua&& an
!perating sstem hides the comp&exities of the computer from the user. The operating
sstem means that ou do not ha$e to (or% direct& (ith 'inar arithmetic. 0or instance7
' simp& tping in the command prompt 8I9 and then pressing the 9eturn %e7 it (i&&
disp&a a &ist of a&& fi&es and directories in the current director. This is a&& done
automatica&& in response to a simp&e --&etter command that 'oth a user and the
operating sstem understand.
The !perating Sstem is the program7 (hich pro$ides organi:ed ser$ices to the
computer user7 and the app&ication programs that the (ish to use. These ser$ices
consist main& of access to the hard(are resources such as the dis% dri$es7 %e'oard7
It is an ad$anced;exce&&ent operating sstem7 de$e&oped ' Microsoft Corporation7
6.S.A. It is an impro$ed $ersion of +indo(s -x7 <x and rep&acement of 8!S (8is%
!perating Sstem). !perating Sstem is a program7 (hich contro&s o$era&& operations
(acti$ities) of the Computer. It is the media point 'et(een the Computer and !perator.
To (or% (ith an computer7 a soft(are is re=uired that remains in the memor of the
computer7 so that computer 'ecomes in &i$e7 and is a'&e to response as per the
command issued ' the user.
Such soft(are is %no(n as Sstem Soft(are or !perating Sstem. An !perating
Sstem is a soft(are program that pro$ides an interface and acts as an interpreter
'et(een the user and computer. An !perating Sstem is thus most important program
that runs on a computer. It manages and coordinates the fo&&o(ing tas%s>
? Initialie t!e !a"dwa"e o# com$%te" s&stem'
? Manages #iles and doc%ments'
? Comm%nication (etween $eo$le and wit! ot!e" com$%te" s&stems'
? Manages %se" "e)%i"ements #o" $"og"ams* sto"age s$ace and $"io"it&'
The +indo(s@..@23 operating sstem can run our pre$ious 8!S and +indo(s 'ased
programs in a more sta'&e en$ironment and7 in man cases7 e$en faster. It a&so ena'&es
a ne( (or&d of ro'ust -,-'it programs that use preempti$e mu&titas%ing and
mu&tithreading to perform se$era& actions at the same time. +indo(s@..@23 a&so offers
enhanced mu&timedia7 more po(erfu& mo'i&e features and integrated and seam&ess
There is nothing specia& ou need to start this sstem. Aust turn !B the Computer
(C36) and Screen and (ait for )ust a minute then ou (i&& direct& enter into the +indo(
En$ironment (8es%top) and see the fo&&o(ing 8ia&og Box (Screen).
+eat%"es o# Windows O$e"ating S&stem
Easier to use +ith +indo(s !perating Sstem7 ou ha$e faster access to information7
and ou are a'&e to accomp&ish tas%s more =uic%& and easi&.
+indo(s !S ma%es it easier to>
Work with files.
Find information.
Personalize your computing environment.
Work on the Web.
Work remotely.
Easie" to manage
Cou and our net(or% administrators can (or% more efficient& no(7 'ecause man of
the most common computer-management tas%s are automated and stream&ined (ith
+indo(s !S.
+ith +indo(s !S7 our (or%station (i&& 'e easier to>
Set up
Mo"e com$ati(le
+indo(s !S offers increased compati'i&it (ith different tpes of net(or%s and (ith a
(ide arra of &egac hard(are and soft(are.
+indo(s !S a&so pro$ides>
? Impro$ed dri$er support.
? Increased support for ne(-generation hard(are and mu&timedia techno&ogies.
? Integration of the ne( Euro currenc sm'o&.
Mo"e $owe"#%l
0or a&& our computing needs7 +indo(s !S pro$ides>
? Industrial-strength reliability.
? he highest level of security.
? Powerful performance.

+indo(s ,... is an operating sstem produced ' Microsoft for use on 'oth c&ient and
ser$er computers. +indo(s ,... (as re&eased to manufacturing on 8ecem'er *57
*<<< and &aunched to retai& on 0e'ruar *47 ,.... It is the successor to +indo(s BT
/..7 and is the &ast $ersion of Microsoft +indo(s to disp&a the D+indo(s BTD
designation. It is succeeded ' +indo(s 23 for (re&eased in !cto'er ,..*) and
+indo(s Ser$er ,..- (re&ease in Apri& ,..-). 8uring de$e&opment7 +indo(s ,... (as
%no(n as +indo(s BT 5...
0our editions of +indo(s ,... (ere re&eased> 3rofessiona&7 Ser$er7 Ad$anced Ser$er7
and 8atacenter Ser$er. Additiona&&7 Microsoft so&d +indo(s ,... Ad$anced Ser$er
Eimited Edition and +indo(s ,... 8atacenter Ser$er Eimited Edition7 (hich ran on 1/-
'it Inte& Itanium microprocessors and the (ere re&eased in ,..*. +hi&e each edition of
+indo(s ,... (as targeted at a different mar%et7 the shared a core set of features7
inc&uding man sstem uti&ities such as the Microsoft Management Conso&e and
standard sstem administration app&ications.
Support for peop&e (ith disa'i&ities has 'een impro$ed o$er +indo(s BT /.. (ith a
num'er of ne( assisti$e techno&ogies7 and Microsoft increased support for different
&anguages and &oca&e information.
A&& $ersions of the operating sstem support BT0S -..7 Encrpting 0i&e Sstem7 as (e&&
as 'asic and dnamic dis% storage. The +indo(s ,... Ser$er fami& has additiona&
features7 inc&uding the a'i&it to pro$ide Acti$e 8irector ser$ices (a hierarchica&
frame(or% of resources)7 8istri'uted 0i&e Sstem (a fi&e sstem that supports sharing of
fi&es) and fau&t-redundant storage $o&umes. +indo(s ,... can 'e insta&&ed through
either a manua& or unattended insta&&ation. 6nattended insta&&ations re& on the use of
ans(er fi&es to fi&& in insta&&ation information7 and can 'e performed through a 'oota'&e
C8 using Microsoft Sstems Management Ser$er7 ' the Sstem 3reparation Too&.
Microsoft mar%eted +indo(s ,... as the most secure +indo(s $ersion e$er at the
timeF ho(e$er7 it 'ecame the target of a num'er of high-profi&e $irus attac%s such as
Code 9ed and Bimadi. 0or ten ears after its re&ease7 it continued to recei$e patches for
securit $u&nera'i&ities near& e$er month unti& reaching the end of its &ifecc&e on Au&
*-7 ,.*..

+eat%"es o# windows ,---:
Business Ga&ue> The +indo(s ,... Ser$er 0ami& goes 'eond pro$iding the
essentia&s7 such as fi&e7 print7 and communications. It is engineered specifica&& to &et
companies re&ia'& and economica&& use emerging techno&ogies to impro$e 'usiness
profita'i&it and increase their agi&it in an e$er-changing mar%etp&ace.
0&exi'&e Integration> Cou can dep&o ne( ser$ers into our existing net(or% one at a
time7 upgrade indi$idua& BT /.. ser$ers7 upgrade top-do(n throughout our
organi:ationF or an(here in 'et(een. Cou can add +indo(s ,... ser$ers to our
existing +indo(s BT /..-7 Bo$e&& Bet+are-7 or 6BI2-'ased en$ironments and see
immediate impro$ements in performance7 re&ia'i&it and managea'i&it.
9e&ia'i&it> Significant impro$ements in the +indo(s ,... sstem architecture he&p
de&i$er higher uptime than either +indo(s BT or competiti$e sstems. Businesses can
o'tain <<.<<< percent uptime (ith +indo(s ,... 8atacenter Ser$er on =ua&ified
sstems from Microsoft !EM partners. This &e$e& of uptime is a&so %no(n as Dfi$e
nines7D and it e=uates to &ess than 5 minutes of do(ntime a ear.
A$ai&a'i&it> 0or critica& app&ications7 'usinesses often re=uire a fa&&'ac% mechanism to
ma%e sure users arenHt interrupted if a ser$er is una$ai&a'&e. The Ad$anced Ser$er and
8atacenter Ser$er editions of the +indo(s ,... Ser$er 0ami& &et ou increase our
sstemHs a$ai&a'i&it using the c&ustering techno&ogies inc&uded (ith the operating
sstem7 (hich &et ou coup&e ser$ers together to support specific tas%s.
3erformance> 0aster is 'etter7 'ut it doesnHt ha$e to 'e more expensi$e. According to
the Transaction 3rocessing Counci&7 +indo(s ,... Ad$anced Ser$er de&i$ers industr-
&eading performance for &ess than ha&f the cost of the most sca&a'&e 6BI2-'ased
so&ution. +indo(s ,... Ad$anced Ser$er current& ho&ds the top four T3C-C
'enchmar% resu&ts. Microsoft tests sho( that +indo(s ,... Ser$er is up to /< percent
faster (hen dep&oed as a fi&e ser$er. +indo(s ,... performance sca&es e$en 'etter
(hen additiona& C36s are addedF pro$iding a performance impro$ement of up to *,5
percent o$er +indo(s BT Ser$er /...
Sca&a'i&it> The +indo(s ,... Ser$er 0ami& inc&udes three $ersions7 each a'&e to
re&ia'& and afforda'& hand&e &arger &oads. Start (ith +indo(s ,... Ser$er7 and mo$e
up as needed to +indo(s ,... Ad$anced Ser$er and companion products.
Managea'i&it> The +indo(s ,... Ser$er 0ami& ma%es it easier to dep&o7 configure7
and use ad$anced net(or%ing capa'i&ities ' pro$iding centra&i:ed7 customi:a'&e
management ser$ices. Cou can easi& manage ser$ers remote& ' ta%ing ad$antage of
increased performance in the integrated Termina& Ser$ices. Cou can dnamica&&
manage storage on fi&e ser$ers (ithout interrupting end users. Cou can a&so use Acti$e
8irector to centra&& manage users and de$ices across our entire net(or%. The resu&t
is &o(er costsF the mo$e to the +indo(s ,... p&atform can potentia&& reduce o$era&&
tota& cost of o(nership ' *4 percent7 reduce end-user do(n time costs ' 5. percent7
and reduce direct costs ' approximate& *- percent.
Internet-9ead> +indo(s ,... Ser$er pro$ides a (e&&-integrated pac%age containing
the app&ication de$e&opment en$ironment7 +e' ser$ices7 securit7 and sca&a'i&it ou
need to get more out of our app&ications. 3&us7 ou can 'ui&d ne( and $ersati&e
so&utions using the most comp&ete set of Internet techno&ogies a$ai&a'&e.
Iard(are> +indo(s ,... supports a (ide range of hard(are and periphera&s. !f
particu&ar interest for +indo(s ,... Ad$anced and 8atacenter Ser$er users is support
for the &atest Inte&J-'ased mu&ti-processor hard(are7 (hich pro$ides a cost-effecti$e
and f&exi'&e a&ternati$e to proprietar so&utions for supporting extreme& &arge
3repare for .BET> The goa& of .BET is to ma%e Internet-'ased computing and
communications easier to use7 more easi& persona&i:ed7 and more producti$e for
'usinesses and consumers. The +indo(s ,... Ser$er 0ami& fits into the .BET future
' introducing essentia& 'ui&ding '&oc%s7 such as simp&ified Internet-centric de$e&opment
computing7 Extensi'&e Mar%up Eanguage (2ME) support7 and communications7 (hich
are centra& features of the .BET p&atform. Bui&ding critica& infrastructure on +indo(s
,... toda puts ou in the idea& position to ta%e ad$antage of the rapid& emerging
.BET ser$ices.
Some ot!e" ke& #eat%"es:
*. 8G8 support - Auto-p&a7 8G8 mo$ies on &aptops
,. Mu&ti-monitor support - 6p to *. $ideo cards;monitors7 each (ith different
reso&utions and co&or depths if desired.
-. Accessi'i&it - Accessi'i&it +i:ard7 ne( or impro$ed accessi'i&it features such
as narrator7 on-screen %e'oard7 magnifier7 and the fami&iar too&s from +indo(s
/. Mo$e fi&es (ithout (ires - Infrared monitor ser$ice supports I98A for fi&e transfer
'et(een +indo(s ,... machines and digita& cameras7 digita& $ideo cameras7
and other de$ices.
5. Effort&ess de$ice insta&&ation - Be( techno&og such as 6SB and IEEE *-</ D0ire
(ireD ma%es +indo(s ,... more expanda'&e (ith fe(er 3ro'&ems.
1. 3&ug K 3&a - Iot doc% &aptops7 on-the-f& net(or%ing and other features are
imp&emented (ithout re=uiring re'ooting or manua& configuration.
4. Internet Connection Sharing - BAT7 addressing7 name reso&ution and Girtua&
3ri$ate Bet(or%ing (G3B).
5. Smart cards - Ma%es net(or% &ogons more secure (ith minima& cost.
<. Inte&&iMirror -- A &oose&-defined group of techno&ogies that supports mo'i&e users7
auto re'ui&d of machines7 and other features.
*.. Support for our de$ices - +indo(s ,... supports o$er /... printers7 4..
net(or% de$ices7 /,.. modems7 55 scanners7 5. cameras7 and a $ast arra of
other hard(are de$ices
Windows ,--- sec%"it& #eat%"es:
+indo(s ,... sees the introduction of a ne( protoco& for authentication 'et(een
+indo(s ,... machines on a +indo(s ,...-'ased net(or%. This authentication
protoco& is the open standard protoco& %no(n as Ler'eros.
Microsoft7 ho(e$er7 has made an extension to the origina& Ler'eros protoco& to a&&o(
the initia& authentication of users using pu'&ic %e certificates instead of the standard
shared secret %es norma&& used ' Ler'eros $ersion 5. The extensions in this manner
no( a&&o( interacti$e &ogons to +indo(s ,... using smart cards.
Distributed Security
+indo(s ,... has 'rought a ne( order to securit ser$ices (ithin the +indo(s
p&atform in the guise of +indo(s ,... 8istri'uted Securit Ser$ices. And +indo(s
,...@s support for mu&tip&e securit protoco&s has seen a mo$ement a(a from
proprietar protoco&s7 not on& to Ler'eros7 'ut a&so to the ne( Acti$e
8irector ser$ice7 (hich is 'ased on the Eight(eight 8irector Access 3rotoco&
(E8A3)7 ma%ing it compati'&e (ith other director ser$ices such as Bo$e&&@s B8S.
Eet@s &oo% at these securit ser$ices that are distri'uted throughout the net(or% and
examine ho( the (or% together.
Active Directory Security
This inc&udes the ne( concept of transiti$e trusts7 (hich a&&o(s user account
authentication to 'e distri'uted across an organi:ation. This a&so pro$ides the granu&ar
assignment of access rights and the a'i&it to de&egate administration 'e&o( the domain
Multiple Security Protocols
This inc&udes the imp&ementation of the securit protoco& Ler'eros7 the support of 3u'&ic
Le Infrastructure (3LI)7 and the use of BTEM for 'ac%(ards compati'i&it (ith
+indo(s BT /..-'ased net(or%s.
Security Support Provider Interface (SSPI)
This component of the securit su'sstem pro$ides an app&ication (ith access to a
(ider range of securit protoco&s using a generic interface for the authentication
Secure Sockets Layer (SSL)
This standard protoco& is used for secure communication 'et(een the user and Internet-
'ased ser$ices.
Microsoft Certificate Services
This ser$ice (as origina&& inc&uded as part of IIS /.. (ithin the +indo(s BT /.. !ption
3ac%. Certificate Ser$ices ha$e 'een upgraded and made part of +indo(s ,.... It is
used to issue and manage pu'&ic %e certificates for app&ications and for secure
communication o$er the Internet as (e&& as (ithin an organi:ation@s intranet.
CryptoAPI (CAPI)
CrptoA3I is Microsoft@s app&ication programming interface7 (hich a&&o(s the de$e&oper
to access encrption ser$ices (ithin the operating sstem. It a&so a&&o(s de$e&opers to
pro$ide their o(n encrption pro$ider ser$ices (ith modu&es %no(n as crptographic
ser$ice pro$iders (CS3s).
Single Sign-n (SS)
This is a %e feature to +indo(s ,... authentication. It a&&o(s the +indo(s ,... user
to &og on )ust once to the domain using a sing&e pass(ord and then authenticate to an
computer (ithin the domain.
!ncrypting "ile Syste#
+indo(s ,... pro$ided (ithin the &atest $ersion of BT0S support for fi&e and director
encrption 'ui&t into the +indo(s ,... en$ironment. This feature is %no(n as E0S7 and
emp&os 'oth smmetric and asmmetric crptograph in an architecture that a&&o(s
fast encrption using a 8ES $ariant %no(n as 8ES27 in /.-'it7 51-'it and *,5-'it modes
of operation. Internationa& users of +indo(s ,... (i&& get /.-'it E0S and 6S customers
(i&& get 51-'it and *,5-'it E0S.
A random&-generated fi&e encrption %e (0EL) is used to encrpt data stored (ithin the
fi&e sstem (e.g.7 &oca& BT0S fi&es) using 8ES2. Then7 using an asmmetric
crptosstem7 the 0EL is encrpted using the user@s pu'&ic %e component.
The user@s pri$ate %e component is used to decrpt the 0EL so that it can 'e un&oc%ed
to decrpt the data. BT0S stores a &ist of encrpted 0ELs (ith the encrpted fi&e in
specia& E0S attri'utes %no(n as 8ata 8ecrption 0ie&ds (880s) and 8ata 9eco$er
0ie&ds (890s).
8uring the insta&&ation of a +indo(s ,... domain contro&&er a defau&t reco$er po&ic is
imp&emented. This a&&o(s the reco$er of encrpted fi&es he&d (ithin E0S ' an
administrator. This data reco$er is made possi'&e ' the information stored in the
890s stored (ith the 0EL.
Public $ey Infrastructure
+indo(s ,... has seen the integration of infrastructure to pro$ide 3LI ser$ices to an
organi:ation. This has 'een achie$ed ' the integration of the Microsoft Certificate
ser$er. Microsoft Certificate Ser$er has 'een around since +indo(s BT /..7 and has
pro$ided the 'asic functiona&it of a Certificate Authorit for re=uesting7 issuing7
pu'&ishing and managing certificates. Certificate Ser$er offered Authenticode
authentication and Secure MIME (S;MIME) integration for Exchange Ser$er7 'ut
Microsoft geared Certificate Ser$er most& for pu'&ic %e 'ased c&ient authentication for
Microsoft Internet Information Ser$er (IIS).
In +indo(s ,...7 Certificate Ser$er@s name changes s&ight& to Certificate Ser$ices.
Certificate Ser$ices is more po(erfu& and 'etter integrated into the rest of the operating
sstem. The MMC snap-ins pro$ides M6I too&s for 'oth the c&ient side and the ser$er
side. A&though Certificate Ser$ices can maintain its standa&one data store7 for fu&&
enterprise functiona&it Certificate Ser$ices uses Acti$e 8irector (A8) to store and
pu'&ish certificates. 6sing A87 ou can easi& map certificates to users and &e$erage the
management features of Mroup 3o&ic Editor (M3E) to contro& for (hom7 ' (hom7 and
for (hat purposes Certificate Ser$ices issues certificates.
Public-$ey Interactive Logon
In the past7 interacti$e &ogon (ith +indo(s has meant the user (ou&d enter credentia&s
into a &ogon screen in the form of a username and pass(ord. +ith the pu'&ic %e
interacti$e &ogon the process has changed significant&. +ith +indo(s ,... the user
has an x.5.<$- certificate on the smart card a&ong (ith their pri$ate %e. Instead of
entering a username and pass(ord7 the user (ou&d put their smart card into a smart
card reader then enter a user 3IBF the user is then authenticated to the card.
+indo(s ,... Certificate Ser$ices has support 'ui&t in to perform smart card enro&ment
(ith the certificate temp&ate that is stored in the Acti$e 8irector. This (i&& a&&o( the
user@s smart card to 'e used for interacti$e &ogon and other ser$ices.
+indo(s ,... 'ui&ds on +indo(s BT securit in a num'er of (as. It pro$ides a usa'&e
front-end for man techno&ogies that 'efore (ou&d re=uire extensi$e configuration7 thus
ma%ing them 'etter-p&aced to pro$ide securit ser$ices (ithin an organi:ation. Some of
these features come (ith a price> +indo(s ,... does re=uire more musc&e to run7 and
initia&& the $o&ume of features cou&d &ead to some (ea%nesses introduced '
misconfiguration7 so the ro&&out of +indo(s ,... securit shou&d 'e performed (ith

Microsoft +indo(s 23 is a ma)or upgrade of a&& the fo&&o(ing operating sstems used
on persona& computers>
Microsoft +indo(s
Microsoft +indo(s for +or%groups
Microsoft +indo(s <5
Microsoft +indo(s <5
Microsoft +indo(s ,...
+indo(s 23 'rings together features a$ai&a'&e in o&der st&e operating sstems and
adds to them so that ou can do more (or% =uic%er from our des%top or porta'&e
computer. Some of the main 'enefits inc&ude>
o Improved interface
o Easier file management, including support for
networked connections and long filenames.
o New Plug and Play feature automatically detects and
uses additional devices you attach to your
o True 32!it multitasking ena!les several programs
to run simultaneously so you can get more work
o Improved search facility
o "etter multimedia support
o E#tended communications capa!ility, including E
mail, fa#es, !ulletin !oards, Internet.
T!e ma.o" ad/antages o# t!e Windows 0P a"e t!e #ollowing'
*) It supports a 'ui&t-in (e' 'ro(ser ca&&ed the internet exp&orer. A (e' 'ro(ser is a s;(
(hich is used to $ie(7 examine7 cop7 print the +++ documents on the internet.
,) It gi$es good soft(are re&ia'i&it on part of the !S and the error reco$er rate is 'etter
than the pre$ious $ersions.
-) It is a mu&tithreaded and mu&titas%ing !S and hence the users can run and execute
mu&tip&e )o's at the same time. In other (ords7 the sstem throughput and usage of the
h;( are increased man fo&ds.
/) It pro$ides a num'er of ne( fonts for creati$e (e' design and mu&timedia
5) E$en a common man can hand&e the +indo(s !S easi& (ithout much technica&
%no(&edge and s%i&&.
1) Mu&timedia7 sound recorder7 p&aing audio and $ideo7 C8-9!M dri$es are the 'asic
sstem re=uirements of (indo(s !S.
4) It a&so supports !')ect Ein%ing and Em'edding (!EE) techni=ue. !EE is a ne(
feature that promotes compound documents. In other (ords7 the documents that are
prepared under one app&ication can easi& 'e 'rought into another app&ication (indo(.
0or examp&e7 texts7 charts7 pictures or graphs prepared under MS-+ord can 'e cut and
pasted into Exce& or an other +indo(s 'ased app&ications.
5) It a&so pro$ides the much used drag and drop functiona&it. 8rag and drop capa'i&ities
pro$ide a ne( (a to interact (ith the +indo(s Mraphica& 6ser Interface (M6I) using
the mouse. The user can simp& se&ect an icon of a fi&e of an o')ect7 drag it to an
appropriate icon (of the action he (ishes to ta%e) and drop it on the icon. 0or examp&e
se&ect a fi&e icon and drop it on a printer icon to print the fi&e.
<) It a&so supports $arious +indo(s 'ased features &i%e open7 sa$e and print (hich
inc&ude common dia&og 'oxes. The &oo% same no matter in (hat app&ication the users
are in7 so users do not ha$e to re&earn the dia&og 'ox features e$er time.
*.) +indo(s 23 supports most of the hard(are (ithout need of externa& dri$ers
'ecause of its Bui&t in feature.
**) +indo(s 23 offers good Mraphica& 6ser Interface (M6I) as compared to o&der
$ersions of (indo(s &i%e +indo(s <57 +indo(s <57 and +indo(s ,... etc.
*,) It supports (ired as (e&& as (ire&ess net(or%ing.
*-) Man app&ications are de$e&oped for (indo(s on& and on other !perating Sstem
the do not (or%.
*/) +indo(s 23 offers uni$ersa& p&ug and p&a features.
*5) The a$ai&a'i&it of +indo(s 23 is $er high.
*1) It offers uni$ersa& so&ution to !perating Sstem (!S) needs and there are no
compati'i&it issues in this case.
*4) +indo(s 23 is user friend& as compared to other !S in mar%et.
Salient +eat%"es o# Windows 0P
1' Sa#e and Eas& Pe"sonal Com$%ting
6sing +indo(s 23 pac%s the punch ou need for top performance and en)omentN
+indo(s 23 pro$ides ou a&& the po(er and dependa'i&it of MicrosoftHs most ad$anced
operating sstem techno&og. And to ensure that our $ersion of +indo(s 23 is a&(as
the $er &atest that is (indo(s 23 Ser$ice 3ac% - etc.7 means it pro$ides automatic
updates faci&it at our command from the Microsoft +e' site.
,' 2%ilt3in P!oto S!a"ing and O"ganiation
+ith +indo(s 237 $ie(ing photos and sharing them (ith friends7 fami&7 and co&&eagues
cou&dnHt 'e easier. +indo(s 23 pro$ides Aust p&ug in feature to our digita& camera and
our photos appear instant&Oread for ou to edit7 to e-mai&7 or to print. Cou can e$en
pu'&ish images direct& to a +e' site or sa$e them on C8. !r send them to an on&ine
retai&er for professiona& =ua&it prints
4' M%lti$le 5se"s 6 A g%a"antee to Switc!
+indo(s 23 pro$ides mu&ti user faci&it to the computer user. It is easier to share a
sing&e computer among se$era& users (ith +indo(s 23. Each person using the
computer can easi& create his separate pass(ord-protected account (ith persona&i:ed
settings and pri$ate fi&es.
Mu&tip&e accounts can 'e acti$e on the computer at the same timeOs(itching from one
account to another account is faster and simp&e. 0or examp&e7 +hi&e ouHre (or%ing if
someone (ants to chec% e-mai&7 the simp& s(itch o$er to their account (ithout c&osing
our programs and &og off ou. The other user (onHt see our fi&es (hi&e theHre (or%ingF
and (hen ou s(itch 'ac% ou (onHt see their fi&es. CouH&& find the screen exact& as ou
&eft it.
7' 2est #o" 2%siness: Ro(%st* Relia(le* and Com$ati(le
+indo(s 23 3rofessiona& mar%s a ne( standard in 'usiness soft(areOcom'ining
enterprise-c&ass performance and re&ia'i&it (ith unprecedented ease of use. +indo(s
23 3rofessiona& contains a&& the features of MicrosoftJ +indo(sJ 23 Iome Edition7
and inc&udes ne( and enhanced features designed especia&& for 'usiness and
ad$anced use to run our 'usiness programs smooth&.
See more of our (or% at one time ' stretching it across se$era& monitors. !r $ie( t(o
different programs simu&taneous&7 on computers e=uipped (ith a dua& interface disp&a
adapter. +ith Microsoft C&ear TpeP techno&og7 screen contents are easier to read7
especia&& on &aptops.
+indo(s 23 3rofessiona& is (or&d-read (ith mu&ti &anguage support. Se&ect among ,/
&anguagesOa $er usefu& feature if our compan spans the g&o'e7 (ith mu&ti&ingua&
emp&oees (ho use different &anguages 'ut share the same computers. 0or &aptop7 the
enhanced po(er management features in +indo(s 23 stretch 'atter &ife. And (ith
&aptops and other 3Cs ou get 'etter contro& o$er ho( our computer uses po(er.
Windows 0P Sec%"it& #eat%"es:
Windows 0P 2asics
Ei%e +indo(s ,...7 23 uses the BT 0i&e Sstem (BT0S). As an Administrator7 ou
contro& our 23 sstem. Cou can create users7 (ho can 'e administrators or )ust norma&
users. 3o&ic can 'e created to &imit (hich app&ications can 'e executed ' an user.
0or standa&one 237 this is done through the Eoca& Securit Settings.
+indo(s 23Hs standa&one $ersion &ets the user choose a '&an% pass(ord7 'ut then
institutes certain defau&t &imitations. Cou cannot &og in remote& to an account (ith no
pass(ord7 'ut rather on& at the conso&e7 (hich is sensi'&e. A ne( feature7 0ast 6ser
S(itching (06S)7 permits ou to &og in as a comp&ete& different user7 and then s(itch
'et(een mu&tip&e user contexts (ithout 'ac%ing out of an app&ications that are running.
06S (onHt (or% (hen a user hasnHt chosen a pass(ord.
8efau&ts for pass(ords are &ocated in the Eoca& Securit Settings. In the standa&one
$ersion7 settings such as pass(ord &engths and num'er of fai&ed &ogin attempts are
found here. Except for the num'er of fai&ed &ogins 'eing set to *. and pass(ords
expiring after /, das7 a&& other pass(ord features are set to :ero or disa'&ed. Thus7
someone can enter a '&an% pass(ord7 or recc&e their o&d pass(ord (hen it expires.
3ass(ord comp&exit chec%s are a&so disa'&ed. +hi&e '&an% pass(ords sound o%a for
home users7 thereHs a 'it more to 23 and pass(ords than &ogging in or s(itching
'et(een user contexts. +e need to discuss some other securit features 'efore it
'ecomes apparent that ha$ing a '&an% pass(ord is a rea&&7 rea&& 'ad idea in 23.
Ei%e +indo(s ,...7 23 professiona& inc&udes the Encrpting 0i&e Sstem (E0S). 6n&i%e
+indo(s ,...7 E0S is ena'&ed ' defau&t7 so as soon as ou 'egin creating fi&es (ith
237 theHre encrpted. This is transparent to the user7 a&though Exp&orer can contro& this
'eha$ior on a per-fi&e or fo&der &e$e&. Cou donHt need to enter the encrption %e7 as 23
dose this for ou. 23 a&so encrpts Cached 0i&es7 a techni=ue that permits ou to use
up to *. percent (' defau&t) of our hard dis% space to ho&d fi&es that (ou&d norma&& 'e
stored on a remote fi&e share.
Cou can then disconnect from the net(or%7 go home (or tra$e&)7 and sti&& access these
fi&es. The +indo(s Mirroring sstem (i&& reconci&e the fi&e changes ouH$e made (ith the
+indo(s ,... or 23 fi&e shares (hen ou reconnect (ith the net(or%. Encrpting these
cached fi&es is a great idea7 as our note'oo% might 'e sto&en (or if our e$i& genius of a
son or daughter happens upon them (hi&e using our 23 sstem). 23 a&so supports fi&e
sharing (ith +e' 8e$e&oping7 Authoring7 and Gersioning (+e'8AG)7 (hich uses ITT3
to access remote fi&es through fire(a&&s. E0S can %eep our remote& stored fi&es
encrpted7 and (hen teamed (ith +e'8AG7 has the added $a&ue of storing and
transmitting the data (ithout decrpting. (In comparison7 (hi&e accessing fi&es using
regu&ar fi&e sharing7 the data is decrpted 'efore itHs sent across the net(or%.)
+hi&e +e'8AG (ith E0S is a po(erfu& feature7 it a&so sends chi&&s up the spine of an
corporate securit person e$en remote& a(are of using +e' tunne&ing to mo$e interna&
fi&es offsite-and encrpted to 'ootN Credentia& Management stores $arious credentia&s
for ou7 inc&uding pu'&ic %e certificates. It (i&& a&so manage Ler'eros %es7 the defau&t
authentication mechanism for +indo(s ,... and 23 (ithin a domain. Cou can store
other usernames and pass(ords here as (e&&7 ' as%ing ((hen prompted) that the
Credentia& Manager Dremem'er the pass(ord.D In this (a7 the Credentia& Manager
'ecomes a sing&e-sign-on agent.
The %es that encrpt our stored pri$ate %e7 other pass(ords7 and E0S are 'ased on
t(o things> secrets that remain fixed for 237 and our pass(ord. If ouH$e chosen a
'&an% pass(ord7 ouH$e a&so chosen a nu&& seed for the %e that encrpts man
important things. E$en choosing a (ea% pass(ord is a $er 'ad idea if ou p&an to re&
on an of these features. 23 supports pass(ords &onger than */ characters (the o&d
&imit imposed ' the user interface in +indo(s <5;<5;BT)7 so ou can use a passphrase
instead. 23 inc&udes a po&ic option of using re$ersi'&e encrption for storing
This is a $er 'ad idea7 as pass(ords are tpica&& stored as hashes7 a $a&ue 'ased on
the pass(ord that is not re$ersi'&e. 8omain users can opt to use smartcards for
authentication7 (hich is a 'ig impro$ement o$er pass(ords. B adding a smartcard
reader to our des%top or note'oo% (the come in 3C Card or CardBus pac%ages)7
ouH$e added something ou ha$e (the smartcard) to something ou %no( (the 3IB that
un&oc%s it). Smartcards can often store our pri$ate %e as (e&& as an certificates7
ma%ing them more secure than on&ine storage. Smartcards do ha$e their (ea%nesses>
Lestro%e monitors can co&&ect our 3IB7 for examp&e7 'ut e$en then the sti&& need the
card. E$en if ou do use a smartcard7 23 unfortunate& su'$erts it (ith one of its
intrinsic properties> Cou can hi'ernate instead of shutting do(n. That means that (hen
ou restart our computer7 ouHre right (here ou &eft off. It a&so means that if ou
hi'ernate7 and the )anitor po(ers on our sstem7 he or she is a&so right (here ou &eft
off. I tried this in the standa&one $ersion7 and assume that it (or%s the same (a in
domain insta&&ations.
Netwo"k Sec%"it&
+indo(s 23 (and +indo(s ,...) inc&udes support for I3Sec7 the Internet standard for
encrpting net(or% communications. 23Hs I3Sec support seems $er comp&ete7
permitting the use of shared secrets (the most common method in man G3B products)7
as (e&& as certificates and Microsoft Ler'eros (the Ler'eros $ariant (here Microsoft has
added proprietar extensions7 so that the Le 8istri'ution Ser$er must reside on
+indo(s ,.... 0or home users7 23 offers t(o usefu& features designed to compete
(ith the Sma&& !ffice;Iome !ffice (S!I!) fire(a&& $endors.
The Internet Connection Sharing (ICS) feature ena'&es our 23 sstem to act as a
Bet(or% Address Trans&ator (BAT) for other sstems in our &oca& net(or%. ICS inc&udes
a 8IC3 ser$er that assigns addresses to mem'ers of our &oca& net(or% and
transparent& routes pac%ets through our 23 sstem to our IS3. ICS can 'ring up dia&-
up connections on demand7 and can hang up the modem temporari& so that ou can
use the phone7 et resume the Internet connection after(ard. The Internet Connection
0ire(a&& (IC0) uses information co&&ected ' ICS to pro$ide &imited fire(a&& capa'i&ities.
ICS must %eep trac% of traffic that &ea$es our net(or% in order to BAT. IC0 uses this
information to contro& (hich I3 pac%ets can enter our net(or%-if a pac%et attempting to
enter our net(or% doesnHt match at &east one outgoing pac%et7 itHs '&oc%ed. IC0
pro$ides a simp&e form of fire(a&&-essentia&& )ust BAT-and a&so (onHt permit ou to set
up a pu'&ic ser$er 'ehind it.
Remote Cont"ol
23 sports a ne( feature ca&&ed 9emote Assistance7 (hich a&&o(s ou to send a
message to a DfriendD (using +indo(s Messenger or !ut&oo% Express) that in$ites them
to ta%e remote contro& of our 23 sstem. +ith 23Hs comp&exit7 ou might rea&& need
configuration he&p7 'ut pro$iding a remote contro& capa'i&it can 'e dangerous. +hen
someone consented to &et me 'e his or her Dfriend7D 23 actua&& fai&ed to pass through
the &oca&7 Einux-'ased fire(a&&7 (hi&e comp&aining a'out a fai&ure to reso&$e the
hostname ((hich (as reso&$a'&e using ns&oo%up under 23).
+ith an &uc%7 man of 23Hs features that appear dangerous at first g&ance ()ust &i%e
9emote Assistance) (i&& pro$e 'enign. Microsoft has ta%en strong steps to impro$e
des%top securit (ith 237 and (e can on& hope that it (or%s.

