WEBVTT 00:05.620 --> 00:12.130 One of the most important feature sets on an operating system today would have to be the security options 00:12.790 --> 00:20.140 Windows Server 20 19 has improved on the features of Windows Defender at the local machine level and 00:20.200 --> 00:27.730 added a whole new dimension to threat protection detection and response the local installation of Windows 00:27.730 --> 00:33.040 Defender has more options and more protection than previous versions. 00:33.040 --> 00:36.010 This is a Windows 2019 server. 00:36.010 --> 00:39.810 In fact it's the one that we configured at the very beginning of the course. 00:39.880 --> 00:44.640 But you can see these on any Windows Server 20 19 installation. 00:44.890 --> 00:51.760 If I click on the start menu and select Windows security we can see categories that match things that 00:51.760 --> 00:58.300 you would expect from many third party malware and personal firewall products. 00:58.300 --> 01:03.050 This is already a better start than what we had in Server 2016. 01:03.130 --> 01:09.700 If I click on virus in threat protection I can scroll down and see that there's even a piece specifically 01:09.700 --> 01:17.740 designed to combat ransomware those nasty pieces of malware that steal or block access to your proprietary 01:17.740 --> 01:24.630 data and demand payment to release that information or access to your system generally. 01:24.640 --> 01:31.480 Here you can go and manage this protection by specifying folders and applications that are allowed to 01:31.480 --> 01:37.650 access folders in an effort to stop ransomware from gaining access to your data to begin with. 01:38.790 --> 01:43.320 You didn't have this level of control on previous versions of Windows Defender. 01:43.320 --> 01:49.830 This is an example of Microsoft responding to evolving threats and bundling these security features 01:49.830 --> 01:57.720 right into the Windows server operating system these local security enhancements are not the real upgrade 01:57.720 --> 02:06.070 to the local security however in late 2016 Microsoft introduced a cloud based service that they called 02:06.070 --> 02:13.630 Advanced Threat Protection or ATP one of the biggest challenges that people were facing with their security 02:13.630 --> 02:16.270 software was keeping it current. 02:16.270 --> 02:20.730 The more machines you want to protect the harder this becomes. 02:20.800 --> 02:29.360 Multiple servers multiple workstations multiple sites it's a lot to keep track of Advanced Threat Protection 02:29.690 --> 02:36.920 addresses this by centralizing the task of interpreting the heuristic data and defining the response 02:36.920 --> 02:38.290 to threats. 02:38.300 --> 02:45.560 This centralized malware intelligence is managed monitored and controlled through the use of a web based 02:45.560 --> 02:52.910 portal the scanners are on each individual machine so that real time data can be harvested. 02:53.140 --> 02:57.580 But the real intelligence is in a secure cloud tenant. 02:57.580 --> 03:04.360 This tenant is able to interpret the information from the scans to determine not only the type of threat 03:04.810 --> 03:13.940 but the scope of the problem as well ATP access is Microsoft's malware researchers and can use artificial 03:13.940 --> 03:21.470 intelligence to quickly design appropriate responses when this was introduced for Windows 10 workstations 03:21.560 --> 03:29.690 and Windows 2016 servers a download was required for each endpoint and they were individually licensed 03:30.470 --> 03:35.790 Windows Server 20 19 has the endpoint built right into the operating system. 03:36.200 --> 03:41.690 Now depending on the type of Azure subscription you have there will be some type of cost to setup and 03:41.690 --> 03:43.390 use the ATP tenant. 03:43.700 --> 03:52.560 But the ability to scan report and respond to advanced threats is now included in addition to consistent 03:52.740 --> 03:55.640 and more quickly updated protection. 03:55.650 --> 04:02.930 Think of the processing power that you'll save on each server in today's server farms with dozens or 04:02.930 --> 04:05.410 even hundreds of virtual servers. 04:05.480 --> 04:14.300 Even a small savings per machine can add up quickly this advanced threat protection as an evolutionary 04:14.300 --> 04:21.230 step for Windows Defender is one of the most noteworthy security enhancements in Windows Server 2019.