6 Chapter 1 • Next Generation Windows Security Enhancements In terms of security, Microsoft has attempted to provide the benefits of the Windows NT/2000 security model, while still making the system easy to operate and administer. XP Home Edition has two account types: Computer Administrator and Limited (refer to Figure 1.5).The Computer Administrator can add, remove, and change user accounts, make universal changes to the system, and install applica- tions. A Limited user only has the capability to change his/her password. Users of XP Home Edition or XPProfessional can log on using a “Welcome” screen that lists the names of the user accounts, as shown in Figure 1.6. A user simply needs to click on her name and provide the password, and she is authenticated onto the system. (A wise Administrator would be quick to turn off the Welcome screen and Fast User Switching functions in a workgroup envi- ronment as they present an additional security risk that far outweighs the benefits of this new nicety. It is important to note that turning off the Welcome screen automatically turns off Fast User Switching.) Switching between User Sessions Microsoft has introduced a concept called Fast User Switching that will allow users to switch between user accounts while leaving applications running in the back- ground. For instance, let’s say that User1 is logged into the system. User2 would like to check his e-mail. So, User2 will perform a “switch user,” log in as himself, and check his mail. All of the applications that User1 was working on will stay running in User1’s context.When User2 is finished, User1 can “switch user” back to herself, and she can continue working on the applications that were open when User2 logged on. Figure 1.7 shows the Switch User option dialog box. www.syngress.com Figure 1.5 Windows XP User Account Types 189_XP_01.qxd 11/9/01 2:44 PM Page 6 Next Generation Windows • Chapter 1 7 Hardware and Software Compatibility Lastly,Windows XP Home Edition has been designed to run many of the legacy applications that are on the market today. Microsoft achieved this by adding a compatibility mode to the operating system.This allows you to run an application in Windows XP and emulate an older OS, such as Windows 95.Windows XP will try to provide the hardware-level access that is requested by the application without sacrificing the integrity of the kernel. In terms of hardware compatibility,Windows XP has the most advanced Plug and Play features of any Windows operating system. For the end user, this means that many of the older first-generation PnP devices, as well as a number of non- PnP devices, will work with WinXP.WinXP also has an improved driver set. www.syngress.com Figure 1.6 Welcome Screen Figure 1.7 Logoff Screen with Switch User Option 189_XP_01.qxd 11/9/01 2:44 PM Page 7 8 Chapter 1 • Next Generation Windows Microsoft made the decision to leave out much of the enterprise features from the Home Edition, choosing to include them in the Professional edition. For example, if you need to add your PC to a Windows 2000 or Windows NT domain, you must use Windows XP Professional. Windows XPProfessional While Windows XP Home Edition adds a great deal to the feature set of Windows 2000,Windows XPProfessional takes the product to the next level. Many of the neat things that are part of Windows 2000 Professional are excluded from the Home Edition, but they are included in WinXP Professional.These fea- tures include the following: ■ IntelliMirror technologies ■ Group Policy functionality ■ Encrypting file system support ■ Multiprocessor support As we mentioned in the preceding section,You can join XPProfessional to a Windows 2000 or Windows NT domain. In a Windows 2000 Active Directory environment, XPProfessional can take full advantage of those features that are dependent on the domain login.These include the neat features described in the preceding list, as well as roaming profiles and Remote Installation Services (RIS). We delve into the feature list in much more detail shortly, but rest assured, Windows XPProfessional offers many advantages compared to Windows 2000 Professional. The Future of Windows 2000 Server: Windows .NET Servers What should you expect from the next version of Microsoft’s server product? Well, the first thing will be another name change. Departing quickly from the year-based name, the next edition will be named Windows .NET Server, signi- fying the tight cooperation with the .NET Framework on the development side. However, once you get past the name, you should be pleasantly surprised to see a number of improvements over Windows 2000 Server under the hood of .NET Server. Here are a few of the features that Microsoft has listed for the next gener- ation of Windows Server: www.syngress.com 189_XP_01.qxd 11/9/01 2:44 PM Page 8 Next Generation Windows • Chapter 1 9 ■ You should expect to see even more improvement in the relia- bility of the Server product. Windows 2000 was quite a leap over Windows NT 4, and you will see another level of reliability in the .NET Server line. Microsoft is trying to achieve a consistent Five 9s in relia- bility, and the .NET server might be close to achieving this level. ■ Windows .NET Server will be faster than Windows 2000 Server. This will be important for those customers who are using .NET Server to host SQL Server 2000 or other transaction-based products.The next release of Windows will also include support for 64-bit processors. ■ The next version will be easier to manage. This will be thanks to features such as “headless” server support (no need for a monitor, key- board, or mouse), remote administration, and Windows Management Interface (WMI). Introducing the Major Features of Windows XPProfessional This section briefly shows you why you should choose WinXP Professional for your environment.The decision should become fairly obvious, once you see the impressive list of upgraded features over Windows 2000 Professional. User Interface We start with the new user interface. Microsoft performed many tests with con- sumers and used the test results to make significant changes to the Windows 2000 user interface. Most notably, they redesigned the Start menu and changed the appearance of the standard Windows interface to reflect better usability. Here’s a tour of what you can expect to see when you start using Windows XP. Starting with the desktop,WinXP has a new look, as you can see in Figure 1.8. By default, all of the desktop icons are turned off.Yes, that’s right, you can enable/disable the standard desktop icons, such as My Computer and My Documents via the Control Panel. Microsoft claims that users preferred to start off with a clean desktop. Figure 1.9 shows the configuration options for the desktop. You’ll also notice the color scheme of the taskbar and Start button. Throughout Windows XP’s user interface, Microsoft made a conscious effort to use green buttons to represent events that opened or maximized windows, and they used red buttons to represent events that closed or minimized windows.The new Start button is the first example of this. www.syngress.com 189_XP_01.qxd 11/9/01 2:44 PM Page 9 10 Chapter 1 • Next Generation Windows Other new features that you’ll find here are improvements to the taskbar. If you’ve ever opened a number of applications at one time before, you’ve experi- enced shrinking taskbar icons when the OS tried to represent a dozen applica- tions at one time with miniscule buttons on the taskbar.Windows XP will automatically group multiple sessions of the same application under one button. For instance, if you are working on five Word documents at the same time, www.syngress.com Figure 1.8 The Windows XP Desktop Figure 1.9 Configuring the Desktop 189_XP_01.qxd 11/9/01 2:44 PM Page 10 Next Generation Windows • Chapter 1 11 Windows XP will consolidate all of the Word sessions under a single button on the taskbar.To access a particular document, you simply click on the Word button, choose the appropriate session from a small menu, and your session will maximize. Not to be left out, the tray notification area (the area on the taskbar next to the clock) has been improved.You have probably experienced a user who seemed to have at least a dozen applications running in the tray, and this row of icons consumed half of the taskbar by itself.You can now hide these icons by clicking on an arrow next to the tray. Figure 1.10 shows the new Start menu.Although it takes awhile to get used to, the new design actually grows on you. By default, the menu will be config- ured as shown in Figure 1.9, with practically all options enabled.The good news is that you can reduce this menu to only one or two items if you desire. On the left-hand side of the menu are links to Internet Explorer and your e-mail pro- gram (Outlook Express is configured by default—you can also have Outlook XP or even Hotmail on the menu). Below these two links are links to your recently used programs.You can configure the Start menu to display between zero and nine of your most recently used applications to appear on the menu. Below these links is a “catch-all” link to All Programs, which gives you a menu that looks much like the legacy Start menu from Windows 2000. On the right-side of the menu are links to My Documents, My Recent Documents, My Pictures, My Music, and My Computer.The middle of the right-hand panel has links to the Control Panel and Printers and Faxes.To round www.syngress.com Figure 1.10 The New Start Menu 189_XP_01.qxd 11/9/01 2:44 PM Page 11 12 Chapter 1 • Next Generation Windows out the new Start menu are links to Help and Support, Search, and the Run command.You can enable the Start menu to automatically expand the contents of My Documents, My Computer, and the Control Panel. Continuing on our tour of the new features of the user interface, we look at the Control Panel. As you can see in Figure 1.11, the Control Panel now groups related applets under a single icon, which makes finding the appropriate Control Panel applet easier. As you can see, Microsoft made a number of improvements to the user inter- face in Windows XP.They have done a lot of work to make it more useable and friendly, but there will always be those users who like the old way.Thus, you can configure every one of the new features we just discussed to look and act just like they did in Windows 2000 Professional. Networking You’ll find support for 802.11b wireless networking in Windows XP, as well as a number of other networking features. One new feature is the Internet Connection Firewall, which provides firewall functionality for individual computers and small networks. Internet Connection Sharing has been enhanced as well. What does this mean to the average Windows XP user? If you’re working in a corporate environment, you are probably already protected by a firewall in the www.syngress.com Figure 1.11 The New Look of the Control Panel 189_XP_01.qxd 11/9/01 2:44 PM Page 12 Next Generation Windows • Chapter 1 13 data center.The Internet Connection Firewall wasn’t designed to provide the level of protection that a hardware-based firewall can provide. Internet Connection Sharing will probably not be much of a value-add in the corporate world either.The environments where these features will shine will be in the small office/home office (SOHO) market and in the home market.These are places where you will probably not find a $15,000 hardware firewall or an expen- sive T-1 connection for the entire LAN to share. However, if you have a cable modem or DSL connection, you could easily share this connection with a small office or with other machines in your home with these new networking features. Better Performance Windows XPProfessional offers incredible gains in performance over previous versions of Windows.You’ll experience this performance first-hand from the moment you boot the system—startup times have been reduced to nearly a minute, as opposed to many minutes for older versions of Windows.This time savings translates directly into increased productivity for both you and your clients and customers.WinXP has also been designed to reduce the number of reboots. Multiple processor and large memory support (up to 4GB) will allow for increased workstation performance. Internet Features You’ll find the latest versions of Internet Explorer and Outlook Express in Windows XP Professional. Other Internet features include WebDAV support for publishing directly to the Web, Internet Explorer 6 Administration Kit (IEAK) for managing the deployment of IE, and Windows Messenger. Windows Messenger is an instant messenger application that you can inte- grate into Outlook XP or Hotmail/Passport to provide simple communications between users on the local network or across the Internet. For the IT profes- sional, Microsoft has included the IEAK for IE6 to help in customizing the deployments of IE6 in a managed environment. Finally,WebDAV, which has been around for a few years, allows users to publish content directly from Word XP to their intranet.This will help users to share their documents and information more efficiently in the workplace. Remote Assistance Remote Assistance is certainly one of the neater features of Windows XP.This allows users to request help from other users or the help desk via the Remote www.syngress.com 189_XP_01.qxd 11/9/01 2:44 PM Page 13 14 Chapter 1 • Next Generation Windows Desktop Protocol, whereby the supporting user can interface directly with the user on her desktop or via a chat session. Here’s an example of how you can use Remote Assistance in the office place. Let’s say a user has a problem with adding a local printer to her system. Normally, this would generate a help desk call, and depending on the circumstances, a techni- cian may have to visit the user’s desk to assist her with this task. Using Remote Assistance, the user could send an “invitation” to the help desk for someone to remotely connect to her machine to help out.The user generates this invitation from the Help and Support link on the Start menu. Figure 1.12 shows this page. From here, the user can send the invitation via Windows Messenger or e-mail to the help desk.This invitation will have a description of the problem (the user types this in the body), and it can also have a time window for the help desk to connect.This is a security feature that limits the ability of another user to connect without permission. Once the help desk gets the request, they make a connection back to the user, and then they can remotely control the user’s session and provide assistance. Remote Assistance is based on Terminal Services technology. Reliability Features Windows XP improves upon the reliability features of Windows 2000 by pro- viding support for side-by-side DLL support, improved Windows File Protection, improved code protection, and enhanced device driver signing. www.syngress.com Figure 1.12 Generating a Remote Assistance Invitation 189_XP_01.qxd 11/9/01 2:44 PM Page 14 Next Generation Windows • Chapter 1 15 For average users, this means that they should experience less issues with applications crashing or causing conflicts with other applications. For IT profes- sionals, this means that they should get less support calls for application errors, and building managed desktops with compatible applications will be much easier. Multimedia Features A proliferation of new multimedia devices are in the marketplace, including dig- ital cameras, DVD players, MP3 players, and so on.Windows XP keeps the pace by providing a rich multimedia experience that allows you to fully take advantage of these new devices.WinXP supports CD-R, CD-RW, and DVD-RAM drives directly in Windows Explorer.The Windows Media Player will play most common media formats, such as MP3s and DVDs (with third-party decoders). You can access digital cameras just like an external drive over a USB interface, making the transfer of digital images to your hard drive as easy as copying a file from a CD-ROM. www.syngress.com 189_XP_01.qxd 11/9/01 2:44 PM Page 15 . Explorer and Outlook Express in Windows XP Professional. Other Internet features include WebDAV support for publishing directly to the Web, Internet Explorer. Professional. Windows XP Professional While Windows XP Home Edition adds a great deal to the feature set of Windows 2000,Windows XP Professional takes the