在网络安全至关重要的今天,Windows Server 2025 凭借一系列强大的安全功能脱颖而出,为您的数据和基础架构构建坚实的防线。主要功能亮点包括:
n an era where cybersecurity is of utmost importance, Windows Server 2025 stands out with a suite of security features designed to safeguard your data and infrastructure. Here are a few key capabilities:
强化文件服务/服务器消息块 (SMB)
Windows Server 2025 引入了 SMB over QUIC,让您可以在互联网上安全地访问文件共享。同时,SMB 安全性新增了更严格的防火墙默认设置、暴力攻击防护,以及对中间人攻击、转发攻击和欺骗攻击的防护措施。
File services/server message block (SMB) hardening
Windows Server 2025 includes SMB over QUIC to enable secure access to file shares over the internet. SMB security also adds hardened firewall defaults, brute force attack prevention, and protections for man in the middle attacks, relay attacks, and spoofing attacks.
活动目录 (AD)
作为身份和认证的黄金标准,AD 增加了全新的安全功能,进一步提升扩展性,在协议、加密、安全强化和新型加密支持方面进行了重要改进,助力您更好地抵御不断变化的威胁。
Active Directory (AD)
The gold standard for identity and authentication only gets better with new security capabilities to help fortify your environment against evolving threats with greater scalability and improvements in protocols, encryption, hardening, and new cryptographic support.
委托托管服务账户 (dMSA)
不同于传统的服务账户,dMSA 无需手动密码管理,AD 会自动处理。dMSA 支持将特定权限委托给域内资源访问,有效降低安全风险,并提供更全面的服务账户活动日志记录和可视性。
Delegate Managed Service Accounts (dMSA)
Unlike traditional service accounts, dMSAs don’t require manual password management since AD automatically takes care of it. With dMSAs, specific permissions can be delegated to access resources in the domain, which reduces security risks and provides better visibility and logs of service account activity.
