Title: Microsoft Forefront overview
1Microsoft Security
- Microsoft Ireland
- Michael RIVA, MCSE Security, MCT
- Partner Technical Specialist
2Overview Microsoft Forefront Edge Security and
Access
- Why should we be more secure?
- What is Microsoft Forefront Security Suite ?
- ? Overview
- Forefront for client
- ? Overview
- Forefront for server
- ? Forefront for Exchange and SharePoint server
2007 - Forefront for Edge
- ? IAG Server (Intelligent Application Gateway
Server) - Exchange Hosted Services
3Why should we be more secure ?
4- Cybercrime is a real threat.
- Hackers are interested in gathering information
(Credit card details, individual details...) gt
Fraudulous use of credit cards and or personal
individual details for identity theft... - Cyber crime affects individuals, customers,
insurance companies, companies image and long
term existence. - Hackers are not kids anymore.
- Hackers are a lot smarter than you think. They
are organised crime organisations, they have an
in depth knowledge in programming, Windows, Unix,
Linux, Network and they will use any opened door
to gain access. - Social engineering is an easy way to gather
information as many employees will give out
information if they find their interlocutor
pleasant and nice. - We can never win against the threat, this is a
perpetual fight. - Over 60 of the people who were asked to provide
their company - logins password gave it out to a guy who just
asked them gently ! - (INFOSEC 2007)
5- Consequences for affected companies
- Loss of productivity, loss of data, termination
or resignation of - employees, increased insurance cost, long-term
loss of business, - loss of significant business/profit
- Companies are not securing their data as they
should be...
Application Attacks
75 of attacks focused here
6- In the last 6 months of 2006
- Were left in taxis, in London alone
Source Pointsec
7The price of stolen information
- English Revenue and Customs admits theft of
13,000 civil servants personal information. Tax
Credit system had to be shut down to halt the
fraud. 15m was stolen. Dec 05 - A printing firm contracted by Marks Spencers in
the UK has had a laptop stolen putting 26,000
employees at risk for identity theft May 2007. - Employee of Nationwide Building Society has their
laptop stolen from home containing account
information for 11m customers. Aug 06 (Fined
1m for this) - Although the scientist downloaded about 15 times
more data than the second most active user, no
alarm bells rang until after he submitted his
resignation from DuPont, the company behind
Kevlar, Teflon, and hundreds of other brands and
trademarks. The value of the stolen information
is set at 400 million USD Feb 2007.
8FOREFRONT SECURITY SUITE
9What is Forefront Security Suite ?
- Forefront for client
- Secure Windows clients (Desktops and file
servers) against - spywares, viruses...
- Forefront for server
- Secure Exchange/SharePoint servers against
viruses, spam, - worms in order to deliver clean emails and
documents. - Forefront for edge
- Inter network communications protection to insure
security of - information and application between clients and
servers.
10Forefront for clients
- Integrated antivirus and antispyware engine,
delivering real-time protection from and
scheduled scanning for viruses, spyware, and
other threats. - Central management system, generating reports and
alerts on the security status of their
environment. - State assessment or scans for determining which
managed computers need patches or are configured
insecurely.
11(No Transcript)
12Forefront for Exchange
- Anti Spam, Anti Virus and Anti Worm protection
for Exchange server. - Can run 5 different anti virus engines at the
same time reducing the risk because we do not
depend on one vendor only. - Filter the Spam with rules (Keywords or
combination) and automated antivirus signature
updates.
13(No Transcript)
14Forefront engines
- VirusBuster
- Sophos
- Norman
- Microsoft Anti Malware
- Kaspersky
- CA VET
- CA Inoculate
- Authentium Command
- AhnLab
- All engines are independent from each other.
- Updates are made available from Microsoft
website, 15 mn after they have been sent from the
partners.
15Forefront for Sharepoint
- Scan uploaded and downloaded documents before
they are saved against worms, malicious code,
viruses.
16IAG SERVER
17IAG ServerIntelligent Application Gateway Server
- SSL-based application access with endpoint
security management.
18IAG ServerIntelligent Application Gateway Server
- Browser based access.
- Block malicious traffic and attacks (No network
traffic) - Drive policy compliance (Limit exposure and
liability, better ROI)
19IAG ServerIntelligent Application Gateway Server
Remote machine profiling Determine the health
status of the remote machine and dynamically give
access accordingly. Cache wiper Clear browser
cache, disk cache and overwrite 7 times the
clusters where the file was initially downloaded.
It is impossible to recover a file after this
process. Authentification vendors Works with 60
different vendors such as Radius, RSA
SecureID... Network integration SharePoint
2003/2007, OWA, Dynamics, ActiveSync,
Terminal-Services, Citrix, SAP, Lotus Domino,
WebSphere and many more Network isolation No
network connectivity between the remote user and
the remote server/service. The remote client does
have an IP address (Unless this is required by
IP Phone or any other application/device that
requires an IP address)
20Overview
Web
LDAP
Oracle
Vendors
Intelligent Application Gateway
Third-party
IBM / Lotus
SAP
Partners
Employees
MS apps
External Firewall
SharePoint Server
Exchange Server
Active Directory
21Exchange Hosted Services
22Exchange Hosted Services
Virus (lt1) Spam (70) Legitimate(30)
SMTP
E-mail store
Virus (lt1) Spam (70) Legitimate(30)
SMTP
E-mail store
23Why outsource AV AntiSpam?
Manage cost and complexity
Secure, protect and comply
Inbox value and access
- No HW/SW to install and manage
- Outsource routine IT management
- Predictable subscription based service
- Scalable at no additional cost
- Eliminate threats before they reach the network
- Policy-compliant infrastructure
- Service-based e-mail archiving for rapid
deployment
- Eliminate spam and viruses from the e-mail stream
to boost productivity - Reliable e-mail availability and continuity
systems - Recover from unplanned outages or disasters
24End-user access
25Easy recovery
26Service Level Agreement
- Infrastructure SLAs
- 99.999 network uptime
- lt 2 minute delivery
- Accuracy SLAs
- 100 virus detection and blocking
- 95 spam effectiveness
- 1250,000 false positive ratio
27Any questions ?
- Please do not hesitate to contact me
- V-MiRiVA_at_MICROSOFT.COM