Microsoft Forefront overview - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Microsoft Forefront overview

Description:

Updates are made available from Microsoft website, 15 mn after they have been ... Block malicious traffic and attacks (No network traffic) ... – PowerPoint PPT presentation

Number of Views:269
Avg rating:3.0/5.0
Slides: 28
Provided by: michae252
Category:

less

Transcript and Presenter's Notes

Title: Microsoft Forefront overview


1
Microsoft Security
  • Microsoft Ireland
  • Michael RIVA, MCSE Security, MCT
  • Partner Technical Specialist
  • V2.1 Sep 2007

2
Overview Microsoft Forefront Edge Security and
Access
  • Why should we be more secure?
  • What is Microsoft Forefront Security Suite ?
  • ? Overview
  • Forefront for client
  • ? Overview
  • Forefront for server
  • ? Forefront for Exchange and SharePoint server
    2007
  • Forefront for Edge
  • ? IAG Server (Intelligent Application Gateway
    Server)
  • Exchange Hosted Services

3
Why should we be more secure ?
4
  • Cybercrime is a real threat.
  • Hackers are interested in gathering information
    (Credit card details, individual details...) gt
    Fraudulous use of credit cards and or personal
    individual details for identity theft...
  • Cyber crime affects individuals, customers,
    insurance companies, companies image and long
    term existence.
  • Hackers are not kids anymore.
  • Hackers are a lot smarter than you think. They
    are organised crime organisations, they have an
    in depth knowledge in programming, Windows, Unix,
    Linux, Network and they will use any opened door
    to gain access.
  • Social engineering is an easy way to gather
    information as many employees will give out
    information if they find their interlocutor
    pleasant and nice.
  • We can never win against the threat, this is a
    perpetual fight.
  • Over 60 of the people who were asked to provide
    their company
  • logins password gave it out to a guy who just
    asked them gently !
  • (INFOSEC 2007)

5
  • Consequences for affected companies
  • Loss of productivity, loss of data, termination
    or resignation of
  • employees, increased insurance cost, long-term
    loss of business,
  • loss of significant business/profit
  • Companies are not securing their data as they
    should be...

Application Attacks
75 of attacks focused here
6
  • In the last 6 months of 2006
  • 54,874
  • 4,718
  • 3,179
  • 978
  • Were left in taxis, in London alone

Source Pointsec
7
The price of stolen information
  • English Revenue and Customs admits theft of
    13,000 civil servants personal information. Tax
    Credit system had to be shut down to halt the
    fraud. 15m was stolen. Dec 05
  • A printing firm contracted by Marks Spencers in
    the UK has had a laptop stolen putting 26,000
    employees at risk for identity theft May 2007.
  • Employee of Nationwide Building Society has their
    laptop stolen from home containing account
    information for 11m customers. Aug 06 (Fined
    1m for this)
  • Although the scientist downloaded about 15 times
    more data than the second most active user, no
    alarm bells rang until after he submitted his
    resignation from DuPont, the company behind
    Kevlar, Teflon, and hundreds of other brands and
    trademarks. The value of the stolen information
    is set at 400 million USD Feb 2007.

8
FOREFRONT SECURITY SUITE
9
What is Forefront Security Suite ?
  • Forefront for client
  • Secure Windows clients (Desktops and file
    servers) against
  • spywares, viruses...
  • Forefront for server
  • Secure Exchange/SharePoint servers against
    viruses, spam,
  • worms in order to deliver clean emails and
    documents.
  • Forefront for edge
  • Inter network communications protection to insure
    security of
  • information and application between clients and
    servers.

10
Forefront for clients
  • Integrated antivirus and antispyware engine,
    delivering real-time protection from and
    scheduled scanning for viruses, spyware, and
    other threats.
  • Central management system, generating reports and
    alerts on the security status of their
    environment.
  • State assessment or scans for determining which
    managed computers need patches or are configured
    insecurely.

11
(No Transcript)
12
Forefront for Exchange
  • Anti Spam, Anti Virus and Anti Worm protection
    for Exchange server.
  • Can run 5 different anti virus engines at the
    same time reducing the risk because we do not
    depend on one vendor only.
  • Filter the Spam with rules (Keywords or
    combination) and automated antivirus signature
    updates.

13
(No Transcript)
14
Forefront engines
  • VirusBuster
  • Sophos
  • Norman
  • Microsoft Anti Malware
  • Kaspersky
  • CA VET
  • CA Inoculate
  • Authentium Command
  • AhnLab
  • All engines are independent from each other.
  • Updates are made available from Microsoft
    website, 15 mn after they have been sent from the
    partners.

15
Forefront for Sharepoint
  • Scan uploaded and downloaded documents before
    they are saved against worms, malicious code,
    viruses.

16
IAG SERVER
17
IAG ServerIntelligent Application Gateway Server
  • SSL-based application access with endpoint
    security management.

18
IAG ServerIntelligent Application Gateway Server
  • Browser based access.
  • Block malicious traffic and attacks (No network
    traffic)
  • Drive policy compliance (Limit exposure and
    liability, better ROI)

19
IAG ServerIntelligent Application Gateway Server
Remote machine profiling Determine the health
status of the remote machine and dynamically give
access accordingly. Cache wiper Clear browser
cache, disk cache and overwrite 7 times the
clusters where the file was initially downloaded.
It is impossible to recover a file after this
process. Authentification vendors Works with 60
different vendors such as Radius, RSA
SecureID... Network integration SharePoint
2003/2007, OWA, Dynamics, ActiveSync,
Terminal-Services, Citrix, SAP, Lotus Domino,
WebSphere and many more Network isolation No
network connectivity between the remote user and
the remote server/service. The remote client does
have an IP address (Unless this is required by
IP Phone or any other application/device that
requires an IP address)
20
Overview
Web
LDAP
Oracle
Vendors
Intelligent Application Gateway
Third-party
IBM / Lotus
SAP
Partners
Employees
MS apps
External Firewall
SharePoint Server
Exchange Server
Active Directory
21
Exchange Hosted Services
22
Exchange Hosted Services
  • Traditional
  • Hosted

Virus (lt1) Spam (70) Legitimate(30)
SMTP
E-mail store
Virus (lt1) Spam (70) Legitimate(30)
SMTP
E-mail store
23
Why outsource AV AntiSpam?
Manage cost and complexity
Secure, protect and comply
Inbox value and access
  • No HW/SW to install and manage
  • Outsource routine IT management
  • Predictable subscription based service
  • Scalable at no additional cost
  • Eliminate threats before they reach the network
  • Policy-compliant infrastructure
  • Service-based e-mail archiving for rapid
    deployment
  • Eliminate spam and viruses from the e-mail stream
    to boost productivity
  • Reliable e-mail availability and continuity
    systems
  • Recover from unplanned outages or disasters

24
End-user access
25
Easy recovery
26
Service Level Agreement
  • Infrastructure SLAs
  • 99.999 network uptime
  • lt 2 minute delivery
  • Accuracy SLAs
  • 100 virus detection and blocking
  • 95 spam effectiveness
  • 1250,000 false positive ratio

27
Any questions ?
  • Please do not hesitate to contact me
  • V-MiRiVA_at_MICROSOFT.COM
Write a Comment
User Comments (0)
About PowerShow.com