1 / 27

Microsoft Security

Microsoft Security. Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist. V2.1 – Sep 2007. Overview Microsoft Forefront Edge Security and Access. Why should we be more secure? What is Microsoft Forefront Security Suite ? → Overview Forefront for client

farrah
Download Presentation

Microsoft Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Microsoft Security Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist V2.1 – Sep 2007

  2. OverviewMicrosoft Forefront Edge Security and Access Why should we be more secure? What is Microsoft Forefront Security Suite ? → Overview Forefront for client → Overview Forefront for server → Forefront for Exchange and SharePoint server 2007 Forefront for Edge → IAG Server (Intelligent Application Gateway Server) Exchange Hosted Services

  3. Why should we be more secure ?

  4. Cybercrime is a real threat. • Hackers are interested in gathering information (Credit card details, individual details...) => Fraudulous use of credit cards and or personal individual details for identity theft... • Cyber crime affects individuals, customers, insurance companies, companies image and long term existence. • Hackers are not kids anymore. • Hackers are a lot smarter than you think. They are organised crime organisations, they have an in depth knowledge in programming, Windows, Unix, Linux, Network and they will use any opened door to gain access. • Social engineering is an easy way to gather information as many employees will give out information if they find their interlocutor pleasant and nice. • We can never win against the threat, this is a perpetual fight. • Over 60% of the people who were asked to provide their company • login’s password gave it out to a guy who just asked them gently ! • (INFOSEC 2007)

  5. Network Attacks 75% of security investment focused here Consequences for affected companies : Loss of productivity, loss of data, termination or resignation of employees, increased insurance cost, long-term loss of business, loss of significant business/profit Companies are not securing their data as they should be... Application Attacks 75% of attacks focused here

  6. Mobiles PDAs Laptops Memory Sticks In the last 6 months of 2006: 54,874 4,718 3,179 978 • Were left in taxis, in London alone… Source: Pointsec

  7. The price of stolen information • English Revenue and Customs admits theft of 13,000 civil servants personal information. Tax Credit system had to be shut down to halt the fraud. £15m was stolen. – Dec 05 • A printing firm contracted by Marks & Spencers in the UK has had a laptop stolen putting 26,000 employees at risk for identity theft – May 2007. • Employee of Nationwide Building Society has their laptop stolen from home containing account information for 11m customers. – Aug 06 (Fined £1m for this…) • Although the scientist downloaded about 15 times more data than the second most active user, no alarm bells rang until after he submitted his resignation from DuPont, the company behind Kevlar, Teflon, and hundreds of other brands and trademarks. The value of the stolen information is set at 400 million USD – Feb 2007.

  8. FOREFRONT SECURITY SUITE

  9. What is Forefront Security Suite ? Forefront for client Secure Windows clients (Desktops and file servers) against spywares, viruses... Forefront for server Secure Exchange/SharePoint servers against viruses, spam, worms in order to deliver clean emails and documents. Forefront for edge Inter network communications protection to insure security of information and application between clients and servers.

  10. Forefront for clients Integrated antivirus and antispyware engine, delivering real-time protection from and scheduled scanning for viruses, spyware, and other threats. Central management system, generating reports and alerts on the security status of their environment. State assessment or scans for determining which managed computers need patches or are configured insecurely.

  11. Forefront for Exchange Anti Spam, Anti Virus and Anti Worm protection for Exchange server. Can run 5 different anti virus engines at the same time reducing the risk because we do not depend on one vendor only. Filter the Spam with rules (Keywords or combination) and automated antivirus signature updates.

  12. Distributed protection • Performance tuning • Content filtering • Central management Internet Exchange Server/ Windows-based SMTP Server A B C D E

  13. Forefront engines VirusBuster Sophos Norman Microsoft Anti Malware Kaspersky CA VET CA Inoculate Authentium Command AhnLab All engines are independent from each other. Updates are made available from Microsoft website, 15 mn after they have been sent from the partners.

  14. Forefront for Sharepoint Scan uploaded and downloaded documents before they are saved against worms, malicious code, viruses.

  15. IAG SERVER

  16. IAG ServerIntelligent Application Gateway Server SSL-based application access with endpoint security management.

  17. IAG ServerIntelligent Application Gateway Server Browser based access. Block malicious traffic and attacks (No network traffic) Drive policy compliance (Limit exposure and liability, better ROI)

  18. IAG ServerIntelligent Application Gateway Server Remote machine profiling Determine the health status of the remote machine and dynamically give access accordingly. Cache wiper Clear browser cache, disk cache and overwrite 7 times the clusters where the file was initially downloaded. It is impossible to recover a file after this process. Authentification vendors Works with 60 different vendors such as Radius, RSA SecureID... Network integration SharePoint 2003/2007, OWA, Dynamics, ActiveSync, Terminal-Services, Citrix, SAP, Lotus Domino, WebSphere and many more… Network isolation No network connectivity between the remote user and the remote server/service. The remote client does have an IP address (Unless this is required by IP Phone or any other application/device that requires an IP address)

  19. Overview Web LDAP Oracle SSL VPN connectivity and endpoint security verification Vendors Intelligent Application Gateway Third-party IBM / Lotus SAP Partners Port 443 Employees MS apps External Firewall SharePoint Server Exchange Server Active Directory

  20. Exchange Hosted Services

  21. Exchange Hosted Services Traditional Hosted Virus (<1%) Spam (70%) Legitimate(30%) SMTP E-mail store Virus (<1%) Spam (70%) Legitimate(30%) SMTP E-mail store

  22. Why outsource AV & AntiSpam? Manage cost and complexity Secure, protect and comply Inbox value and access No HW/SW to install and manage Outsource routine IT management Predictable subscription based service Scalable at no additional cost Eliminate threats before they reach the network Policy-compliant infrastructure Service-based e-mail archiving for rapid deployment Eliminate spam and viruses from the e-mail stream to boost productivity Reliable e-mail availability and continuity systems Recover from unplanned outages or disasters

  23. End-user access

  24. Easy recovery

  25. Service Level Agreement • Infrastructure SLAs • 99.999% network uptime • < 2 minute delivery • Accuracy SLAs • 100% virus detection and blocking • 95% spam effectiveness • 1:250,000 false positive ratio

  26. Any questions ? Please do not hesitate to contact me V-MiRiVA@MICROSOFT.COM

More Related