230 likes | 409 Views
Building an Integrated Security System Microsoft Forefront code name “Stirling”. Ravi Sankar Technology Evangelist | Microsoft http://ravisankar.spaces.live.com/blog. Agenda. Security and Access Challenges Forefront Today Forefront Codename “ Stirling ” Comprehensive Protection
E N D
Building an Integrated Security SystemMicrosoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft http://ravisankar.spaces.live.com/blog
Agenda • Security and Access Challenges • Forefront Today • Forefront Codename “Stirling” • Comprehensive Protection • Simplified Management • Critical Visibility • Demo • Q&A
Security And Access Challenges Security challenges Difficult to Manage and Deploy Escalating Threats Fragmented Security More advanced Increased volume Profit motivated Many point products Poor interoperability Lack of integration Multiple consoles Uncoordinated reports Complex and costly Access Challenges Traditional VPNs Inadequate Difficult to Enforce Policies Growing Mobility More users More locations/devices Intranet/Extranet access Full connectivity is risky Poor apps integration Lack of scalability Changing legal rules Changing business rules Limited granularity
A comprehensive line of business security products that helps you gain greater protection and secure access through deep integration and simplified management Client And Server OS Server Applications Network Edge
An Integrated Security System Management And Visibility Dynamic Response Client And Server OS Server Applications Network Edge vNext
An Integrated Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility across clients, servers, and the network edge Comprehensive Protection Integrated protection across clients, server and edge Dynamic responses to emerging threats Next generation protection technologies Simplified Management Manage from a single role-based console Asset and policy centric model Integrates with your existing infrastructure Know your security state in real-time View insightful reports Investigate and remediate security issues Critical Visibility
Comprehensive Protection
Comprehensive ProtectionIntegrated security system Silo’d Best of Breed Solutions are not enough • Customers do this today and still have security issues • Manual coordination is difficult and often incomplete • Expensive and difficult to understand if “I’m secure” Stirling and Dynamic Response are the answer • Layered Protection across the organization • Protection technologies that work together • Protection technologies that share security state information • Protection technologies that take action together Customers need an Integrated Security System Stirling’s protection technologies work together to better protect customers
Zero Day Scenario Today Hours Phone Desktop Admin Network Admin Manual: Disconnect the Computer DNS Reverse Lookup Edge Protection Log Edge Protection Client Security Manual: Launch a scan WEB Client Event Log Malicious Web Site Andy DEMO-CLT1
Security Assessments Channel Zero Day Scenario With Stirling and Dynamic Response Compromised User: Andy Low Fidelity High Severity Expire: Wed 2-3 min Alert Network Admin Security Admin Desktop Admin Compromised Computer DEMO-CLT1 High Fidelity High Severity Expire: Wed TMG identifies malware on DEMO-CLT1 computer attempting to propagate (Port Scan) FCS identifies Andy has logged on to DEMO-CLT1 Forefront TMG Stirling Core Client Security Forefront Server for: Exchange, SharePoint OCS WEB NAP Active Directory Scan Computer Block IM Quarantine Malicious Web Site Reset Account Block Email Andy DEMO-CLT1
Enterprise Security • Stirling • Dynamic Response • Today Monitoring Low visibility on enterprise security Standard channel for security information Detection High rates of false positive/negative Share contextual Information Protection Manual enterprise wide response Automatic response and shield up Investigation Too much or too little data Efficient and focused investigation Stirling delivers: Better Protection - Faster Response - Lower Cost
Stirling Protection Technologies Dynamic Response Information Sharing Coordinated Defense Adaptive Investigation Antivirus Antispyware Firewall Exchange Protection Host Firewall Web AV Content Filtering vNext vNext vNext NEW Remote Access NAP Integration Vulnerability Assessment & Remediation SharPoint Protection Content Filtering And More…
Simplified Management
Security ManagementToday Server Application Protection Vulnerability Assessment Endpoint Protection Network Edge Management Console Management Console Management Console Console Reporting Console Reporting Console Reporting Console • Jumping between consoles waste time • Each console has its own policy paradigm • Product’s are in silos with no integration • Lack of integration with infrastructure generate inefficiencies • Difficult to know if solutions are protecting from emerging threats
Simplified Management With StirlingProtect your business with greater efficiency • One console for simplified, role-based security management • Define one security policy for your assets across protection technologies • Deploy signatures, policies and software quickly • Integrates with your existing infrastructure: SCOM, SQL, WSUS, AD, NAP, SCCM
Critical Visibility AndControl
Critical Visibility And ControlKnow where action is required • Know your security state • View insightful reports • Investigate and remediate security risks
DEMO Stirling Beta 1
Roadmap H1 2008 H2 2008 H1 2009 Integrated Security System BETA Codename “Stirling” Client andServer OS NEXT NEXT NEXT Server Applications NEW NEW Network Edge NEW NEW
Summary Stirling is an Integrated Enterprise Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility across clients, servers, and the network edge • Dynamic, coordinated responses to threats • Focus on protecting assets • Manage security, not security products • Coherent and meaningful reports
Next Steps • Become experts in existing Forefront products • Install Stirling Beta • Give us feedback!