1 / 24

Anywhere Access Establishing End to End Trust

Anywhere Access Establishing End to End Trust . Urs P. Küderli Principal Security Architect Microsoft. Flexibility …. Demand for access. Escalating threats. Access to information from wherever and whenever Access to information on any device User-friendly, transparent Low TCO Security.

shania
Download Presentation

Anywhere Access Establishing End to End Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anywhere AccessEstablishing End to End Trust Urs P. Küderli Principal Security Architect Microsoft

  2. Flexibility…

  3. Demand for access Escalating threats Access to information from wherever and whenever Access to information on any device User-friendly, transparent Low TCO Security Different access, authentication and authorization systems Different encryption technologies No interoperability Complex Expensive Security Security versus Access

  4. Establishtrust…

  5. Trustworthy Computing

  6. Your Processes

  7. Managing Risk, building Trust Point Solutions No Policy Integrated Solutions End-to-End Trust InformationProtection identity theft phishing IdentityManagement malware data theft • Threat Mitigation • Political denial of service • Economic “I+4A” Anti-phishing viruses • Integrated Identity • Data Anti-spyware • People Trusted Stack patching • Defense in Depth • Software • Social • Hardware Integrated Protection Firewalls • SDL and SD3 Anti-virus Firewalls Defense in Depth Threat Mitigation SDL &SD3 No Strategy Current Strategies Vision

  8. Building a trusted Stack Identity Claims Authentication Authorization Access Control Mechanisms Audit Core Trust Components “I+4A” Trusted Data Trusted People Trusted Stack Trusted Software Trusted Hardware Integrated Protection Secure Foundation SDL and SD3 Defensein Depth Threat Mitigation

  9. Perimeters and Holes

  10. The hole Picture

  11. The new Picture?

  12. The businesscase…

  13. The problem… How RAS worked at MSRAS Statistics: • 55,000 unique users monthly • 850,000 connections/month • 45 seconds median time to successfully connect through quarantine • 1700 Helpdesk calls per month • Two Engineers • 154 servers

  14. Anywhere Access benefits • Increase Agility • More easily adapt to changing business needs and workforce trends, including tough new regulatory standards • Boost Productivity • Control IT costs by leveraging existing infrastructure investments • Improve Protection • Protect critical business information end-to-end and more effectively manage identities across the enterprise

  15. Anywhere Access components(1) • Identity • Strong two-factor authentication • Role-based access to resources • Federation with partners and customers • Flexible, pervasive PKI infrastructure • Protection • Policy-based security controls and automated remediation • Layered endpoint security solutions • Secure platform • Updates, anti-malware, firewall verified and controlled by policy • Authenticated transactions via PKI and IPSec/IPv6 • Endpoint encryption and data access controls

  16. Anywhere Access components (2) • Networks • Policy-based network access controls with auto-remediation • IPSec support for flexible and secure domain isolation • IPv6 for expanded address space and auto-config • Gateways for older or less-capable platforms • Ability to authenticate all network-level transactions • Manageability • Define and distribute security and group policies • Asset and configuration management • Patch distribution for applications and OS

  17. Direct Connect Pilot

  18. AA brings IT Value Cost Benefits • Reduced MSIT hardware compared to current VPN solution • Scalability of Solution • Reduced traffic/usage of the Proxies User Benefits • Extends corpnet seamlessly to remote user • No user initiation to connect • Single Sign on • Always on • Easy to use; consistent experience • Use Peer to Peer Technologies Security Benefits • Promotes end-to-end host-based security • System is always reachable (for scans, Group Policy, patching ) • Proactive health (always checking for NAP, GPO, can be scanned while remote etc.)

  19. An Integrated Platform

  20. Your MSDN resourcescheck out these websites, blogs & more! PresentationsTechDays: www.techdays.chMSDN Events: http://www.microsoft.com/switzerland/msdn/de/presentationfinder.mspxMSDN Webcasts: http://www.microsoft.com/switzerland/msdn/de/finder/default.mspx MSDN EventsMSDN Events: http://www.microsoft.com/switzerland/msdn/de/events/default.mspxSave the date: Tech•Ed 2009 Europe, 9-13 November 2009, Berlin MSDN Flash (our by weekly newsletter)Subscribe: http://www.microsoft.com/switzerland/msdn/de/flash.mspx MSDN Team BlogRSS: http://blogs.msdn.com/swiss_dpe_team/Default.aspx Developer User Groups & CommunitiesMobile Devices: http://www.pocketpc.ch/Microsoft Solutions User Group Switzerland: www.msugs.ch.NET Managed User Group of Switzerland: www.dotmugs.chFoxPro User Group Switzerland: www.fugs.ch

  21. Your TechNet resourcescheck out these websites, blogs & more! PresentationsTechDays: www.techdays.ch TechNet EventsTechNet Events: http://technet.microsoft.com/de-ch/bb291010.aspx Save the date: Tech•Ed 2009 Europe, 9-13 November 2009, Berlin TechNet Flash (our by weekly newsletter)Subscribe: http://technet.microsoft.com/de-ch/bb898852.aspx Schweizer IT Professional und TechNet BlogRSS: http://blogs.technet.com/chitpro-de/ IT Professional User Groups & CommunitiesSwissITPro User Group: www.swissitpro.chNT Anwendergruppe Schweiz: www.nt-ag.chPASS (Professional Association for SQL Server): www.sqlpass.ch

  22. Save the date for tech·days nextyear! 7. – 8. April 2010Congress Center Basel

  23. Premium Sponsoring Partners Classic Sponsoring Partners Media Partner

More Related