Forefront Server Security Name Title. Agenda Business and Security Challenges Forefront Server...
-
Upload
caren-morris -
Category
Documents
-
view
220 -
download
0
Transcript of Forefront Server Security Name Title. Agenda Business and Security Challenges Forefront Server...
Forefront Server Security
NameTitle
Agenda
Business and Security Challenges Forefront Server Security Product
Overview Product Drilldown Summary
Business Environment
Compliance is a Primary Concern
Intense Pressure on IT to Improve Productivity Focus on value adding projects Make mission-critical systems more reliable Deployment must be secure, reliable, manageable, cost-effective
Stiff penalties for E-mail misuse Need to store, find and produce information quickly Can't comply without policy and monitoring support 1 in 5 employers have had e-mail subpoenaed*
Security Vulnerabilities Still Exist Spam, viruses and phishing still plague inboxes Closer relationship between viruses and spam Companies ill-equipped to stay ahead of threats
*2005 Electronic *2005 Electronic Monitoring & Surveillance Survey from American Management Association (AMA) and the ePolicy Institute & Surveillance Survey from American Management Association (AMA) and the ePolicy Institute
Information Risk Has High Costs
Damage to image and credibility
Damage to image and credibility
Damage to public image and credibility with customers Financial impact on company from lost sales or
corrective actions Leaked e-mails or memos can be embarrassing
Damage to public image and credibility with customers Financial impact on company from lost sales or
corrective actions Leaked e-mails or memos can be embarrassing
Legal, regulatory, and financial impact
Legal, regulatory, and financial impact
Cost of digital leakage per year is measured in $ billions Increasing number and complexity of regulations,
e.g. GLB, SOX, state-specific regulations Failing to comply, or losing data, can lead to significant
legalfees, fines, and/or jail time
Cost of digital leakage per year is measured in $ billions Increasing number and complexity of regulations,
e.g. GLB, SOX, state-specific regulations Failing to comply, or losing data, can lead to significant
legalfees, fines, and/or jail time
Loss of competitive advantage
Loss of competitive advantage
Disclosure of strategic plans, M&A info, etc. potentially leadsto loss of revenue, market capitalization
Loss of research, analytical data, and other intellectual capital
Premature disclosure of competitive strategies ormarket moves
Disclosure of strategic plans, M&A info, etc. potentially leadsto loss of revenue, market capitalization
Loss of research, analytical data, and other intellectual capital
Premature disclosure of competitive strategies ormarket moves
EdgeClient and Server OS Server Applications
What is Microsoft Forefront?
Microsoft Forefront is a comprehensive line of business security products providing greater protection and control through integration with your existing IT infrastructure and through simplified deployment, management, and analysis.
Harnessing the Strength of Multiple Engines
Forefront Server Security products integrate and ship with industry-leading antivirus scan engines from
Each scan job in a Forefront Server Security product can run up to five engines simultaneously
Internal Messaging and Collaboration Servers
A B C ED
The Multiple Engine Advantage
Rapid response to new threatsFail-safe protection through redundancyDiversity of antivirus engines and heuristics
Response time1 (in hours)The Microsoft
multiple-engine solutionWildList Number
MalwareName
Forefront Set 1
Forefront Set 2
Forefront Set 3
Vendor A* Vendor B* Vendor C*
10/2006 Areses!Itw30 0.00** 0.00 0.00 0.00 0.00 0.0010/2006 Areses!Itw36 0.00 0.00 0.00 1598.78 0.00 0.0010/2006 Areses!Itw37 0.00 0.00 0.00 0.00 52.30 175.4510/2006 Areses!Itw41 0.00 0.00 0.00 0.00 13.15 194.3510/2006 Mytob!Itw590 0.00 0.00 0.00 1332.17 0.00 0.0010/2006 Rontokbro!Itw36 0.00 0.00 0.00 0.00 0.00 613.4010/2006 Sdbot!Itw1809 0.00 0.00 0.00 9.97 166.07 270.3910/2006 Sdbot!Itw1831 65.95 52.23 41.78 59.43 1.00 46.3810/2006 Sdbot!Itw1847 56.54 56.54 204.79 416.27 29.92 85.3210/2006 Stration!Itw101 0.00 0.00 0.00 93.88 23.46 96.8510/2006 Stration!Itw102 0.00 0.00 0.00 26.00 28.05 30.8310/2006 Stration!Itw42 0.92 0.92 0.92 3.72 3.12 7.0510/2006 Stration!Itw43 2.00 2.00 2.00 4.80 4.20 8.1310/2006 Stration!Itw44 0.00 0.00 0.00 5.60 2.00 7.5810/2006 Stration!Itw45 0.00 0.00 0.00 3.55 2.00 7.5810/2006 Stration!Itw46 0.00 0.00 0.00 2.75 2.20 6.7810/2006 Stration!Itw47 0.00 0.00 0.00 3.72 3.12 7.0510/2006 Stration!Itw60 0.00 0.00 0.00 0.00 4.64 6.3211/2006 Rbot!Itw2090 0.00 0.00 0.00 1739.10 0.00 298.6411/2006 Sdbot!Itw1814 0.00 0.00 0.00 1.00 0.00 0.0011/2006 Sdbot!Itw1866 0.00 0.00 0.00 26.80 1.00 35.2711/2006 Sdbot!Itw1867 0.00 0.00 0.00 14.00 12.84 23.1411/2006 Sdbot!Itw1876 0.00 0.00 0.00 468.60 306.82 430.8011/2006 Stration!Itw124 0.00 0.00 0.38 0.66 1.88 8.8012/2006 Bagle!Itw137 0.00 0.00 0.00 4.01 0.00 13.8312/2006 Bagle!Itw141 0.00 0.00 0.00 17.15 0.00 13.8312/2006 Puce!Itw1 0.00 0.00 0.00 0.00 0.00 1.0012/2006 Rbot!Itw2038 0.00 0.00 0.00 1026.27 0.00 0.0012/2006 Sdbot!Itw1889 0.00 0.00 0.00 128.28 255.20 63.96
* Includes beta signatures** 0.00 denotes proactive detection
1 Source: AV-Test.org 2007 (www.av-test.org)
Other single-engine solutions
= Less than 5 hours
= 5 to 24 hours = More than 24 hours
Microsoft® Forefront™ Security for Exchange Server includes multiple scan engines from industry-leading security firms, integrated in a single solution to help businesses protect their Exchange messaging environments from viruses, worms, and spam.
Secure Messaging
Ships with & manages multiple antivirus engines
Multi-layered protection in Exchange 2007* File Filtering and premium anti-spam
protection Deep integration with Exchange Server Scanning innovations & performance controls Maintains uptime and optimizes performance
Easily manage configuration and operation Automated signature updates Reporting, Notifications and Alerts
Comprehensive
Protection
OptimizedPerformance
Simplified Management
* For protecting Exchange 2003/2000 environments, purchasing Forefront Security for Exchange Server includes downgrade rights to Antigen for Exchange, Antigen for SMTP Gateways and Antigen Spam Manager down
Exchange Public Folder Server Exchange
Mailbox Server
Exchange 2007 Hub Transport
Server
Internet
Exchange 2007 Edge
Server
ISAServe
r
Exchange Site 1
Exchange Site 2
Layered Protection Across Exchange Layered Protection Across Exchange rolesroles
Premium Antispam Protection
Forefront Security for Exchange Server licenses and activates the premium anti-spam features for Exchange 2007
Deployed on Exchange Edge or Hub server role- Edge server can be deployed in front of Exchange
2003 mailboxes Built upon base anti-spam in Exchange 2007,
premium antispam protection adds:- Microsoft IP reputation filter service and automated
updates- Automated updates for Microsoft Smartscreen spam
heuristics, phishing Web sites and Intelligent Message Filter (IMF)
- Targeted spam signature data and automatic updates to identify latest spam campaigns
* Magic Quadrant for E-Mail Security Boundary, 2006. Peter Firstbrook, Arabella Hallawell Publication Date: 25 September 2006/ID Number: G00142431
Gartner Magic Quadrant forE-Mail Security Boundary
2006 *
Industry Analyst Perspective
Microsoft Forefront Security for SharePoint integrates multiple scan engines from industry-leading vendors and provides content controls to help businesses protect their Microsoft Office SharePoint 2007 and Windows SharePoint Services 3.0* collaboration environment by eliminating documents containing malicious code, confidential information, and inappropriate content.
Secure Collaboration
Ships with & manages multiple antivirus engines
File & Content Keyword Filtering Support for Open XML & IRM-protected docs Deep integration with SharePoint Server Scanning innovations and performance
controls Maintains uptime and optimizes performance Easily manage configuration and operation Automated signature updates Reporting, Notifications and Alerts
Comprehensive
Protection
OptimizedPerformance
Simplified Management
* For protecting SharePoint 2003 and Windows SharePoint Services 2.0 environments, purchasing Forefront Security for SharePoint includes downgrade rights to Antigen for SharePoint
Forefront Security for SharePoint
SQL Document Library
DocumentUsers
Document
SharePoint Server
Virus Protection for Document Libraries
Integrates scan engines from eight industry leading vendorsReal-time scanning of documents uploadedand downloaded from document libraryManual and scheduled scanning of document library
Content Policy EnforcementFile filtering to block documents frombeing posted based on name match, file type or file extensionContent filtering by keywords withindocuments for inappropriate words and phrases
Protects MOSS 2007 and WSS 3.0
Antigen for Instant Messaging
Detects and removes malware and viruses in instant message sessions- Protect conversations and file
transfers- Block clickable URLs
Provides advanced content-filtering capabilities for messages and attachments- Enforce content policies
Keyword filtering in messagesand file transfers
File filtering by type and extension
- Enhances built-in LCS archiving by blocking inappropriate content
Microsoft Office CommunicatorClients
Live Communications Server 2005
Firewall
Outside IM Clients
Windows Messenger
Clients
Centralized, web-based console Automated signature updates for multiple AV
engines Comprehensive reporting
Simplified Management
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint and Microsoft Antigen, providing a web-based console to centralize configuration and operation, automate the download and distribution of signature and scan engine updates, and generate comprehensive reports.
Outbreak response Rapid update distribution
Integration with SQL Server 2005 & Windows Server 2003
Redundancy maintains server availability Support for Exchange 2007 CCR clusters
Comprehensive
Protection
OptimizedPerformance
SharePoint Servers
Exchange Servers
Forefront Server Security Management Console Features
Central management console - Deploys and configures
Forefront/Antigen Security for Exchange and SharePoint environments
Automates signature updates across the enterprise- Scans for and pulls updates
for multiple antivirus engines
- Distributes updates to all Forefront/Antigen servers
Forefront Server Security Management Console Features
Comprehensive reporting- Detected viruses, keyword filters or file filters- Actions taken by Forefront/Antigen on
detection of a virus or content violation- Message traffic activity- Antivirus engine versions
Outbreak alerts- SNMP and SMTP alerts sent when administrator-
defined thresholds for viruses, file and content filters are exceeded
- Alerts can be forwarded to Microsoft Operations Manager
Customer Testimonials
“Forefront works like a dream. We don’t have to do anything to it until we’re ready to upgrade. With a small IT staff, that’s exactly what we want.”Alexander Fischer, Chief of IT Infrastructure, Koehler Paper Group
“We looked at Forefront and it blew us away. We’re a Microsoft shop. We want to use products that will integrate well with what we have. And we’ve seen the Microsoft roadmap for the Forefront product range, so we know this is a product we can use to increasing advantage in the years to come.”
Peter Oescheger, CIO, Sasfin
“We wouldn’t put anything else for e-mail security on our Exchange Server 2007 machines. The software is well-respected. It’s been around; it’s proven. Our own experience with Microsoft Antigen is that it’s an outstanding product. Forefront Security for Exchange Server makes it even better.”
Chris Habala, Senior Architect/Analyst, Del Monte
“The integration of Forefront with Exchange is even better than the integration we saw with Antigen. It integrates proactively as part of the scanning flow. It’s not complicated to install or administer. Microsoft has taken one of the best antivirus products for Exchange and just made it better.”
Will Wilson, Director of Information Systems, Guardian Management
Summary
Microsoft Forefront Server Security products:- Provide comprehensive antivirus, antispam
and content filtering protection for Exchange Server, SharePoint Server, Windows SharePoint Services, and Live Communications Server
- Strengthen messaging and collaboration security with multiple industry-leading antivirus technologies
- Are industry proven, with some products in their 10th iteration
Next Steps
Read whitepapers on Forefront Server Security products- http://www.microsoft.com/forefront/serversecu
rity
Download evaluation copy of Forefront Server Security products- http://www.microsoft.com/forefront/serversecu
rity
Read about Microsoft Secure Messaging and Collaboration solutions- http://www.microsoft.com/securemessaging
© 2007 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Magic Quadrant Disclaimer This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Microsoft. Go to: www.microsoft.com/forefront. The Magic Quadrant noted on slide 16 is copyrighted September 25, 2006, by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Appendix
Server Security Product RoadmapPastPast
ClientClient
ServerServer
EdgeEdge
Next Generation Client SecurityNext Generation Client Security
Next Generation Server SecurityNext Generation Server Security
Next Generation Edge Security & Access
Next Generation Edge Security & Access
Inte
gra
ted
Pro
tectio
n &
In
teg
rate
d P
rote
ction
&
Man
ag
em
en
tM
an
ag
em
en
tC
od
en
am
ed
‘Stirlin
g’
Cod
en
am
ed
‘Stirlin
g’
(Beta 2)
PresentPresent FutureFuture