Security Technologies

Sebastian VîjeuTechnology EvangelistMicrosoft România

Cloud On-Premises

The Microsoft Security Story

The TrustworthyComputing Initiative

Security Tools & Papers

SecurityReadiness

Educationand

Training

Core Infrastructure Optimization Model

IT Process and Compliance

Identity and Security Services

Client Services

Datacenter Services

Standardized

Managed information-technology (IT) infrastructure with limited automation

Rationalized

Managed and consolidated IT infrastructure with maximum automation

Dynamic

Fully automated management, dynamic resource usage, business-linked service level agreements

Basic

Uncoordinated, manual infrastructure

Efficient Cost Center

Business Enabler

Strategic Asset

Cost Center

Business ChallengesBusiness

Landscape• More connectivity and collaboration• Increased regulatory and compliance pressure• Greater need for identity-based protection and access• Greater IT choice: On-Premises vs. Cloud

Increased volume

Greater sophistication

Profit motivated

Product proliferation

Lack of integration

High cost of ownership

Threats Current Solutions

Security not aligned to business needs and new opportunities

“Information security today suffers from a proliferation of unconnected point products, creating unnecessary complexity and cost … information security needs to move to integrated, identity-aware, adaptive security systems that support business initiatives instead of blocking them.”

Neil MacDonald, VP and Gartner Fellow

Protect Everywhere, Access Anywhere

Protection Across Multiple Layers

Access Anywhere

IDENTITY CENTRIC

Scale across physical, virtual, and cloud environments

Network

Host

Application

Information

Business Ready Security Solutions

Integrated SecurityPlatform : Active Directory, User Account Control (UAC), Direct

Access, Network Access Protection (NAP)

Information ProtectionAD Rights Management Services (RMS),

Platform : EFS, Bitlocker

Identity and Access ManagementForefront Identity Manager 2010,

Threat Management Gateway(TMG), Unified Access Gateway (UAG)

Secure MessagingForefront Protection 2010 for

Exchange Server

Secure EndpointForefront Client Security

Forefront Endpoint Protection,

Platform : Direct Access, NAP

Secure CollaborationForefront Protection 2010

for Sharepoint/OCS Server

Protect Clients Without Complexity• Simple interface

− Keep user interactions minimal and high-level

− Provide necessary interactions

• Admin-managed options− Control user

configurability− Enforce central

policy

Building Endpoint Protection On Configuration Manager 2007• Uses existing

Configuration Manager 2007 infrastructure− No new servers− Integrated console− Supports SP2/R2 and

later• Simple install process

− Installs on root site, deploys to hierarchy

− Discover Configuration Manager roles and attach FEP roles and context (or allow separate installs)

− Automatically creates additional components (FEP distribution packages, DCM baselines)

Central Site

Primary Site

Primary Site

Primary Site

FEP

Extending Endpoint Protection to Servers

Server-Centric View in OpsMgr

Predefined settings optimized per server workloadServer security and availability tasksService Level Objectives reports integrated with OpsMgr 2007 R2

Real-Time Monitoring and Alerting for Critical Systems

Protect E-mails from MalwareOn Premises and in the Cloud• Provides defense in depth

through best-in-class, multi-engine antimalware

• Increases productivity with industry-leading 99+ percent spam-catch rate

• Reduces risk through automatic engine updates

Malware Protection

“Our system is definitely more secure because every PC is getting the Forefront updates. With Forefront Security, we’ve solidified protection across the organization.”

George Podolak, Director of IT,

Pei Cobb Freed & Partners

BPOS

Protect Sensitive Information in E-mail On Premises and Cross Premises• Provides automatic protection

for sensitive e-mails with rights management

• Protects information no matter where e-mails go through cross-premises rights management

• Enables wider policy enforcement with protection capabilities for Outlook® Web App and voicemail

“I believe that Active Directory RMS will be a watershed technology like e-mail or the Web browser. It will be a fundamental technology that everyone uses, and it will not be thought of as a separate application. It will be like Active Directory—it is just there and everyone uses it.”

Jason Foster, Senior Manager of Technology at Continental Airlines

BPOS

Information

Protection

“Forefront Security for Exchange Server can support up to five scanning engines at the same time. Thus, it offers a more secure environment, compared with products that support using only a single engine.”

- Akihiro Shiotani, Deputy Director of the Infrastructure Group

Protect Everywhere, Access AnywhereExample scenario: Protect messages from malwareCompetitors’

SolutionsMicrosoft Solution

“Defense in Depth”

38 times faster

Automatic engine updates

On premises or in the cloud

99 percent spam detection*

* With premium anti-spam services

Multiple EnginesSingle Engine

An AV-Test of antivirus products revealed:• On average, Forefront™ engine sets

provided a response in 3.1 hours or less.

• Single-engine vendors provided responses in 5 days, 4 days, and 6 days respectively.

Management

Integrate and Extend Security Across the Enterprise

Integrated across the stack

Extensible across the enterprise

Workloads

Windows® Platform

Active Directory®

Enhance value from investments Extend value to changing needs

• Industry collaboration and partnership

• Seamlessly extend cloud-based operations• Claims-based identity federation

• Enable support for heterogeneous environments

• Empower developers through open standards and protocols

Backed by global resourcesMalware Protection Technology

Malware Research and Response

Security Intelligence

Simplify the Security Experience, Manage ComplianceExample scenario: User provisioning

ActiveDirectory

LotusDomino

Lightweight Directory Access Protocol (LDAP)

SQLServer®

Oracle database

Human Resource System

Forefront Identity Management(FIM)

Workflow

Manager

User Enrollment

Approval

User provisioned on all allowed systems

FIM Certificate Management

End User

ActiveDirectory

Oracle

SQLServer

IBM DS

LDAP

User requests password reset

FIM Server

Passwords

updated

Simplify the Security Experience, Manage ComplianceExample scenario: Self-service password reset

Forefront Identity Management capabilities integrated with Windows logonRandomly selects a number of questions

Reset Password

Microsoft Security Solutions Gaining Momentum

Microsoft AV achieved

Advanced+ May 2010

18

“Chief information officers looking to outsource parts or all of their company's security will want to closely

evaluate Microsoft's next-generation security services.”

Awards, Certifications, and Reviews

Try the solutions at www.Microsoft.com/forefron

t/trial

Speak with a Microsoft representative about

your needs

Deploy solutions that empower your

business needs

Next Steps and Resources

Forefront Business Ready Securityhttp://www.microsoft.com/forefront/en/us/business-ready-security.aspx

Forefront Deployment Resourceshttp://www.microsoft.com/forefront/en/us/deployment.aspx

Microsoft Forefront Case Studieshttp://www.microsoft.com/forefront/en/us/case-studies.aspx

Microsoft Serviceshttp://www.microsoft.com/services

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.