Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Security Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist V2.1 – Sep 2007.

Published byQuincy Owensby Modified over 9 years ago

Similar presentations

Presentation on theme: "Microsoft Security Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist V2.1 – Sep 2007."— Presentation transcript:

1 Microsoft Security Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist V2.1 – Sep 2007

2 Overview Microsoft Forefront Edge Security and Access Why should we be more secure? What is Microsoft Forefront Security Suite ? → Overview Forefront for client → Overview Forefront for server → Forefront for Exchange and SharePoint server 2007 Forefront for Edge → IAG Server (Intelligent Application Gateway Server) Exchange Hosted Services

3 Why should we be more secure ?

4 Cybercrime is a real threat. Hackers are interested in gathering information (Credit card details, individual details...) => Fraudulous use of credit cards and or personal individual details for identity theft... Cyber crime affects individuals, customers, insurance companies, companies image and long term existence. Hackers are not kids anymore. Hackers are a lot smarter than you think. They are organised crime organisations, they have an in depth knowledge in programming, Windows, Unix, Linux, Network and they will use any opened door to gain access. Social engineering is an easy way to gather information as many employees will give out information if they find their interlocutor pleasant and nice. We can never win against the threat, this is a perpetual fight. Over 60% of the people who were asked to provide their company login’s password gave it out to a guy who just asked them gently ! (INFOSEC 2007)

5 Consequences for affected companies : Loss of productivity, loss of data, termination or resignation of employees, increased insurance cost, long-term loss of business, loss of significant business/profit Companies are not securing their data as they should be... 75% of security investment focused here Network Attacks Application Attacks 75% of attacks focused here

6 54,8744,7183,179978 In the last 6 months of 2006: Mobiles PDAs Laptops Were left in taxis, in London alone… Memory Sticks Source: Pointsec

7 English Revenue and Customs admits theft of 13,000 civil servants personal information. Tax Credit system had to be shut down to halt the fraud. £15m was stolen. – Dec 05 A printing firm contracted by Marks & Spencers in the UK has had a laptop stolen putting 26,000 employees at risk for identity theft – May 2007. Employee of Nationwide Building Society has their laptop stolen from home containing account information for 11m customers. – Aug 06 (Fined £1m for this…) Although the scientist downloaded about 15 times more data than the second most active user, no alarm bells rang until after he submitted his resignation from DuPont, the company behind Kevlar, Teflon, and hundreds of other brands and trademarks. Although the scientist downloaded about 15 times more data than the second most active user, no alarm bells rang until after he submitted his resignation from DuPont, the company behind Kevlar, Teflon, and hundreds of other brands and trademarks. The value of the stolen information is set at 400 million USD – Feb 2007. The price of stolen information

8 FOREFRONT SECURITY SUITE

9 What is Forefront Security Suite ? Forefront for client Secure Windows clients (Desktops and file servers) against spywares, viruses... Forefront for server Secure Exchange/SharePoint servers against viruses, spam, worms in order to deliver clean emails and documents. Forefront for edge Inter network communications protection to insure security of information and application between clients and servers.

10 Forefront for clients Integrated antivirus and antispyware engine, delivering real-time protection from and scheduled scanning for viruses, spyware, and other threats. Central management system, generating reports and alerts on the security status of their environment. State assessment or scans for determining which managed computers need patches or are configured insecurely.

11

12 Forefront for Exchange Anti Spam, Anti Virus and Anti Worm protection for Exchange server. Can run 5 different anti virus engines at the same time reducing the risk because we do not depend on one vendor only. Filter the Spam with rules (Keywords or combination) and automated antivirus signature updates.

13 Internet A B C D E Exchange Server/ Windows-based SMTP Server Distributed protection Performance tuning Content filtering Central management

14 Forefront engines VirusBusterSophosNorman Microsoft Anti Malware Kaspersky CA VET CA Inoculate Authentium Command AhnLab All engines are independent from each other. Updates are made available from Microsoft website, 15 mn after they have been sent from the partners.

15 Forefront for Sharepoint Scan uploaded and downloaded documents before they are saved against worms, malicious code, viruses.

16 IAG SERVER

17 IAG Server Intelligent Application Gateway Server SSL-based application access with endpoint security management.

18 IAG Server Intelligent Application Gateway Server Browser based access. Block malicious traffic and attacks (No network traffic) Drive policy compliance (Limit exposure and liability, better ROI)

19 IAG Server Intelligent Application Gateway Server Remote machine profiling Determine the health status of the remote machine and dynamically give access accordingly. Cache wiper Clear browser cache, disk cache and overwrite 7 times the clusters where the file was initially downloaded. It is impossible to recover a file after this process. Authentification vendors Works with 60 different vendors such as Radius, RSA SecureID... Network integration SharePoint 2003/2007, OWA, Dynamics, ActiveSync, Terminal-Services, Citrix, SAP, Lotus Domino, WebSphere and many more… Network isolation No network connectivity between the remote user and the remote server/service. The remote client does have an IP address (Unless this is required by IP Phone or any other application/device that requires an IP address)

20 Overview Intelligent Application Gateway External Firewall Port 443 LDAP Oracle Exchange Server SharePoint Server Partners IBM / Lotus SAP Web Active Directory SSL VPN connectivity and endpoint security verification

21 Exchange Hosted Services

22 TraditionalHosted SMTP E-mail store Virus (<1%) Spam (70%) Legitimate(30%) SMTP E-mail store Virus (<1%) Spam (70%) Legitimate(30%)

23 Why outsource AV & AntiSpam? Manage cost and complexity Secure, protect and comply Inbox value and access No HW/SW to install and manage Outsource routine IT management Predictable subscription based service Scalable at no additional cost Eliminate threats before they reach the network Policy-compliant infrastructure Service-based e-mail archiving for rapid deployment Eliminate spam and viruses from the e-mail stream to boost productivity Reliable e-mail availability and continuity systems Recover from unplanned outages or disasters

24 End-user access

25 Easy recovery

26 Infrastructure SLAs 99.999% network uptime < 2 minute delivery Accuracy SLAs 100% virus detection and blocking 95% spam effectiveness 1:250,000 false positive ratio Service Level Agreement

27 Any questions ? Please do not hesitate to contact me V-MiRiVA@MICROSOFT.COM

Download ppt "Microsoft Security Microsoft Ireland Michael RIVA, MCSE: Security, MCT Partner Technical Specialist V2.1 – Sep 2007."

Similar presentations

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Secure Lync mobile Authentication

Secure Lync mobile Authentication
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.

Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.

Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.

Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Similar presentations

Ads by Google