Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft’s Security Positioning towards Service

Similar presentations


Presentation on theme: "Microsoft’s Security Positioning towards Service"— Presentation transcript:

1 Microsoft’s Security Positioning towards E-mail Service
4/14/2017 9:08 AM Microsoft’s Security Positioning towards Service LEAD: Hello and welcome, my name is ……. Security is a top priority for Microsoft. Over the past several years, security has been weaved into fabric of our day to day business with you, our customer, in mind. I want to share with you our security strategy and the work we have done to better support you and your business. Panagiotis Korologos Account Technology Secialist Enterprise & Partner Group Microsoft Hellas SA © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Evolving Security Threat Landscape
4/14/2017 9:08 AM Agenda Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Initiative Addressing Security Threats with Microsoft LEAD: We will start off our conversation today discussing the Evolving Security Threat landscape…… © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Evolving Threat Landscape
4/14/2017 9:08 AM Evolving Threat Landscape Local Area Networks First PC virus Boot sector viruses Create notoriety or cause havoc Slow propagation 16-bit DOS 1986–1995 Internet Era Macro viruses Script viruses Create notoriety or cause havoc Faster propagation 32-bit Windows 1995–2000 Broadband prevalent Spyware, Spam Phishing Botnets Rootkits Financial motivation Internet wide impact 32-bit Windows 2000–2005 Hyper jacking Peer to Peer Social engineering Application attacks Financial motivation Targeted attacks 64-bit Windows 2007 LEAD: It is interesting to see how security threats have evolved over the past 20 years . <CLICK> During the late 80’s and early 90’s, most computers were standalone and files were transported via Sneakernet. Viruses were written mostly as proof of concept, grafitti, or notoriety.  The primary types were boot sector viruses and DOS file viruses.  Viruses spread very slowly, however they were as fast you could carry a diskette to hand it to someone else. During the late 90’s, networking became more prevalent and Microsoft Office and Outlook became prevalent in the corporate environment.  started growing as a standard method to communicate with others.  Macro viruses for Word, Excel, and Powerpoint infiltrated organizations.  Script viruses, especially via , started causing virus outbreaks.  The dreaded Melissa virus caused great havoc for many people before the authorities were able to immediately arrest of the author.  The first viruses to take advantage of exploits came into being, allowing infection of users simply via viewing of an message, or directly and without user interaction. From about 2000 to present, Broadband prevalence gave the bad guys the incentive to capture hundreds and thousands of machines and made it feasible for them to use a command and control structure to use those captured machines for whatever they wanted to do. Today’s malware is decidedly different. Instead of hijacking the computer for illicit gains, today’s malware is intent on highjacking the user for hard currency, credit card fraud, and outright identity theft. In the current landscape, malware is no longer the end to the means, but rather the means through which the end is reached. Virus/botnets/zombies To achieve their goal, criminals typically control large botnets, collections of sometimes tens of thousands of computers infected by backdoor Trojans. The Trojans used to form the botnets are typically installed by downloaders and droppers which, ironically, frequently reach their victims through spam. Botnet control is shifting from centralized control to peer-based, similar to a peer-to-peer network. This makes botnets harder to take down. In addition, peer-to-peer file sharing networks are breeding grounds for malware. Attackers deliberately seed these file shares with backdoor Trojans and downloaders, using file names that match popular program, music, or other coveted files. Spam (see separate briefing document on a specific Spam overview and MS anti-spam efforts) Spam now at record levels, increasing to as much as 85-90% of all traffic Hotmail has over 280M active accounts, on a daily basis received 4.5-5B mails a day So, B are spam – think about impact to infrastructure Doing a better job of blocking, detecting Up to 40% is image-based spam, which is more difficult to detect by traditional means 1% of all spam is infected with viruses Becoming more malicious – targeting personal and biz info Spam surges are tied to malware outbreaks—a few weeks after a virus outbreak we begin to see more spam. 80% of all spam now originates from botnets Infected machines become zombie spam-bots, which create more spam Pump-n-dump stock spam now generates up to 35% of all spam Phishing The Anti-Phishing Working Group (APWG) reports that the number of phishing sites and phishing continue to climb, with a year over year growth of over 50%. Nearly 60% of business PC users receive at least one phishing per day, and 22% receive more than five phishing s per day Social Engineering is a primary method of engaging users through the aforementioned attacks and remains the most effective manner of enticing a user to willingly, but unknowingly, install malware or spyware. User education is paramount in resolving this threat. Going into the future, Systems become harder to infiltrate directly and authentication methodology is improved.  As a result, bad actors advance their social engineering techniques using better tracking and man-in-the-middle attacks.  The user is still the weak link.  The operating system itself becomes harder to infiltrate, so researchers turn more toward other essential elements of the system, such as hardware drivers and security software.  Other infrastructure hardware also become targets (firewalls, routers, appliances...) ???? Customer Questions What security threat has had the most impact to your business? What security threats are you concerned about today? © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

4 Largest segment by $ spent on defense
4/14/2017 9:08 AM Evolving Threats Largest segment by $ spent on defense National Interest Personal Gain Personal Fame Curiosity Spy Largest area by $ lost Fastest growing segment Thief Largest area by volume Trespasser LEAD: Who is responsible for driving the evolution of the threats that impact your business? It started with those that were curious and wanted personal fame in hacking into different systems and networks. Then, the motivation moved to those that found a sport in CyberTrespassing and those that look at financial gains from CyberThief. As more individuals made money, the group began to grow larger and larger. Now we are finding experts and specialist that focus on large hacking efforts gaining access to sensitive data that they can sell on the black market. We are also seeing CyberSpy Specialist with national interests at stake. <CLICK> Vandals are the largest group. We see Theives driving the largest area where money is lost The largest segment of spend is focused defending national interests. The fastest growing segment are the experts that are in the business of stealing your business assets. ????? Customer Questions Are you seeing security threats evolve before the attacked technology is mainstreamed? Why do you think this is happening? Vandal Author Script-Kiddy Undergraduate Expert Specialist 4 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

5 Security Threats to E-Mail
4/14/2017 9:08 AM Security Threats to The most common way for viruses to enter an organization is through “…antivirus experts at SoftScan said that 89.5 per cent of all viruses scanned were classified as phishing malware” - Clement James, “Virus Levels Soar in August,” IT News.com.au, September 5, 2006 Spam volume continues to trend upward over time “Spammers now generate an estimated 55 billion messages per day... A year ago that number was 30billion..” - Robert McMillian, “Spam’s New Image,” CIO.com, August 15, 2006 Threats to the organization are intense and it is crucial that organizations are well protected. Phishing scams have become more sophisticated and successful in a short period of time © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

6 Addressing Security Threats
Helps turn IT into a business asset not a cost center Supports your day to day security processes Is the Enabler to running your business successfully Technology Data privacy processes to manage data effectively IT security processes to implement, manage, and govern security Financial reporting processes that include security of the business Process LEAD: Addressing Security Threats is not just about the products that you use. Corporate IT Security has to be addressed from several perspectives. Addressing security threats should be done in three focus areas: <CLICK> First and most important is your company, the people in which you provide IT services. Everyone in your company should understand their role in securing your company’s assets. Providing them with safe computing practices and guidance on how to deal with SPAM or malware helps you in your job in securing your organization. Policy awareness is key. We are now seeing many companies include security policies in their company’s business conduct training. Helping key individuals know their extended role with industry or government compliance is important to meet compliance requirements and assist you in effectively govern your security compliance processes. Your IT staff should have the security skills and knowledge to deal with critical security issues and drive business continuity through escalations. The ability to manage critical situations should be a core competency in your IT management staff. Processes to manage your data asset and enforce privacy policies are instrumental to your larger Corporate Security Policy. These processes and policies is the tie between effective business management, personnel and security solutions. And finally, Technology. Technology should be a business enabler, helping you company get your products or services out to market faster and to help you differentiate your company against your competitors. As we look at the current security situation that is happening in the industry, a solid IT Security architecture is now a necessity that should be considered as a business asset instead of a cost center. How do you get there? Based on a study that we did with IDC in 2006, assessing your IT maturity is core to an IT business asset transformation. We took this data and developed a maturity model that includes security as a core component. This model is called Infrastructure Optimization. ????? Customer Questions What areas do you think you are doing the best at addressing security threats? What areas need the most improvement? Company understands the importance of security in the workplace Individuals know their role with security governance and compliance IT staff has the security skills and knowledge to support your business People

7 Trustworthy Computing Initiative
4/14/2017 9:08 AM Trustworthy Computing Initiative LEAD: Lets step back for a moment to talk about the foundation of our security efforts at Microsoft and our commitment to you our customer. …. Since the Trustworthy Computing Initiative was introduced in early 2002, Microsoft has been working wholeheartedly to address security issues in both our software and in the industry. Broadly adopted technologies such as telephony and electricity have become trusted parts of our daily lives. Even though they occasionally fail, the overwhelming perception is that these technologies are inherently trustworthy. Achieving similar confidence in technology reliability is a fundamental objective of Microsoft's Trustworthy Computing Initiative. The challenge: While the overall quality of technology has improved considerably, customer expectations for end-to-end reliability outpaced these improvements. Compounding the challenge is the increasing complexity of software and the computing ecosystem, plus the lack of real standards for measuring reliability. Microsoft has a vision of seamless computing, in which all types of devices work easily together as if they were all a single device. For Microsoft to make that vision real, we focus on our 4 pillars of Trustworthy Computing. First is Security Microsoft takes a "defense-in-depth" approach to security and is aligning around three core elements: Fundamentals The focus on fundamentals is making the platform inherently safer. As part of this initiative Microsoft has trained its developers, testers, and program managers in how to develop more secure code, putting in place a process for developing secure code. Another key area of Microsoft's approach is enhancing the process and tools used in updating customer software. Microsoft has been and will continue to work hard to make the updating process more manageable by making it predictable, improving the quality of updates, and investing in better tools and product enhancements to make it easier. 2. Threat and Vulnerability Mitigation Microsoft's approach looks to reduce an organization's exposure to attacks, through best-of-breed threat protection, detection, and removal with our technology and products. Data collected using various feedback mechanisms—including MSN Hotmail, Windows Online Crash Analysis, and the SpyNet AntiSpyware Community—combined with a global multi-vendor research effort will enable fast discovery and awareness to protect against new threats. 3. Identity and Access Control Tackling this challenging aspect of security is another important layer of Microsoft's in-depth approach to defense. It has three fundamental parts: • Trustworthy Identity • Access Policy Management • Information Protection Microsoft is focusing on innovation and integration in this area to help ensure that users are trustworthy, to help manage policy that dictates what resources those users can access, and to help protect information for its lifetime, wherever it is stored. Privacy is a critical element of a trusted computing experience. You have high expectations about how we collect, use, and store personal information. With this in mind, we create our policies and processes for designing, developing, and testing to ensure that we: • Engineer privacy into our products during the product life cycle. • Implement privacy-based technology throughout our internal processes. • Ensure that our global privacy policies are properly executed throughout the company. • Provide leadership for the industry. Microsoft believes that its customers have the right to control their personal information, have the right to be left alone, and have the right to a trusted experience in which they can rely on Microsoft technologies, services, and solutions. We provide the opportunity for our customers to opt in or opt out when providing personal information. We also partner with other organizations and industry professionals to create policies and standards to safeguard the appropriate usage and security of personal information. We are vigilant in our compliance with global privacy laws; our privacy policy is, in part, derived from privacy laws from around the world. We follow the lead of these privacy laws, and apply those standards globally. No matter where our customers live or work, we are striving to help them protect their privacy. Finally, Trustworthy Computing plays a critical role in Microsoft’s Business Practices. We are committed to deepening the trust of customers, partners, governments, and communities by demonstrating that we operate with integrity in everything we do. We strive to meet or exceed our legal, regulatory, and ethical responsibilities around the world and to hire and reward employees who share our values and adhere to our Standards of Business Conduct. Our position as an industry leader is both an opportunity and a responsibility to set the standard for responsible innovation and community engagement around the world. We Live Our Values • We act with integrity and honesty. • We are passionate about our customers and partners, and about technology. • We are open and respectful with others and dedicated to making them better. • We are willing to take on big challenges and see them through. • We are self-critical, questioning, and committed to personal excellence and self-improvement. • We are accountable for commitments, results, and quality to customers, shareholders, partners, and employees. A Culture of Accountability and Integrity • We manage our business to meet or exceed legal, regulatory, and ethical standards. • Proactive compliance with applicable laws and regulations worldwide. • Development, implementation, and enforcement of policies, programs, and practices that encourage legal and ethical business behaviors throughout our business. • We hire, manage, and promote people of integrity. • Management exudes tone at the top. • Employees are responsible business leaders who operate with integrity and demonstrate responsible, ethical business practices in everyday roles and relationships. • We demonstrate leadership through responsible innovation. • Management and protection of the assets of Microsoft and others. • Responsible product development. • Environmental stewardship. • We are accountable and we hold our partners and vendors accountable for responsible business and financial practices. • Mutually trusting relationships. • Supply-chain management. • We are committed to responsible corporate citizenship. • Work with businesses, communities, and governments to help advance social and economic well-being and to enable people around the world to realize their full potential. Resources and Training • Provide access for all employees to the Standards of Business Conduct, annual mandatory Standards of Business Conduct training, and related resources. • Offer the Business Conduct Line to all employees, vendors, customers, partners, and the public to seek guidance or report concerns regarding issues or behaviors that do not reflect Microsoft's values, or may violate laws, regulations, the Standards of Business Conduct, or supporting policies. Recognition and Rewards • Investigate allegations of noncompliance and educate employees about consequences. • Reward behavior that demonstrates Microsoft's ongoing commitment to ensuring a culture of accountability and business integrity at all levels of the organization. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 7

8 Microsoft Security Strategy
4/14/2017 9:08 AM Microsoft Security Strategy LEAD: Microsoft’s Security Strategy has three focus areas where we will continue to make investments over the coming year. Industry Partnerships Microsoft works with others in industry, business and government to combat privacy threats and promote best practices. These efforts include formal legal actions and support for law enforcement against spammers and phishers, advocacy for comprehensive privacy legislation, and leadership on a variety of industry-driven privacy initiatives. Microsoft actively pursues cyber criminals through vigorous civil enforcement in the United States and by partnering with law enforcement agencies worldwide. Since 2003, Microsoft has supported more than 490 legal actions against spammers, phishers, and other cyber criminals around the globe. Prescriptive Guidance With the understanding that people who use technology also play a vital role in securing the overall computing ecosystem, Microsoft actively engages with customers to help them understand their rights and make educated choices when sharing personal information. For example, we introduced a layered privacy notice for many of our online services, providing a clear, concise one-page summary of the company’s online privacy practices with links to full statements and other relevant information. Microsoft also offers a free, Web-based service called Windows Live™ OneCare™ safety scanner (http://safety.live.com) that scans PCs for health and security concerns, provides straightforward explanations about many online threats, and fosters a vibrant online community. Technology Investments Microsoft has changed the way it develops software to incorporate security and privacy checkpoints throughout the product development life cycle. To help protect against evolving security threats, we’re building technologies that provide layered defenses against spam, spyware, phishing and other malicious activity. We’ve also made important strides in providing easy-to-use services and tools that help customers configure their systems correctly and keep them up-to-date. We have also entered into the security software market with our Forefront Security Product family that provides integrated Edge, Server and Client security solutions. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Security Development Lifecycle
4/14/2017 9:08 AM Security Development Lifecycle Design Threat Modeling Standards, best practices, and tools Security Push Final Security Review RTM and Deployment Signoff Security Response Product Inception LEAD: Our efforts with Technology Investments start with our Engineering Excellence programs we implemented back in where we incorporated security best practices throughout the software development lifecycle (from planning and design to deployment and support), educating our engineers to write more reliable code, creating innovative new development tools and technologies to improve software quality, and implementing process changes to improve accountability at all levels. As a part of our methodology, processes and tools, we defined the Security Development Lifecycle. <CLICK> Here is a high level view of the phases of Microsoft’s Security Development Lifecycle. In each phase a security lead help to ensure that the security deliverables are met and that the appropriate level of due-diligence, testing and mitigation has occurred. We work to share these advances outwardly to support a wide variety of hardware and software partners in the larger technology ecosystem, ultimately enabling our customers worldwide to have the most reliable and trusted computing experience possible. Microsoft is committed to a leadership role in the industry pursuit of increased levels of software reliability. Not only is this drive a critical part of our work internally, we also are working with our partners and industry leaders to improve the reliability of all software. Because of our success in this effort we are now adding security development tools in Visual Studio and you will see further alignment to the SDL process with our new Visual Studio 8 release. ???? Customer Questions Does your organization develop their own business applications? What methodologies are they using to ensure that your applications are secure? Could your organization benefit from using SDL? © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Security Threat Landscape Evolution
4/14/2017 9:08 AM Microsoft Security Strategy Security Threat Landscape Evolution Engineering Excellence Security Development Lifecycle LEAD: Microsoft has made solid technology investments to secure the Microsoft Windows Operating Systems platform for your business use. <CLICK> It starts with our Engineering Excellence efforts developing high quality and secure operating systems. Together with our industry partner ecosystem and our efforts to promote best of breed security practices though our prescriptive guidance, we hope that we can begin to gain your trust as a business partner……. But business partnerships are developed by understanding your business objectives and our ability to address key concerns that impact your business. With the evolving threat landscape, <CLICK> we see security concerns are evolving in 4 major areas: Network security Identity and access management Infrastructure and data protection and finally Interoperability ???? Customer Question Do any of these concerns impact your business today? If YES, Which one has the greatest impact? Each of these concerns can be addressed with Microsoft technology and products. Over the next several slides, <CLICK> we will address the evolution of these key areas and how our technologies and products provide you a solution today. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Protection (Infrastructure & Data)
Edge, server and client protection “Point to Point” Solutions Security of data at rest and in transit Mobile workforce Manageability Corporate OS Protection “Edge” Protection Server Protection LEAD: Protection of your business assets is core to sustaining your business productivity. Many customers have different point to point solutions that protect their network edge, their critical business application and their clients. No integrations, hard to configure and consolidated reporting a nightmare. The mobile workforce has constantly been a challenge to manage and protect. For many customers, full integration and combined management is only a dream. ???? Customer Questions Are you seeing some of these same issues? Microsoft’s vision is to provide our business customers with suite of security products that are comprehensive to address the toughest security threats, integrated to support the overall management and is simplified to ease configuration and use. <CLICK> Microsoft Forefront is Microsoft’s branded family of comprehensive security products aimed at business customers. Forefront products easily integrate with each other, with an organization’s IT infrastructure (such as Active Directory, Systems Management Server, SQL Server, etc.), and can be supplemented through interoperable third-party solutions, enabling end-to-end, defense-in-depth security solutions. Simplified management, reporting, analysis, and deployment enable customers to more efficiently protect an organization’s information resources and secure access to applications and servers. The Forefront brand may be new, however the technology has been available for some time: ISA technology was first launched in 1996 Whale technology first shipped in 1998 The new Forefront Server Security products (prev. Antigen) will be v10 Forefront Client Security is built on the same highly successful Microsoft protection technology already used in products such as Windows Live™ OneCare™, Windows® Defender and Microsoft Forefront Security for Exchange Server. Our consumer and small business security solutions are provided through Windows Live OneCare, which delivers all-in-one PC care with powerful protection and simple PC maintenance. The subscription service is available in 16 countries and the US for an annual subscription of $49.95 for up to three PCs.  Available for PCs running Windows XP or Windows Vista, the comprehensive service offers consumers the following benefits: Better PC protection through integrated anti-virus, firewall and anti-spyware technologies Optimized computer performance through automatic tune-ups Increased data protection through backup and restore features Continuous updates to help protect your system from the latest threats through automatic service updates Immediate access to new Windows Live OneCare functionality as we expand the service to meet evolving customer needs What products or services are you using today for your Edge Protection? ……..Critical Business Server Application Protection? ……..Client Protection? Has your organization tried any of our Forefront products? If YES, Which ones?

12 Market Recognition Leader in Gartner Security Boundary Magic Quadrant Visionary in Gartner SSL VPN Magic Quadrant Leader in Gartner Security Boundary Magic Quadrant Leader in Forrester SSL VPN Wave Visionary in Gartner SSL VPN Magic Quadrant Leader in Forrester SSL VPN Wave

13 + Software Services Our strategy – S+S beats Software or Services alone.

14 Client and Server Operating System
4/14/2017 9:08 AM Microsoft Forefront Microsoft Forefront provides greater protection and control over the security of your business’ network infrastructure Client and Server Operating System Server Applications Edge © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 4/14/2017 9:08 AM Comprehensive Antivirus, Anti-Spam Protection Choice: Hosted security On-Premise Software Firewall + SMTP Internet Hub Transport Server Mailbox Server Client Access Server Choices for Network Edge Protection Internet-based services protect against spam and viruses before they penetrate the network Comprehensive Enterprise-class Hosted Services for Security and Management Service for security with performance backed by SLAs Simplify Administration Offloading security allows IT to focus on other initiatives Network Edge Protection Services and on-premise software protect against spam and viruses before they penetrate the network Firewall Protection Protocol and application-layer inspection enable secure, remote access to Exchange server Internal Anti-virus Protection Protects against malicious threats, while enforcing content policies © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

16 Attached Services Multi-headed Client On-Premise or Hosted

17 4/14/2017 9:08 AM Comprehensive Antivirus, Anti-Spam Protection Choice: On-premise protection On-Premise Software Firewall + SMTP Internet Edge Transport Server Hub Transport Server Mailbox Server Client Access Server Choices for Network Edge Protection On-premise software protects against spam and viruses before they penetrate the network Local Control of Data Antivirus, anti-spam and security policies can be customized to meet the needs of the organization Built-in Protection Protection for your data and your network that can expand as the organization grows Network Edge Protection Services and on-premise software protect against spam and viruses before they penetrate the network Firewall Protection Protocol and application-layer inspection enable secure, remote access to Exchange server Internal Anti-virus Protection Protects against malicious threats, while enforcing content policies © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

18 Exchange 2007 Antivirus Support Native Scanning Infrastructure
4/14/2017 9:08 AM Exchange 2007 Antivirus Support Native Scanning Infrastructure Multiple third-party antivirus vendors support Exchange Server 2007 Symantec Trend Micro Kasperksy Lab GFI Software McAfee VSAPI to enable scanning messages in the store Antivirus Stamp to minimize unnecessary rescanning Scanning in the store is not recommended but is common The AV stamp goes with the message and reduces the number a times is redundantly scanned. A message’s AV stamp includes information regarding what AV engine and signature was used to scan the message. If a message has already been scanned with a particular engine and signature it will not be rescanned. © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

19 Anti-Virus For Application Servers
Internet A B C D E Exchange Server/ Windows-based SMTP Server Distributed protection Performance tuning Content filtering Central management Gartner Magic Quadrant: Security Boundary -Leader- 19 19

20 Anti-virus Approaches
Internet Potential Single Point of Failure Viruses Worms Spam ISA Server A SMTP Server A Single Vendor Single Engine A Some enterprises take a single-vendor approach to virus scanning. This means they will have one vendor scan engine throughout their entire environment – at the gateway, on their mail servers, on their desktop. This is not a best-practices approach and leads to potential vulnerabilities. If that one antivirus lab happens to miss a virus or react slowly to a new outbreak, there is no other protection in the entire enterprise. This means the virus can gain entry via the gateway, infect mailboxes via the mail server, and infect desktops via the mail client. In short order the virus can infect wide portions of the enterprise. A A Exchange Exchange SharePoint A A A

21 The Multiple Engine Advantage
Response Time (hours) Forefront Set 1 Forefront Set 2 Forefront Set 3 Vendor A Vendor B Vendor C 0406 1.5 1.0 3.1 9.9 17.4 2.1 28.1 11.6 3.5 0406 Spybot!04C2 23.0 0.0 29.9 39.0 0406 Nugache.a 34.1 12.9 48.1 0506 Numuen.F 10.3 15.0 0506 Numuen.H 103.8 251.9 114.8 0506 Numuen.G 3.2 151.8 469.0 0506 87.5 116.7 73.0 129.3 0506 12.1 1.8 22.5 32.9 0506 Rbot!E905 1,141.8 217.6 0606 Bagle.EG 7.3 0606 18.4 0606 26.5 0606 6.4 2.5 0706 503.8 0706 Feebs.EU 52.3 173.2 0706 Virut.A 1,317.0 AV lab response times were tested for 82 “In the Wild” viruses and variants that appeared from April- July 2006. Tested sets of five randomly chosen Forefront engines vs three single-engine vendors Results 26 viruses were proactively detected by all labs 39 more detected by most labs or engine sets Results for remaining 17 viruses demonstrated the following…. AV lab response times were tested for 82 “In the Wild” viruses and variants that appeared from April-July 2006. Tested sets of five randomly chosen Forefront engines vs three single-engine vendors Results 26 viruses were proactively detected by all labs 39 more detected by most labs or engine sets Results for remaining 17 viruses demonstrated the following…. > 24 hrs 4 to 24 hrs < 4 hrs 1AVTest.org, 2006 21 21

22 Harnessing the Strength of Multiple Engines
Forefront Server Security products integrate and ship with industry-leading antivirus scan engines from Each scan job in a Forefront Server Security product can run up to five engines simultaneously Internal Messaging and Collaboration Servers Forefront Server Security products combine the efficacy of a multi-layered defense with the ease of use and cost efficiencies of a single vendor solution. It does this by integrating multiple antivirus engines from top worldwide virus labs into a single product, and provides all updates from a single source. This multiple engine approach is available across all Forefront Server Security products. A B C D E

23 Exchange 2007 Enterprise Topology
4/14/2017 9:08 AM 4/14/2017 9:08 AM Exchange 2007 Enterprise Topology Enterprise network Other SMTP Servers Edge Transport Hub Transport I N T E R PBX or VoIP Routing Hygiene Routing Policy Unified Messaging Applications: OWA Voice Messaging Protocols: ActiveSync, POP, IMAP, RPC / HTTP … Mailbox Fax Programmability: Web services, Web parts Mailbox Public Folders Client Access © Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. 23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Securing Exchange Server 2007 with ISA Server 2006
4/14/2017 9:08 AM Securing Exchange Server 2007 with ISA Server 2006 Integrated Security Efficient Management Fast, Secure Access Smartcards & one-time password support NEW Web publishing load balancing NEW Single sign-on for multiple resource access NEW Customized logon forms for most devices & apps NEW Exchange & SharePoint publishing tools NEW Automatic translation of embedded internal links NEW LDAP authentication for Active Directory NEW Enhanced certificate administration NEW Authentication delegation (NTLM, Kerberos) NEW Improved idle-based time-outs for session mgmt NEW External Web Server Exchange Intranet Web Server User ISA 2006 allows for flexible pre-authentication for Exchange Server 2007 Exchange Server 2007 users get seamless, transparent experience with ISA 2006 ISA 2006 optimizes Exchange Server 2007 traffic on the network ISA 2006 ensures document and site access via Exchange Server 2007 ISA 2006 Appliance DMZ Internal Network Internet Active Directory SharePoint HEAD QUARTERS Administrator © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

25 ActiveSync, POP, IMAP, RPC / HTTP …
4/14/2017 9:08 AM Exchange 2007 Enterprise Topology Other SMTP Servers Enterprise Network Edge Transport Hub Transport PBX or VoIP Routing Policy Routing Hygiene Unified Messaging I N T E R Applications OWA Voice Messaging Protocols ActiveSync, POP, IMAP, RPC / HTTP … Emphasize how ALL flows over Hub servers, how this is different than in E2K3 and enables us to provide global mailflow controls. Mailbox Fax Programmability Web services, Web parts Mailbox Public Folders Client Access © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

26 4/14/2017 9:08 AM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.


Download ppt "Microsoft’s Security Positioning towards Service"

Similar presentations


Ads by Google