Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gary Verster Microsoft Corporation

Similar presentations

Presentation on theme: "Gary Verster Microsoft Corporation"— Presentation transcript:

1 Gary Verster Microsoft Corporation

2 The Security Environment Tenets of Microsoft Security Product Line Microsoft Forefront Microsoft Forefront Client Security Three Dimensions to Securing Clients

3 More advanced More frequent Profit motivated Application-oriented Too many point products Poor interoperability Lack of integration Multiple consoles Uncoordinated event reporting & analysis Cost and complexity

4 Protect Information and Control Access at Operating system Server applications Network “edge” ContentHeterogeneity Third-party products Secure custom apps 24/7 security research and response Unified view and analytics Reduced number of management consoles Simplified deployment Appliances and appliance- like experience Technical and industry guidance Simplified licensing Cross-product integration MSFT security products MSFT server applications Integration with Microsoft IT infrastructure Active Directory®, SQL Server™, Operations Manager, etc. Integration with ecosystem partners and custom apps

5 A comprehensive line of business security products that helps you gain greater protection through deep integration and simplified management

6 Guidance Developer Tools Systems Management Active Directory Federation Services (ADFS) Identity Management Services Information Protection Encrypting File System (EFS) BitLocker™ Network Access Protection (NAP) Client and Server OS Server Applications Edge

7 Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware Real-time antispyware Central reporting and alerting Customization Microsoft Forefront Client Security MSRT Windows Defender Windows Live OneCare Safety Scanner Windows Live OneCare IT Infrastructure Integration FOR INDIVIDUAL USERS FOR BUSINESSES

8 One solution for spyware and virus protection State Assessment Built on protection technology used by millions worldwide Effective threat response One console for simplified security administration Define one policy to manage client protection agent settings Integrates with your existing infrastructure One dashboard for visibility into threats and vulnerabilities View insightful reports Stay informed with state assessment scans and security alerts Unified malware protection for business desktops, laptops and server operating systems that is easy to manage and control


10 One engine for virus and spyware protection Used in Windows ® Defender, OneCare, Forefront Server Security, etc. Compatible with NAP through Windows Security Center Engine detection and removal capabilities include: Real-time, scheduled or on-demand detection & removal Real-time detection uses Windows Filter Manager technology Checks to ensure system is fully functional after cleaning Scanning dozens of archives and packers Scans for rootkits Behavior analysis and polymorphic viruses Heuristic detections for new malware and variants

11 Tight integration with MSRC and other support processes Dedicated team with automated analysis and testing Multiple data sources enabling advanced threat telemetry Deliver malware definition updates for: Forefront Client Security, Forefront Server Security Windows Live OneCare, Windows Defender Develop core anti-malware engine in Forefront and OneCare Develop Windows Malicious Software Removal Tool

12 Define security steady state Specify the ongoing security behavior of my clients Keep systems up-to-date Ensure that clients have the latest signatures View reports Determine the security state, now and over time Respond to alerts What critical security events require my attention?

13 One console for simplified security administration One policy to manage client protection agent settings, e.g.: Choice of 3 integrated policy profile deployment methods: Microsoft Forefront Client Security Console (uses AD/GP) ADM file (uses AD/GP) Export to a file then use existing software distribution system Anti-spyware unknown action Alert level Event and logging settings SpyNet reporting on/off Level of end-user UI shown Scan schedule Real time protection on/off Signature update frequency Anti-spyware signature overrides Security state assessment settings

14 *Agents deployed via existing software distribution system Client Security Console GPMC Existing SW Dist System Infrastructure used Targeting granularity Policy distribution via Policy exceptions Policy compliance report AD/GP SW dist system OU-levelSingle machine Security Groups Unlimited YesNo Console GPMC, using ADM file Exported files

15 Signature deployment optimized for Windows Server Update Services (WSUS) Can use any software distribution system Auto and manual approval of definitions Client Security installs an Update Assistant service to: Increase sync frequency between WSUS and Microsoft Update (MU) for definitions Support for roaming users Failover from WSUS to Microsoft Update Malware Research Microsoft Update WSUS + Update Assistant Sync Sync ® Desktops, Laptops and Servers Failover

16 One dashboard for visibility into threats and vulnerabilities View insightful reports Stay informed with state assessment scans and security alerts

17 Enables focus on threats and possible vulnerabilities State assessment scans determine which machines: Need to be patched Are configured insecurely Report categories include: Built on MOM 2005 technology Uses SQL ™ Reporting Services Malware Threat(s) Vulnerability Summary Scan Results Historical Information Summary Report DeploymentAlertsComputers


19 “Has my level of vulnerability exposure changed over time?”

20 Alert configuration is policy specific Alerts notify admin of high-value incidents, including: Alert levels control type & volume of alerts generated OutbreakMalware removal failed Signature update failed Malware detected and removed Signature update failed (per min) Rich Data, High Value Assets Critical Issues Only, Low Value Assets Malware detected Malware failed to remove Malware outbreak Malware protection disabled

21 Public beta available now! –Download at –Community-based support at Release To Manufacture planned for Q2 CY2007 Will be available through Microsoft’s volume licensing programs

22 User Account Control IE7 with Protected Mode Randomize Address Space Layout Advanced Desktop Firewall Kernel Patch Protection (64bit) Unified Virus & Spyware Protection Central Management Reporting, Alerting and State Assessment Infrastructure Software Integration Policy Based Network Segmentation Restrict-To-Trusted Net Communications Server and Domain Isolation (SD&I) Combined Solution Windows Vista™ Forefront™ Client Security

23 Unified Virus & Spyware Protection Simplified Administration Critical Visibility & Control An integral part of Microsoft Forefront™ Better together with Windows Vista™ and S&DI Download now!


25 Thank you to our Partners for their support of TechDays 2007

Download ppt "Gary Verster Microsoft Corporation"

Similar presentations

Ads by Google