Threat Management Gateway Managing Threats in a Dynamic and Evolving Security Environment through Microsoft Forefront Ronny Bjones Security Architect EMEA Enterprise security lead January 2010

Business Ready Security Help securely enable business by managing risk and empowering people Protection Access Management Highly Secure & Interoperable Platform Identity Integrate and extend security across the enterprise Protect everywhere, access anywhere Simplify the security experience, manage compliance Block from: Enable Cost Value Siloed Seamless to:

Forefront TMG 2010 Web Client Protection Email Protection Microsoft Forefront TMG 2010 Protecting endpoints against web-based threats Web Client Protection Email Protection Network Intrusion Prevention (NIPS) Network Policy Control (Firewall) Remote Access (VPN, Secure Web Publishing) Management Comprehensive Integrated Simplified

TMG Deployment Scenarios Secure Web Gateway Authenticating proxy with security Web anti-malware and URL filtering Inspection of HTTP and HTTPS traffic

Edge Malware Protection Explained TMG Integrating Microsoft AM engine Automatic engine and signature updates Subscription based Content delivery methods by various content features Detects: Malware, Scripts, etc. Source/Destination exception Inspection options (block encrypted, nested archives, files sizes…) Logging and reporting support

URL Filtering Explained Categorization services provided by Microsoft Reputation Service (MRS) 70+ built-in categories Secured communication channel Telemetry improves results Customizable, per-rule, deny messages Local URL categorization cache End users TMG TMG admin Policy editing URL Category override URL Category query Logging and Reporting support

HTTPS Traffic Inspection Proxy certificates generation/import and customization Exclusion list; validate cert only option Logging support Deployment options (via Group Policy or via Export) HTTPS client notification (via TMG Client) Certificate validation (Revocation, Trusted, Expiration validation, ..)

TMG Deployment Scenarios Secure Web Gateway Authenticating proxy with security Web anti-malware and URL filtering Inspection of HTTP and HTTPS traffic Unified Threat Management (UTM) All-in-one solution for medium businesses and for branch offices Firewall, Proxy, VPN, IPS, Email relay in a single box

Network Inspection System (NIS) Value Proposition Closing the vulnerability window between vulnerability announcement and patch deployment Implementation Signatures distribution by Microsoft Update Concurrent with security patches or in response to a 0-Day attack Granular control over deployed signatures

8/2/2018 3:00 PM Using NIS for IPS TMG Detect and prevent known vulnerability-based attack attempts at the Edge of the network or in datacenter Same day availability of the patch and NIS signature Closes the vulnerability window which is needed for patch testing\deployment: Patches need to be tested more thoroughly User acceptance (similar to AV updates) Vulnerability found Signature authoring team © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Summary Call-to-action 8/2/2018 3:00 PM Summary Call-to-action Test and evaluate the new release! More than a next generation proxy: Fully integrated Web Protection solution Comprehensive Defense-in-Depth Scan, detect and mitigate malware threats Simplified Management Single console to manage policy across all technologies Comprehensive reporting and logging © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

question & answer

Resources www.microsoft.com/teched www.microsoft.com/learning Sessions On-Demand & Community www.microsoft.com/learning Microsoft Certification & Training Resources http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers

The Road Ahead CY 2009 CY 2010 CY 2010 Currently Shipping H2 H1 H2 Management Management Consoles Protection & Access Platform DirectAccess Subject to Change

© 2009 Microsoft Corporation. All rights reserved © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.