Secure Messaging Nick Hall & James Clifford Microsoft
Our Story Begins….. Once upon a time there was a man name Bill Z…..
The Company 1000 Users 3 Locations 8Mb Internet Pipe from HQ, 2 Smaller Branches Windows 2003 Infrastructure Exchange 2003 LCS 2005 SharePoint 2003 Mainly Web based activity for Sales
Setup of IT Infrastructure - HQ Live Communications Server SharePoint Server Exchange & BES Servers Cisco Firewall SendMail VirusesWorms IM and Documents
Branch Offices Connection via WAN Link Exchange Server in each Branch BES Server Locally Unmanaged Clients
Users LaptopsBlackberries Tablet PC’s Desktops Internet Access (including Office Communicator) OWA
Threats / Issues Viruses & Worms Spam Performance of Internet Connection Management of Products Branches Machines Expensive WAN links
Viruses & Worms Receiving viruses but cannot review them Recently got hit by a virus through IM AV updates once a day
Spam Marketing teams being targeted Sales guys having problem IT guys get some but just delete Used to be 3 or 4 a day, now 12 to 20 a day Getting charged for Spam being sent to the Blackberries
Performance of Internet Connection Users say times to access common everyday websites is getting slower s taking a long time to be delivered Cannot increase the size of the pipe to the internet as have no money in networking budget
Management of Products Have too many products to manage, can’t do from one console. Complicates the update process of the scan engines
Branches Machines Poor WAN links, no local WSUS or SUS servers so updated manually AV updates not happening because taking too long to download across the links Slow performance for users
Expensive WAN Links Have old slow links which are expensive Have no money in networking budget to increase bandwidth
So What Can Microsoft Do ? Exchange Hosted Services (EHS) ISA Server Antigen
Exchange Hosted Services Internet Continuity Filtering Encryption Mail Flow Archiving Firewall End Users Server No onsite IT management Fastest response to threats Centralized control SMTP platform-agnostic
Remember…
caching Content filtering applicatio n publishing advanced application layer firewall caching content filtering application publishing advanced application layer firewall / vpn ISA Server
Antigen Solutions Live Communications Server SharePoint Server Exchange Servers ISA Server Windows SMTP Server VirusesWorms IM and Documents Antigen Antigen Antigen Antigen Antigen
Defence In Depth Multiple Scan Engines (up to 9) Multiple Scan Engines (up to 9) Eliminates single point of failure Eliminates single point of failure Reduces the window of opportunity Reduces the window of opportunity Scan Engine 1 Scan Engine 4 Scan Engine 2 Scan Engine 3 Quarantine
Remember…
Microsoft Proposed Setup Live Communications Server SharePoint Server Exchange & BES Servers ISA Server Exchange Front End Servers IM and Documents Antigen Antigen Antigen Antigen Exchange Hosted Services EHS
So What Did EHS Do ? Reduced viruses in environment by scanning “In The Cloud” Reduced Spam to almost zero Increased bandwidth on internet pipe Increased productivity of users Visibility of whose receiving what, when and how often
So What Did ISA Do ? Reduced number of potential viruses by implementing packet filtering at the gateway Secured Exchange by publishing OWA Implemented VPN’s from Main to Branch offices Implement BITS caching for software updates to Branch offices Internet experience improved through caching of websites Quarantine machines to a separate webserver for updates
So What Did Antigen Do ? Protected the LCS, Exchange and SharePoint products from viruses Consolidation of AV products and managed centrally Increased the number of scan engines used and therefore protection levels Produced reports on entire LCS, Exchange & SharePoint threats and mailed to management everyday Improved performance of all the servers due to the In Memory Scanning
Defense in Depth
Technical Summary Mail flow Firewall Internet Exchange Client MCP EHSISA
Important Dates Q1 06 Antigen V 9.0 for Exchange/SMTP & AEM – Beta Q2 06 EHS Launched Antigen V 9.0 for Exchange/SMTP & AEM Antigen for E12 – Beta Q3 06 Antigen V 9.0 for IM/SharePoint ISA 2006 Q4 06 Antigen for E12
Summary EHS can remove the majority of the threats in the cloud ISA can secure OWA with one domain login Antigen In-Memory Scanning can improve the performance & give defence in depth in one solution
Resources
© 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.