Uri Lichtenfeld Security Specialist Certified Security Solutions – Microsoft Partner SESSION CODE: SIA312

Across on-premises & cloud Integrate and extend security across the enterprise Block from: Enable CostValue SiloedSeamless to: Simplify the security experience, manage compliance Protect everywhere, access anywhere Highly Secure & Interoperable Platform

Information Protection Identity and Access Management Secure Messaging Secure Endpoint Secure Collaboration

PROTECT everywhere ACCESS anywhere SIMPLIFY security, MANAGE compliance Enable more secure business collaboration from virtually anywhere and across devices, while preventing unauthorized use of confidential information INTEGRATE and EXTEND security Secure, seamless access Secure, seamless access Protect sensitive information in documents Protect sensitive information in documents Best-in-class anti-malware Best-in-class anti-malware Enterprise-wide visibility Enterprise-wide visibility Easier partner management Easier partner management Deep Microsoft SharePoint and Office integration Deep Microsoft SharePoint and Office integration Standards-based interoperability across organizations and cloud Standards-based interoperability across organizations and cloud

Active Directory Rights Management Services (AD RMS) template is built in with SharePoint. Windows SharePoint with AD RMS can be used to convert the stored file to an encrypted format each time a user downloads the file.

Automatic Engine Updates Single Engine Multiple Engines 38 times faster response Eliminates single point of failure “ “

SharePoint Server Farm Exchange 2010 AD DS AD FS Business Partners AD DS AD FS AD RMS Federation Trust Application Access Redirect to Security Token Service (STS) Authentication Token and claims Post claims Trey Research Account Forest Woodgrove Bank Resource Forest User Account/Credentials Security Token Shared identity with partner organizations and cloud services Boost cross-organizational efficiency and communication with more secure access − Support the sharing of rights-protected messages between organizations − Improved support for Microsoft SharePoint Server as a claims-aware application

Integrated SSL VPN capabilities Simplified remote access by non-Windows, down-level, or non-trusted endpoints DirectAccess in Windows Server 2008 R2, along with Unified Access Gateway, enables secure, seamless, always-on access to messaging and applications from Windows 7 clients.

Single point of entry to shared and published applications Can locate applications without tracking site addresses Offers same user experience for remote users Supports strong two-factor authentication, which can help organizations to keep their shared information safe Remote user can have access to corporate applications and shared folders without direct access to internal resources. Business partner has limited access to corporate network; Unified Access Gateway allows access only to those applications for which users have permissions.

Identity-centered, policy-based granular access and security for shared resources on collaborative portals Policy definitions to help provide controlled access to application areas and operations Can allow or block application functions, including: – Document download/upload – Document check out/check in – Edit document/properties – Delete

Simplified Management Step 1: Choose the type of application you wish to publish. Step 2: Provide the internal name of the SharePoint Server. Provide the external name. Step 3: Configure the same external name on your SharePoint Server. AllDone! Simplifies deployment and ongoing tasks through wizards and built-in policies. Simplified user experience - reducing support costs Consolidates remote access infrastructure

ZoneInternal URLPublic URL for Zone Defaulthttp://hrportal Internethttp://hrportal.woodgrovebank.comhttps://hrportal.woodgrovebank.com Internethttps://hrportal.woodgrovebank.com ZoneInternal URLPublic URL for Zone Defaulthttp://hrportal Internethttps://hrportal.woodgrovebank.com

Overlay granular access control to specific sites and/or features within sites Built-in endpoint security policies (integrated with NAP) Expanded authentication and authorization capabilities Session clean-up and information leakage prevention Integrated network security Integrated Security

Publish all Exchange mail services as a single UAG application: Easier publishing experience Symmetrical topology for all front-end mail services Publish each Exchange service as a separate application: Greater back-end topology Anywhere Access... And simple, secure access optimized for Exchange

Access multiple sites and libraries Browse a site and view list & libraries easily Access your documents offline

Anywhere Access Forefront UAG: A key enabler of DirectAccess Always On Manage Out Access Policies Protected Transactions UAG extends the benefits of Windows DirectAccess across your infrastructure, enhancing scalability and simplifying deployments and ongoing management

SSL-VPN + Always On IPv6 IPv4 UAG and DirectAccess better together: Extends access to line of business servers with IPv4 support Access for down level and non Windows clients Enhances scalability and management Simplifies deployment and administration Hardened Edge Solution

SSL-VPN + Always On IPv6 IPv4 IPv6 or IPv4 IPv6 or IPv4 UAG and DirectAccess better together: Extends access to line of business servers with IPv4 support Access for down level and non Windows clients Enhances scalability and management Simplifies deployment and administration Hardened Edge Solution

APPLICATION PUBLISHING Granular Application Filtering Session cleanup and removal End point health detection INTEGRATION Integrated with NAP policies Remote Desktop and RemoteApp integration Extends and simplifies DirectAccess deployments SCALE AND MANAGEMENT From IAG to UAG Built in load balancing Array management capabilities Enhanced monitoring and management (SCOM) IAGUAG New New New New New New Improved Improved

23 UAG Form Factors

How to Buy

Enterprise policy enforcement to protect from unauthorized access Enhanced security with reduced risk of information leaks through persistent data protection Streamlined adoption and deployment with out-of-the-box integration with collaboration workflow, the Microsoft Office system, and Active Directory Prevents information leakage from within the documents while moving to the external user Enterprise policy enforcement for external partners and vendors to protect from unauthorized access Dashboard and risk-centered prioritized view throughout the enterprise Centralized reporting and alerting with Unified Access Gateway management console Access to SharePoint sites and ability to edit documents from virtually anywhere: managed laptops, home computers, kiosks, and mobile devices Includes multiple scanning engines from industry-leading security partners integrated in a single solution to help businesses protect against single point of failure Content filters to help keep users from posting or retrieving ethically questionable material and confidential company information Configurable file-filtering rules to help block file types known for carrying viruses or opening organizations to legal exposure

Learn more about our solutions: Try our products:

Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31 st You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year