Download presentation
Presentation is loading. Please wait.
1
Threat Management Gateway
Managing Threats in a Dynamic and Evolving Security Environment through Microsoft Forefront Ronny Bjones Security Architect EMEA Enterprise security lead January 2010
2
Business Ready Security Help securely enable business by managing risk and empowering people
Protection Access Management Highly Secure & Interoperable Platform Identity Integrate and extend security across the enterprise Protect everywhere, access anywhere Simplify the security experience, manage compliance Block from: Enable Cost Value Siloed Seamless to:
3
Forefront TMG 2010 Web Client Protection Email Protection
Microsoft Forefront TMG 2010 Protecting endpoints against web-based threats Web Client Protection Protection Network Intrusion Prevention (NIPS) Network Policy Control (Firewall) Remote Access (VPN, Secure Web Publishing) Management Comprehensive Integrated Simplified
4
TMG Deployment Scenarios
Secure Web Gateway Authenticating proxy with security Web anti-malware and URL filtering Inspection of HTTP and HTTPS traffic
5
Edge Malware Protection Explained
TMG Integrating Microsoft AM engine Automatic engine and signature updates Subscription based Content delivery methods by various content features Detects: Malware, Scripts, etc. Source/Destination exception Inspection options (block encrypted, nested archives, files sizes…) Logging and reporting support
7
URL Filtering Explained
Categorization services provided by Microsoft Reputation Service (MRS) 70+ built-in categories Secured communication channel Telemetry improves results Customizable, per-rule, deny messages Local URL categorization cache End users TMG TMG admin Policy editing URL Category override URL Category query Logging and Reporting support
10
HTTPS Traffic Inspection
Proxy certificates generation/import and customization Exclusion list; validate cert only option Logging support Deployment options (via Group Policy or via Export) HTTPS client notification (via TMG Client) Certificate validation (Revocation, Trusted, Expiration validation, ..)
11
TMG Deployment Scenarios
Secure Web Gateway Authenticating proxy with security Web anti-malware and URL filtering Inspection of HTTP and HTTPS traffic Unified Threat Management (UTM) All-in-one solution for medium businesses and for branch offices Firewall, Proxy, VPN, IPS, relay in a single box
12
Network Inspection System (NIS)
Value Proposition Closing the vulnerability window between vulnerability announcement and patch deployment Implementation Signatures distribution by Microsoft Update Concurrent with security patches or in response to a 0-Day attack Granular control over deployed signatures
13
8/2/2018 3:00 PM Using NIS for IPS TMG Detect and prevent known vulnerability-based attack attempts at the Edge of the network or in datacenter Same day availability of the patch and NIS signature Closes the vulnerability window which is needed for patch testing\deployment: Patches need to be tested more thoroughly User acceptance (similar to AV updates) Vulnerability found Signature authoring team © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
14
Summary Call-to-action
8/2/2018 3:00 PM Summary Call-to-action Test and evaluate the new release! More than a next generation proxy: Fully integrated Web Protection solution Comprehensive Defense-in-Depth Scan, detect and mitigate malware threats Simplified Management Single console to manage policy across all technologies Comprehensive reporting and logging © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
15
question & answer
16
Resources www.microsoft.com/teched www.microsoft.com/learning
Sessions On-Demand & Community Microsoft Certification & Training Resources Resources for IT Professionals Resources for Developers
17
The Road Ahead CY 2009 CY 2010 CY 2010 Currently Shipping H2 H1 H2
Management Management Consoles Protection & Access Platform DirectAccess Subject to Change
18
© 2009 Microsoft Corporation. All rights reserved
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Similar presentations
