Presentation is loading. Please wait.

Presentation is loading. Please wait.

Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software.

Published bySilas Cooper Modified over 10 years ago

Similar presentations

Presentation on theme: "Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software."— Presentation transcript:

1

2

3 Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software + Services Solution Summary Q&A

4 Business Ready Security Help securely enable business by managing risk and empowering people Highly Secure & Interoperable Platform Block from: Enable CostValue SiloedSeamless to:

5 “Stirling “Central Management Server Code Name "Stirling" Network Edge Server Applications Client & Server OS An integrated security s uite that delivers comprehensive protection across clients, servers, and the edge that is easy to manage and control. Third-Party Partner Solutions Other Microsoft Solutions Active Directory Network Access Protection Comprehensive Protection Simplified Management Critical Visibility

6 An easy to manage premium Antimalware and Antispam solution for Microsoft Exchange servers Comprehensive Protection Multi-Layer Antispam Multi engine Antimalware File and Keyword filtering Supports Exchange 2007 and Exchange 2010 Forefront Security for Exchange FSE At a Glance

7 Antispam Landscape Forefront Online Security for Exchange filtered 97.3% of all email it received (H2 2008) 90% of bounce messages generated during December 2008 were the result of backscatter Microsoft Security Intelligence Report http://www.microsoft.com/security/portal/sir.aspx http://www.microsoft.com/security/portal/sir.aspx

8 Verified Effectiveness West Coast Labs Industry recognized spam testing facility Premium Antispam certification Requires 97% catch rate Forefront Security for Exchange Beta 2 Test Results 99% spam catch rate False positive rate of 0.0005%

9 Spam Edge Exchange Edge Internal Network Exchange Hub Exchange Mailbox Exchange CAS FSE Antispam Deployment User

10 Exchange Integration Forefront is built on the top of Exchange’s publically documented Transport APIs Forefront premium antispam agents can be deployed separately or in conjunction with basic Exchange agents (excluding Content Filter) Forefront architecture is highly adaptive, extensible, and engine independent. Pickup Directory Categorizer Recipient API Delivery Queue SMTP Send SMTP AD Forefront Antispam Transport Agent/Message API Ex Submit (MAPI -> SMTP) Exchange Biz Logic SMTP Receive Agent Run Time Engine (MEx) Submission Queue

11 IP Source SMTP / Envelope Content Outlook client integration FSE Antispam Protection Areas of analysis

12 IP Allow / Deny Lists DNSBL Microsoft Hosted – No additional cost Aggregates multiple RBL feeds FSE Antispam Protection IP Source Related

13 FSE and DNSBL How it works FSE-protected Exchange server FOSE DNSBL Servers Connecting Client 2.Forefront DNSBL agent constructs and sends a specially formatted DNS query to the Microsoft hosted DNSBL server 3.Microsoft hosted DNSBL server validates and responds to the query INTERNET 1. Forefront DNSBL agent is triggered by connection request from the Internet Response Match returns 127.0.0.x code (drop) No match returns NXDOMAIN (accept) Microsoft hosted DNSBL is totally transparent There is nothing additional to purchase or configure

14 Per Organization Backscatter Protection SenderID Verification Global Sender Filtering Global Recipient Filtering Global Exclusion List Per Recipient Safe / Blocked Senders Safe / Blocked Recipients FSE Antispam Protection SMTP Envelope / Data Related

15 FSE SenderID Filtering How it works FSE-protected Exchange server Mail Domains DNS Servers Connecting Client 2.Forefront SenderID agent queries the sending mail domain’s DNS server 3.Mail senders’s DNS responds to the query INTERNET 1. Forefront agent is triggered by connection request from the Internet Support for current and legacy representation of DNS entries SPF 1.0 and SPF 2.0 DNS record types TXT and SPF (type 99)x 4.Forefront SenderID agent verifies IP of connecting client is authorized to send mail for the domain

16 New content filtering agent Integration of Cloudmark Authority ® technology Carrier grade performance, accuracy and protection Configurable ranges for certain vs. suspect spam allowing for deletion or quarantine of gray-mail Forefront Keyword Filtering Forefront True File Type Filtering FSE Antispam Protection Content Related

17 Spam Legit. FSE-protected Exchange recipient Fingerprint Cache Reject Cloudmark® Content Fingerprinting Message preprocessing occurs to normalize content Relevant parts of the message are analyzed Message components reduced to a short set of anonymous fingerprints Fingerprints compared to local cache of known bad fingerprints Match :message is identified as abuse No match: Heuristics are applied No match & No heuristics: message is identified as legitimate

18 Content Filter Spam Confidence Level All “good” e-mail gets assigned an SCL of -1 Forefront will reassign an SCL of -1 to all mail determined to be in the range of 0 – 4 by the content analyzer. Prevents re-evaluation by Outlook E-mail within 5 to 9 is subject to the following actions: Reject Delete Stamp and Continue Quarantine SCL Value SCL Definition Messages coming from trusted source 0 Message categorized as not spam 1 – 4 The likelihood of messages being spam is extremely low to low 5 - 9 The likelihood of messages being spam is high to extremely high

19 No more junk mail… almost Mail determined to be clean is delivered directly to the user’s inbox User’s custom settings are evaluated on the server FSE Antispam Protection Outlook Client Related

20 Forefront Security for Exchange Antispam John Gargiulo Sr. Program Manager Lead Microsoft

21 ContentRelatedOutlook Connection Related SMTP Related FSE Antispam Message Flow Summary No IP Allow IP Block DNSBL Yes Safelisted Mail Guaranteed to Inbox Immediate Delivery Rich rendering SPAM and Bcon Reduced Delivery Rates Moved to JEF Mail not Richly Rendered AS Processed Mail Guaranteed to Inbox Delivery after AS filtering Conditional Rendering Message Flow Global Lists Backscatter Per-recipient Lists SenderID Yes No Yes Content Analysis Quarantine Keyword File Filtering Valid Safe IP Maybe Junk Mail Folder Conditional Rendering End User List Management Reject Quarantine Filter Bypass

22 Terry Zink Program Manager Microsoft

23 FOSE Overview Real-time threat prevention Layered anti-spam and antivirus Customized policy enforcement Microsoft Forefront Online Security for Exchange Key Highlights 100% virus detection 98% spam detection 1:250,000 false positives 99.999% network uptime Rapid email delivery (< 1 minute)

24 FOSE Architecture Overview INTERNET FOSE Online Service Customer Mail server Spam quarantine Internet Cloud

25 Ireland Netherlands Singapore Texas Virginia Washington California FOSE Global Network Infrastructure Network infrastructure that delivers reliability and scalability Hosted services provisioned across a global network infrastructure Fully redundant, load-balanced architecture Scalability to handle all message volume variations

26 FOSE Antispam Improvements Extended Reputation Lists IP reputation lists URL reputation lists Backscatter Spam Mitigation Outbound Spam Mitigation

27 Enhanced Reputation Lists URIBL.com Spam Rules Database Spam Filter BadURLsBadURLs Internet Service Providers Non-PermittedIPsNon-PermittedIPs Clean-upProcess

28 Enhanced Reputation Lists URIBL.com Spam Rules Database Spam Filter BadURLsBadURLs Internet Service Providers Non-PermittedIPsNon-PermittedIPs Clean-upProcess

29 ‘Backscatter spam’ gums up many e-mail inboxes Dubbed backscatter spam, this latest fad is clogging email accounts and slowing victims’ inboxes to a crawl. Up to 3% of all email today is backscatter… http://www.usatoday.com/tech/news/2008-10-20-backspatter-spam_N.htm 90% of FOSE bounce messages are backscatter 6 million / day Number 2 customer complaint Backscatter The Problem

30 FOSE Backscatter Protection How it works – Valid NDR 2.The FOSE Server inserts custom tokens 3.Receiver cannot deliver, must send bounce message INTERNET 1.Outbound customers sends email through FOSE 5.Tokens exist, deliver NDR to user 4.FOSE Inbound Server looks for tokens Valid User (you@example.com) FOSEReceiving Mail Server

31 2.Receiver cannot deliver, must send bounce message 3. FOSE Inbound Server looks for tokens INTERNET 1.Spammer generates an email with a forged MAIL FROM address and sends to receiving email server 4.No tokens exist! Message is backscatter spam! FOSE Backscatter Protection How it works – Backscatter NDR FOSE Receiving Mail Server Spammer Valid User (you@example.com)

32 Outbound Spam Mitigation Customer 1 FOSE Spam Filter Customer 2 Customer 3 FOSE Regular Outbound FOSE NDR Pool

33 Outbound Spam Monitoring Customer 1 FOSE Spam Filter Customer 3 spamloop@... Statistics SEWR Report Spam! StatisticalAnalysis Spam! Alert! Spam!

34 Bringing together on-premise and hosted protection

35 Managed from on-premise systems Forefront Code Name Stirling console FSE Stand alone UI Synchronizes on-premise data with FOSE Active Directory information FSE Antispam policy Collects data from FOSE to on-premise systems Quarantine information Statistics FOSE Gateway The bridge between on-premisee and the cloud

36 FOSE Gateway – Policy Management How it works INTERNET Forefront Stirling Console Forefront Edge Server FOSE Gateway FOSE Backend 1.Antispam policy defined on Stirling Console 2.Policy assigned to asset group and pushed out to Edge Server and FOSE Gateway 3.FOSE Gateway pushes policy to FOSE Backend via web service call 4.Antispam policy put into effect on FOSE Backend

37 FOSE Gateway – Data Collection How it works INTERNET Forefront Code Name Stirling Console FOSE Gateway FOSE Backend 1.FOSE Server makes scheduled web service calls to FOSE Backend to collect quarantine and statistics information 2.FOSE Gateway sends data to the Stirling Server for centralized storage 3.FOSE information available to administrator alongside on-premise data via the Stirling Console

38 Forefront provides a premium antispam solution for on- premise, hosted, and hybrid environments Simplified management experience across on-premise and hosted environments from a single console Innovative, leading technology to combat spam and keep it out of your inbox Microsoft is committed to helping you fight and win the war on spam Summary

39 Maintain the good reputation of your mail domain, reduce spam and improve mail delivery by deploying Forefront Antispam technologies Call To Action

40

41 Required Slide A slide outlining the 2009 evaluation process and prizes will be provided closer to the event.

42 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Required Slide

Download ppt "Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software."

Similar presentations

1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.

Identity & Security. Today's IT Security challenges Rising Internal Attacks 75% of companies report insiders responsible for breaches Growing headcount.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro

Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro
 Humberto Lezama Program Manager Microsoft Corporation  Ben Riga Sr. Evangelism Manager Microsoft Corporation BB08.

 Humberto Lezama Program Manager Microsoft Corporation  Ben Riga Sr. Evangelism Manager Microsoft Corporation BB08.
Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.

Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Tech·Ed North America /19/2017 7:21 AM

Tech·Ed North America /19/2017 7:21 AM
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
SIM334. Internet Comprehensive Protection Multi-Engine Antivirus and Multi layered continuously evolving Anti-spam In the Leader’s quadrant in the.

SIM334. Internet Comprehensive Protection Multi-Engine Antivirus and Multi layered continuously evolving Anti-spam In the Leader’s quadrant in the.
Understanding Active Directory

Understanding Active Directory
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
Forefront Security Exchange. Problem Meddelande system och sammarbetsprodukter är underbarar mål för elak kod och “distrubition” av äkta dynga… Viruses.

Forefront Security Exchange. Problem Meddelande system och sammarbetsprodukter är underbarar mål för elak kod och “distrubition” av äkta dynga… Viruses.

Similar presentations

Ads by Google