Presentation is loading. Please wait.

Presentation is loading. Please wait.

Adwait Joshi Randy Treit Sr. Product ManagerSr. Program Manager SESSION CODE: SIA 320.

Published byAlan Wells Modified over 8 years ago

Similar presentations

Presentation on theme: "Adwait Joshi Randy Treit Sr. Product ManagerSr. Program Manager SESSION CODE: SIA 320."— Presentation transcript:

1 Adwait Joshi Randy Treit Sr. Product ManagerSr. Program Manager SESSION CODE: SIA 320

2

3 Reduce security management costs Protect sensitive data on endpoints Enable secure access to resources from anywhere Multiple vendors and complex management Easily accessible sensitive data on multiple devices Financially motivated evolving threats Wide range of users and devices Protect endpoints from advanced threats

4 National Interest Personal Gain Personal Fame Curiosity AmateurExpertSpecialist Largest area by volume Largest area by $ lost $ lost Script-Kiddy Largest segment by $ spent on defense Fastestgrowingsegment Author Vandal Thief Spy Trespasser Crime On The Rise Financial Motivation Source: Microsoft Security Intelligence Report Wide variety of malware Trends in the last year Phishing Sites Targeting social networking and financial sites Hardware O/S Drivers Applications GUI User Physical Examples Web based exploits Phishing/Social engineering Spyware Rootkits Application attacks Attacks Getting More Sophisticated Traditional defenses are inadequate

5 Across on-premises & cloud Integrate and extend security across the enterprise Block from: Enable CostValue SiloedSeamless to: Simplify the security experience, manage compliance Protect everywhere, access anywhere Highly Secure & Interoperable Platform

6 PROTECT everywhere ACCESS anywhere SIMPLIFY security, MANAGE compliance Protect endpoints from emerging threats and information loss, while enabling more secure access from virtually anywhere INTEGRATE and EXTEND security Provides unified administration for desktop management and protection Increases visibility of potentially vulnerable desktops Uses existing System Center Configuration Manager infrastructure Builds on and extends Windows security Enables multi-layered antimalware protection Protects critical data wherever it resides Provides more secure always-on access

7 Information Protection Active Directory Rights Management Services (RMS) Encrypting File System (EFS) BitLocker & BitLocker to go Device Control Secure Access DirectAccess Unified Access Gateway 2010 Network Access Protection (NAP) IPv6IPsec MalwareProtectionMalwareProtection Protection from web based threats at the edge Forefront Threat Management Gateway 2010 Forefront Threat Management Gateway 2010 Advanced anti-malware on the desktop Forefront Endpoint Protection 2010 Desktop Firewall Application Control (AppLocker) DIRECT ACCESS

8

9 Enables employees to safely use the Internet without worrying about malware and other threats. Comprehensive Web Security Includes and improves proven network protection technologies of ISA 2006 Next Generation of ISA Server

10 Download scanning of files Integrated Microsoft AV/AM engine Inspection settings per rule Malware inspection URL filtering HTTPS inspection URL category sets and exclusions Integrated with forward proxy URL filtering, malware scanning and IPS protection Firewall Client notification to end users Protection against vulnerability exploits Protocol analysis Network Inspection System

11 Machines without host antivirus (AV) Host AV not up to date Centralized monitoring Content policy enforcement

12 Proxy Engine Malware Inspection Filter 1 3 4 6 7 25

13

14 ClassifyEvaluateEnforceReport

15 End users TMG admin

16 Bright Cloud iFilter Marshal 8e6

17

18 What lies within this encrypted tunnel?

19

20

21 21 Vulnerability found Signature authoring team

22 Design Time CompilerCompiler Run Time Protocol Parsers SignaturesSignatures NIS Engine Microsoft Update Telemetry & Portal Telemetry

23

24

25 Proven Microsoft Antimalware Engine Zero Day Protection Through: Behavior Monitoring Emulation Heuristics & Generics Antimalware/Rootkit Protection Windows Firewall Management Performance-Oriented Defaults Template-driven policy creation based on risk Workload-specific policies for servers Proven Microsoft Antimalware Engine Zero Day Protection Through: Behavior Monitoring Emulation Heuristics & Generics Antimalware/Rootkit Protection Windows Firewall Management Performance-Oriented Defaults Template-driven policy creation based on risk Workload-specific policies for servers HELP PROTECT everywhere INTEGRATE and EXTEND security Built on System Center Configuration Manager 2007 R2 Enterprise Deployment Upgrade from FCS v1 Detection & removal of existing endpoint protection solutions Large-scale client roll-out through Configuration Manager Extended Topologies Non-domain-joined PCs Branch office topologies Standalone (‘unmanaged’) Built on System Center Configuration Manager 2007 R2 Enterprise Deployment Upgrade from FCS v1 Detection & removal of existing endpoint protection solutions Large-scale client roll-out through Configuration Manager Extended Topologies Non-domain-joined PCs Branch office topologies Standalone (‘unmanaged’) Converged System Management Simple Centralized Policy Critical Level Alerting Security admin-oriented Reporting Desired Configuration Manager (DCM)-based Vulnerability Assessments Converged System Management Simple Centralized Policy Critical Level Alerting Security admin-oriented Reporting Desired Configuration Manager (DCM)-based Vulnerability Assessments SIMPLIFY security MANAGEMENT experience Forefront Endpoint Protection 2010 provides enhanced endpoint protection and simplified management while greatly reducing infrastructure costs

26

27

28 DFSP AR DSS BHO BM kBTR NIS SM DS ORP RIM KSL DCFG MOAC FFR RTP

29 Firewall & Configuration Management Anti-rootkit Generics and Heuristics Real-time Protection Behavior Monitoring Dynamic Signature Service Malware Response Browser Protection PREVIEW

30 Signatures Samples Microsoft Confidential Endpoint MMPC 1.Known malware: blocked. Some new malware: blocked by generics. 2. Remaining new malware: samples sent to MMPC for analysis. New signatures delivered to customers. GOAL: Continue to provide high- quality protection & Cover more attack vectors. GOAL: Shrink customer “window of vulnerability” by discovering new threats and delivering signatures faster Real-time Protection Generics and Heuristic Behavior Browser Protection Anti-rootkit Behavior MonitoringDynamic Signature Service Malware Response Before malware runs After malware runs

31 Client Researchers SpyNet / MRS Real-Time Signature Delivery Behavior Classifiers Properties / Behavior Sample Req Sample Submit Real-time Signature Reputation

32

33

34

35

36 Configuration Manager Reporting Configuration Manager Console Configuration Manager Agent FEP Reports Forefront Endpoint Protection 2010 WMI Configuration Manager DB Configuration Manager DB FEP Reporting DB Configuration Manager Server DCM Configuration Manager FEP FEP UI Managed Computer Registry Event log Configuration Manager Software Distribution

37

38

39

40 Learn more & try our solutions at: www.microsoft.com/forefront

41 SIA320 |Business Ready Security: Protecting Endpoints from Advanced Threats with Microsoft's Secure Endpoint Solution SIA301 |Secure Endpoint: DirectAccess and Microsoft Forefront Unified Access Gateway 2010, the Complete Remote Access Solution SIA308 | Secure Endpoint: Advanced Protection from Dynamic Threats, a Microsoft Forefront Threat Management Gateway 2010 Deep Dive SIA309 |Secure Endpoint: What’s in Microsoft Forefront Endpoint Protection 2010 - A Deep Dive into the Features and Protection Technologies SIA325 | Secure Endpoint: Virtualizing Microsoft Forefront Threat Management Gateway (TMG) SIA02-INT | Secure Endpoint: Planning DirectAccess Deployment with Microsoft Forefront Unified Access Gateway SIA07-INT | Secure Endpoint: Architecting Forefront Endpoint Protection 2010 on Microsoft System Center Configuration Manager SIA05-HOL | Microsoft Forefront Threat Management Gateway Overview SIA09-HOL | Secure Endpoint Solution: Business Ready Security with Microsoft Forefront and Active Directory SIA11-HOL | Microsoft Forefront Unified Access Gateway (UAG) and Direct Access: Better Together Red SIA-3 | Microsoft Forefront Secure Endpoint Solution

42 Learn more about our solutions: http://www.microsoft.com/forefront Try our products: http://www.microsoft.com/forefront/trial

43 www.microsoft.com/teched www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn

44

45 Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31 st http://northamerica.msteched.com/registration You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year

46

47

Download ppt "Adwait Joshi Randy Treit Sr. Product ManagerSr. Program Manager SESSION CODE: SIA 320."

Similar presentations

Ben Bernstein, Program Manager, UAG DirectAccess Tom Shinder, Knowledge Engineer, UAG DirectAccess Microsoft Corporation SESSION CODE: SIA310.

Ben Bernstein, Program Manager, UAG DirectAccess Tom Shinder, Knowledge Engineer, UAG DirectAccess Microsoft Corporation SESSION CODE: SIA310.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Microsoft Forefront Client Security

Microsoft Forefront Client Security
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
SIM317 Built on top of Microsoft ® System Center Configuration ManagerBuilt on top of Microsoft ® System Center Configuration Manager Supports all.

SIM317 Built on top of Microsoft ® System Center Configuration ManagerBuilt on top of Microsoft ® System Center Configuration Manager Supports all.
Adwait JoshiJim Harrison Sr. Product ManagerProgram Manager Microsoft Corporation SESSION CODE: SIA308.

Adwait JoshiJim Harrison Sr. Product ManagerProgram Manager Microsoft Corporation SESSION CODE: SIA308.
What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar

What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA403 Donny Rose Senior Program Manager.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA403 Donny Rose Senior Program Manager.
Microsoft System Center 2012 Endpoint Protection Overview Adwait Joshi (AJ) Product Marketing Manager Microsoft Corporation Mark Florida Principal Program.

Microsoft System Center 2012 Endpoint Protection Overview Adwait Joshi (AJ) Product Marketing Manager Microsoft Corporation Mark Florida Principal Program.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.

Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Jayesh Mowjee Security Consultant Microsoft Session Code: SIA203.

Jayesh Mowjee Security Consultant Microsoft Session Code: SIA203.

Similar presentations

Ads by Google