Embed Size (px)
Citation preview
Bernhard van der feenProduct Manager SecurityMicrosoft
Agenda
Engineering ExcellenceSecurity Development
Lifecycle
Design
Threat Modeling
Standards, best practices, and tools
Security Push Final Security Review
RTM and Deployment
Signoff
Security Response
Product Inception
Management System System Center, Active Directory GPO
Forefront Edge and Server Security, NAPPerimeter
Network Access Protection, IPSecInternal Network
Forefront Client Security, Exchange MSFPDevice
SDL process, IIS, Visual Studio, and .NETApplication
BitLocker, EFS, RMS, SharePoint, SQLData
User Active Directory and Identity Lifecycle Mgr
Poor integration across the platform
“Point to Point” Solutions
Standards Adoption
Compliance Reporting
Manageability
Slimmer
Gericht op applicaties
Vaker
Zakelijke calculaties
Te veel losseproducten
Slechte samenwerking
Geen integratie
Microsoft beveiligingsoplossingen
•Meer en grotere
•bedreigingen
Fragmentatie van
beveiligingstechnologie
•Moeilijk in gebruik,
•invoering en beheer
•8
Meerdere consoles
Geen coordinatie en rapportage en analyse
Kosten en complexiteit
•Interoperability
•Developer Tools & Guidance
•Systems Management
•Identity Management
•Windows Client and Server Operating Systems
•Windows Networking Solutions
•Client And Server OS •Server Applications •Network Edge
•Advertentie
•Banners
•Homepage
•Security numbers page
•www.microsoft.nl/gemakkelijk
•Network Edge•Server Applications•Client And Server OS
Leader in Gartner “Magic Quadrant” for Email Security 2006
Reader‟s Choice Award 2007 for software-based firewall
(ISA Server)
SSL VPN Leadership position
in Forrester Wave•Forrester Wave
•SSL VPN Appliances, Q4 „06
•Gartner Magic Quadrant for
•E-Mail Security Boundary 2006 *
CRN Recommended (4 out of 5 stars)
Certified by West Coast Labs (Checkmark certification)
VB100 award from VirusBulletin
•“IDC believes Forefront will play a key role in Microsoft's „people-ready business‟ initiative, specifically with protecting information and
controlling access.”•- IDC “Microsoft Announces Forefront: A Brand for Security Portfolio, Brian E. Burke, June 2006
•“Outright, Antigen kills three birds with one stone by providing e-mail, collaboration and antispam protection.”
•- CRN “Microsoft‟s Antigen Securely Automates Antivirus Protection”, Mario Morejon, June 23 2006
• “By year-end 2008, Microsoft will have captured 30 percent of the desktop antivirus and anti-spyware market in organizations with fewer
than 1,000 employees (0.7 probability).”•- Gartner “Midsize Business Security Spending Plans, 2006”, James A. Browning, February 16 2006
•Worldwide research & response driven by experienced team
•Insights powered through global
feedback from multiple sources
•Automation with integrated processes
enabling fast response & guidance
•Advanced Telemetry
•Global Organization
•Rapid Response
Experienced researchers previously at McAfee, Symantec, Computer
Associates, F-Secure, and other organizations
Microsoft security specialists applying best practices to protection
technologies
Offices in North America, Europe, and Asia
Strong partnerships with MSRC and PSS
From released products: Microsoft Forefront Server
Security, Malicious Software Removal Tool,
Hotmail, Exchange Hosted Services, etc.
From internal sources: Support organization
(PSS), web crawlers, etc.
From industry partnerships and community
submissions
Automation for efficient processing of malware
submissions and identifying trends
Integrated response & communications
processes to provide timely guidance and fast
issue resolution
Anti-malware portal enabling views on top
threats and alerts, as well sample submission
Security SummarySecurity Summary
•Client And Server OS
•Exchange Mailbox Server
•Internet
•Client Machines
•Exchange Mailbox Server
•Exchange Front End
•Microsoft AV
•Multi-engine
•Manager
•Server Applications
Rapid response to new threats
Fail-safe protection through redundancy
Diversity of antivirus engines and heuristics
•Response time1 (in hours)•The Microsoft
multiple-engine solution
WildList
Number
Malware
Name
Forefront
Set 1
Forefront
Set 2
Forefront
Set 3Vendor A* Vendor B* Vendor C*
10/2006 Areses!Itw30 0.00** 0.00 0.00 0.00 0.00 0.00
10/2006 Areses!Itw36 0.00 0.00 0.00 1598.78 0.00 0.00
10/2006 Areses!Itw37 0.00 0.00 0.00 0.00 52.30 175.45
10/2006 Areses!Itw41 0.00 0.00 0.00 0.00 13.15 194.35
10/2006 Mytob!Itw590 0.00 0.00 0.00 1332.17 0.00 0.00
10/2006 Rontokbro!Itw36 0.00 0.00 0.00 0.00 0.00 613.40
10/2006 Sdbot!Itw1809 0.00 0.00 0.00 9.97 166.07 270.39
10/2006 Sdbot!Itw1831 65.95 52.23 41.78 59.43 1.00 46.38
10/2006 Sdbot!Itw1847 56.54 56.54 204.79 416.27 29.92 85.32
10/2006 Stration!Itw101 0.00 0.00 0.00 93.88 23.46 96.85
10/2006 Stration!Itw102 0.00 0.00 0.00 26.00 28.05 30.83
10/2006 Stration!Itw42 0.92 0.92 0.92 3.72 3.12 7.05
10/2006 Stration!Itw43 2.00 2.00 2.00 4.80 4.20 8.13
10/2006 Stration!Itw44 0.00 0.00 0.00 5.60 2.00 7.58
10/2006 Stration!Itw45 0.00 0.00 0.00 3.55 2.00 7.58
10/2006 Stration!Itw46 0.00 0.00 0.00 2.75 2.20 6.78
10/2006 Stration!Itw47 0.00 0.00 0.00 3.72 3.12 7.05
10/2006 Stration!Itw60 0.00 0.00 0.00 0.00 4.64 6.32
11/2006 Rbot!Itw2090 0.00 0.00 0.00 1739.10 0.00 298.64
11/2006 Sdbot!Itw1814 0.00 0.00 0.00 1.00 0.00 0.00
11/2006 Sdbot!Itw1866 0.00 0.00 0.00 26.80 1.00 35.27
11/2006 Sdbot!Itw1867 0.00 0.00 0.00 14.00 12.84 23.14
11/2006 Sdbot!Itw1876 0.00 0.00 0.00 468.60 306.82 430.80
11/2006 Stration!Itw124 0.00 0.00 0.38 0.66 1.88 8.80
12/2006 Bagle!Itw137 0.00 0.00 0.00 4.01 0.00 13.83
12/2006 Bagle!Itw141 0.00 0.00 0.00 17.15 0.00 13.83
12/2006 Puce!Itw1 0.00 0.00 0.00 0.00 0.00 1.00
12/2006 Rbot!Itw2038 0.00 0.00 0.00 1026.27 0.00 0.00
12/2006 Sdbot!Itw1889 0.00 0.00 0.00 128.28 255.20 63.96
•* Includes beta signatures
•** 0.00 denotes proactive detection
•1 Source: AV-Test.org 2007 (www.av-test.org)
•Other single-engine solutions
•= Less than 5 hours
•= 5 to 24 hours
•= More than 24 hours
•Server Applications
•End-point devices •Protocols •Policy Definitions •Applications
•Edge
•(Messaging
•Servers)
•Unmanaged PC
•(Home PC, Kiosk, etc)
•Intranet Apps
•(Internal Web
•Servers)
•Work PCs
•(Remote Desktop)
•Internet
•Managed PC
•(corporate owned,
•domain-joined)
•Files/Documents
•(Portal or
•File Servers)
•Exchange ActiveSync•Handhelds
•SSL-VPN
•IPSec VPN
•HTTP/HTTPS
•RPC over HTTP
•RDP over HTTP
•SSL Tunneling
•SSL Socket Forwarding
• Integratie
• Beoordelingen
• Malware center
• Sterke Reporting Malware
• Multi Engine bij Forefront Server Security
• Intelligente toegang
Breed
Geïntegreerd
Eenvoudig
•Pre-Release
•Engagement
Beta software
Roadmap planning
Product training
Gerbuikerscampagnesen proefinstallaties
Vroegtijdig gezienworden als een Forefront
specialist
•Initial
•Deployment
Infrastructuurmigratieplanning, test en invoer(zoals Exchange, SharePoint)
Proof-of-concept
Invoering
Product marge en/of SSA fees
Sterke betrokkenheid bijklant door invoering
•Ongoing
•Advisory
Additionelebeveiligingsproducten
Consulting services (zoals security assessment)
Planning voortoekomstigeinfrastructuur security
Additionele business
Kansen voor partners•Betrokkenheid bij
•voorbereidingen
•Betrokkenheid bij
•Test en invoering
•Doorlopende
•advisering
• •
•23
•24
•25
•26
•27
•28
29
30
SI kan tot 30% claim op Forefront producten ontvangen (zie link)
Actief lid Microsoft Partner Program.
Software Advisor fee addendum ondertekend.
En een van de volgende criteria:
• Actief lid Security Solutions competency (of voldoe aan voorwaarden)
• Actief lid Advanced Infrastructure competency (of voldoe aan de voorwaarden)
• Actief lid Networking Infrastructure competency (of voldoe aan de voorwaarden)
• Actief lid Portals and Collaboration specialisatie IW competency (of voldoe aan de voorwaarden)
• Geregistreerde top-tier partner bij een andere leverancier van security ity software
• Voormalig Sybari of Whale reseller partner
Adviseur en implementator bij betreffende klant
http://partner.microsoft.com/securitysoftwareadvisor
•34•Microsoft Confidential
1. Getronics
2. ROI
3. Sociale Verzekeringsbank
4. www.Mijnbasisschool.nl Video
http://www.microsoft.com/casestudies/
•35
Client
1. Forefront Client Security
Server
1. Forefront Security for Exchange Server
2. Forefront Security for Sharepoint Server
Edge
1. ISA Firewall
2. Intelligent Access Gateway
http://www.microsoft.com/forefront
•36
Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Trustworthy Computing: www.microsoft.com/security/twcMicrosoft Forefront: www.microsoft.com/forefrontInfrastructure Optimization: www.microsoft.com/ioMicrosoft Security Assessment Tool: www.microsoft.com/security/msat
General Information:Microsoft Live Safety Center: safety.live.comMicrosoft Security Response Center: www.microsoft.com/security/msrcSecurity Development Lifecycle: msdn.microsoft.com/security/sdlGet the Facts on Windows and Linux: www.microsoft.com/windowsserver/compare
Anti-Malware:Microsoft OneCare Live: beta.windowsonecare.comMicrosoft Defender: www.microsoft.com/athome/security/spyware/softwareSpyware Criteria: www.microsoft.com/athome/security/spyware/software/isv
Guidance Centers:Security Guidance Centers: www.microsoft.com/security/guidanceSecurity Guidance for IT Professionals: www.microsoft.com/technet/securityThe Microsoft Security Developer Center: msdn.microsoft.com/securityThe Security at Home Consumer Site: www.microsoft.com/athome/security
•© 2005 Microsoft Corporation. All rights reserved.
•This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
