Embed Size (px)
Citation preview
2
Introductions
Presenter – Ronald Beekelaar
MVP Windows Security
MVP Virtual Machine Technology
E-mail: [email protected]
Work
Beekelaar ConsultancySecurity consultancy
Forefront, IPSec, PKI
Virtualization consultancy
Create many VM-based labs and demos
3
Agenda
Part 1 - Forefront Strategy and OverviewPart 2 - Forefront Client Security (FCS)
FCS ArchitectureDeploymentScannig
Part 3 - Forefront Server SecurityForefront Security for ExchangeForefront Server Security Management Console (FSSMC)Forefront Security for SharePoint
Part 4 - Forefront Edge Security (IAG)History SSL-VPNConnection TypesIAG Configuration
Part 5 - Forefront FutureRoadmap FCS, ISA, IAGCodename "Stirling"
4
Seminar Hours
Schedule:
09.00 – 10.30: Session
10.30 – 10.45 – Break
10.45 – 12.00: Session
12.00 – 13.00 – Lunch (60 minutes)
13.00 – 15.00: Session
15.00 – 15.15: Raffle
5
Forefront Lab VMs and ManualsAvailable on hand-out DVD
Forefront Client
Forefront Client Security Lab
Forefront Server
Forefront for Exchange Lab
Forefront for SharePoint Lab
Forefront Management Console Lab
Forefront Edge
ISA 2006 Lab
IAG 2007 Lab
6
Themes
Define configuration policies
Client health checking
Enforce client configuration changes (compliance)
Monitoring
Reporting
7
Client Health Checking
Static checkingMBSAForefront Client Security - Security State Assessment
Checks fixed set of settingsSC Configuration Manager - Desired Configuration Management
Can define operations (= change)
Connect checkingRemote Access Quarantine (rqs.exe, rqc.exe)
Win2003 RRAS and ISA 2004 VPNRuns script or executable + change
Intelligent Application Gateway 2007 - Endpoint PoliciesRuns script
Network Access Protection (NAP) - Win2008Checks settings + change
8
Comprehensive line of business security products that helps you gain greater protection and secure access through deep
integration and simplified management
Network EdgeNetwork EdgeServer ApplicationsServer ApplicationsClient and Server OSClient and Server OS
Windows Networking Solutions• Terminal Services
• Scalable Networking Pack
• Server & Domain Isolation
• Network Access Protection
• Secure Wireless
9
• Unified Management across client, server application, & edge security in one console
• Comprehensive, coordinated protection with dynamic responses to complex threats
• Critical Visibility into overall security state including threats and vulnerabilities
• Unified Management across client, server application, & edge security in one console
• Comprehensive, coordinated protection with dynamic responses to complex threats
• Critical Visibility into overall security state including threats and vulnerabilities
Server Applications
Client Edge
One product One product that delivers that delivers comprehensive, coordinated comprehensive, coordinated protection with unified security management protection with unified security management and and reportingreporting across clients, server applications, and the network edgeacross clients, server applications, and the network edge
Next GenerationForefront for ExchangeForefront for SharePoint
Next GenerationForefront for ExchangeForefront for SharePoint
Next GenerationForefront Client
Security
Next GenerationForefront Client
Security
Next GenerationInternet Security & Acceleration Server
Next GenerationInternet Security & Acceleration Server
10
Potentially unwanted software detected1
Increasingly Challenging Security Environment
1.Windows Defender between January 1, 2007 and June 30, 20072.MSRT in 1H 20073.Exchange Hosted Services in 1H 2007 over 1H 20064.Windows Defender in 1H 2007
1:2171:217166%166%44%44%
Ratio of computers infected with malware detected andcleaned by MSRT2
Increase in percentage of infected messages caught by EHS in1H 2007 compared to 1H 20063
Percentage of infections by top 25 pieces of malware4
Get the Microsoft Security Intelligence Report (Jan. – June 2007) at:
http://www.microsoft.com/sir
50.7M50.7M
168%168%Percentage increase in category of potentially unwanted software (includes rogue security software )
11
