sikkerhed compliance
Download
Skip this Video
Download Presentation
Sikkerhed /Compliance

Loading in 2 Seconds...

play fullscreen
1 / 42

Sikkerhed /Compliance - PowerPoint PPT Presentation


  • 76 Views
  • Uploaded on

Sikkerhed /Compliance. Peter Arvedlund Security Solutions Specialist Claus Petersen Sr. Partner TS Core Infrastructure. Forefront Security Overblik ...mod malware/virus, hacking, spam etc. Server Applications. Client and Server OS. Internet. Perimeter/edge.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Sikkerhed /Compliance' - oleg


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sikkerhed compliance

Sikkerhed/Compliance

Peter Arvedlund

Security Solutions Specialist

Claus Petersen

Sr. Partner TS Core Infrastructure

forefront security overblik mod malware virus hacking spam etc
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

forefront codename stirling
Forefront codename “Stirling”

Management & Visibility

Dynamic Response

Client and Server OS

Server Applications

vNext

Network Edge

vNext

vNext

V.2

forefront security overblik mod malware virus hacking spam etc1
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

forefront security overblik mod malware virus hacking spam etc2
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

isa 2006 strengths
ISA 2006 Strengths
  • Branch Office Application Gateway
    • Site – Site VPN with application layer protection
    • Caching and Compression between sites
    • Combination Proxy/Firewall benefits for remote offices
  • Application Firewall/Proxy Server
    • AD integrated proxy server
    • 5th generation proxy server
    • Http filtering with 3rd party plug-ins extensibility
  • Secure Application Publishing
    • Good choice for customers with single namespace
    • Easy setup for Exchange and RPC/Http access
    • AD integrated/Cert/Smart Card auth/RADIUS
forefront threat management gateway
Forefront "Threat Management Gateway"

The Forefront “Threat Management Gateway” provides protection from multiple Internet-based threats, secure connectivity and simplified management.

Multiple Threat Protection

Secure Connectivity

Simple Management

  • “Threat Management Gateway” represents the evolution of ISA Server into a comprehensive, integrated Edge protection solution
  • Web anti-virus, anti-malware
  • URL filtering
  • Email anti-virus, anti-spam
  • Intrusion prevention
  • Integration with Forefront codename “Stirling”

“Threat Management Gateway” Investment Areas

  • Network & application firewall
  • Internet access protection (proxy)
  • Remote access VPN
  • Site-to-site VPN
  • Exchange & SharePoint publishing
  • “Appliance like” experience
  • Easy deployment
  • Centralized management
  • Integration with MS infrastructure, including AD, WSUS, System Center
slide11

Anything you can do….

I can do…ANYWHERE..!

Anywhere Acces / Secure Remote Acces

forskellige roller forskellige adgang
Forskellige roller – forskellige adgang

“Compliance”: Hverbrugersadgangbestemmesafadgangs-politikkersomrelateresdirektetil den enkelteBruger, Sikkerhedsniveaueller PC/PDA

Financial

Partner or Field Agent

Home PC

Logistics

Partner

Kiosk

Corporate

Laptop

Project Manager

Employee

Remote Technician

Employee

Unmanaged Partner PC

tmg vs isa server 2006
"TMG" vs. ISA Server 2006
  • ISA 2006
  • “TMG"
  • TMG extends current ISA capabilities to provide Edge protection against viruses, malware and other Internet based threats

Network firewall

Application firewall

Internet access protection (proxy)

Basic OWA & SharePoint publishing

IPsec VPN (remote & site to site)

Web caching, HTTP compression

Web anti-virus, anti malware

  • New

URL filtering

  • New

Email anti-virus, anti-malware

  • New

Intrusion prevention

  • New

Integration with codename “Stirling”

  • New

Enhanced UI, management, reporting

  • New
uag vs iag 2007
"UAG" vs. IAG 2007
  • IAG 2007
  • “UAG"

Application Intelligence and Publishing

End Point Security

SSL Tunneling

Information Leakage Prevention

Robust Authentication Support (KCD, ADFS, OTP)

Product Certification (Common Criteria, ICSA)

  • New

NAP Integration

  • New
  • New

Terminal Services Integration

Array Management

  • New

Enhanced Management and Monitoring (MOM Pack)

  • New

Enhanced Mobile Solutions

  • New

New and Customizable User Portal

  • New

Wizard Driven Configuration

  • New
forefront security overblik mod malware virus hacking spam etc3
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

slide20

Forefront for Application Servers

Forefront til Exchange, Sharepoint & OCS fungerer som én samlet anti-virus administrations- & integrations-konsol som indeholder op til 8 forskellige antivirus scannere.....!

Internet

  • Exchange
  • Sharepoint
  • OCS
slide21
Forefront Server Security products integrate and ship with industry-leading antivirus scan engines from

Each scan job in a Forefront Server Security product can run up to five engines simultaneously

A

B

Internal Messaging and Collaboration Servers

C

E

D

slide22

Virus Protection for Document Libraries

  • Real-time scanning of documents uploadedand downloaded from document library
  • Manual and scheduled scanning of document library

SQL Document Library

Document

SharePoint Server

Users

Document

Content Policy Enforcement

  • File filtering to block documents frombeing posted based on name match, file type or file extension
  • Content filtering by keywords withindocuments for inappropriate words and phrases
slide23
Detects and removes viruses in IM conversations
    • Supports LCS 2005 pooling, PIC, file transfers, and encrypted conversations
    • Blocks IMs with potentially harmful links
  • Scans for confidential information and inappropriate keywords in IMs and documents
  • Allows creation of IM policies through whitelisting and IM/SMTP notifications

Outside IM Clients

Firewall

Office Communications Server

Forefront

Microsoft Office Communicator

Windows Messenger Clients

integrated management forefront management pack
Integrated Management Forefront Management Pack
  • Over 100 Events, Performance Counters, and Services Monitored
    • Monitors the state of Forefront.
    • Collects statistical data on scanning, detection, and removal of messages and attachments
    • Polls Forefront Services - Provides timed events to poll systems for critical process health
  • Key Tasks
    • Triggers scan engine updates
    • Centralizes storage and deployment of license files
    • Imports, exports and deploys setting changes
    • Initiates and/or schedules manual scan jobs
    • Starts/Stops control of Forefront services
forefront security overblik mod malware virus hacking spam etc4
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

n antivirus scanner antivirus antispyware antirootkit
Én antivirus scannerAntivirus, antispyware & antirootkit

AVComparatives

(Feb 2008)

AVTest.org

(November 2007)

AVTest.org

(March 2008)

Received AVComparatives Advanced Certification

Test of consumer anti-virus products using a malware sample covering approximately the last three years.

Test based on more than 1 million malware samples

Results of testing of 29 anti-virus engines against more than 870,000 malware files discovered during the last six months

n antivirus scanner antivirus antispyware antirootkit1
Én antivirus scannerAntivirus, antispyware & antirootkit

7% less CPU

60%+ less CPU usage

14x faster at boot time

2x faster

2x faster in quick scans

5x faster in full scans

Sources: West Coast Labs, AVTest.org, Performance benchmarking study with West Coast Labs.

slide33

“Is my environment compliant with security best practices?”

“Has my level of vulnerability exposure changed over time?”

“What portion of my environment is at high risk?”

forefront security overblik mod malware virus hacking spam etc5
Forefront Security Overblik ...mod malware/virus, hacking, spam etc.

Server Applications

Client and Server OS

Internet

Perimeter/edge

Management – “Codename Stirling” RTM Q1 ´09

forefront codename stirling fcs v 2 is part of the stirling security system
Forefront codename “Stirling”FCS v.2 is part of the “Stirling” security System

Management & Visibility

Dynamic Response

Client and Server OS

Server Applications

vNext

Network Edge

vNext

vNext

V.2

stirling protection overview
Stirling Protection Overview

Exchange 2007 & E14 Protection

Firewall

Antimalware

Additional Antimalware Capabilities

Web (URL) Filtering

Host Firewall

vNext

vNext

Advanced Antispam

HTTP/FTP AV

Host Intrusion Prevention System

vNext

Intrusion Prevention

Software Restriction

Remote Access

Content Filtering

Device Control

NAP Integration

Sharepoint 2007 & SPS 14 Malware Protection

NAP Integration

Comprehensive and coordinated protection with dynamic response

Unified assets and policy-centric management across client, server, and edge

Critical visibility into security state: threats and vulnerabilities

silo d best of breed solution are not enough
Silo\'d best of breed solution are not enough
  • Time span of data breach events

http://www.verizonbusiness.com/resources/security/databreachreport.pdf

  • Breaches came from a combination of event:
    • 62% were attributed to a significant error
    • 59% resulted from hacking and intrusions
    • 31% incorporated malicious code
    • 22% exploited a vulnerability
    • 15% were due to physical threats
slide38

Example:Zero Day Scenario

Today :

Phone

Hours

Network

Admin.

Desktop

Admin.

Manual: Disconnect the Computer

DNS Reverse

Lookup

Edge Protection

Logg

Client Security

Edge

Protection

WEB

Client Event Log

Manual: Launch a scan

Malicious Web Site

DEMO-CLT1

Peter

slide39

Security Assessments Channel

Example: Zero Day Scenario

With Stirling and Dynamic Response

Compromised

User: Andy

Low Fidelity

High Severity

Expire: Wed

2-3 min

Alert

Network

Admin

Security

Admin.

Desktop

Admin.

Compromised

Computer DEMO-CLT1

High Fidelity

High Severity

Expire: Wed

TMG identifies malware on DEMO-CLT1 computer attempting to propagate (Port Scan)

FCS identifies Andy has logged on to DEMO-CLT1

Forefront

TMG

Stirling Core

Client Security

Forefront Server for:

Exchange,

SharePoint

OCS

WEB

NAP

Active Directory

Scan Computer

Block IM

Quarantine

Malicious Web Site

DEMO-CLT1

Reset Account

Block Email

Peter

identity security roadmap

NEW

Identity & Security Roadmap

NEXT

H1 CY08

H2 CY08

H1 CY09

~2010

Beta 1

Beta 2

RTM

Management

Beta 3

RC

RTM

Beta 1

Beta 2

RTM

Beta 1

Beta 2

RTM

ThreatMitigation

Beta 1

Beta 2

RTM

WEBS

Beta 1

Beta 2

RTM

Beta

RTM

Active DirectoryRights Management Services

IdentityBasedAccess

RTM

IAG SP2

RTM

"Zermatt" Identity Developer Framework

Beta

RTM

IdentityInfrastructure

RTM

AD, ADLDS, ADFS (Windows Server 2008 R2)

slide42

Spørgsmål?

Claus Petersen

[email protected]

Peter Arvedlund

[email protected]

www.forefront.dk

www.microsoft.com/stirling

ad