1 / 26

A-02 Overblik over Forefront Protection Manager 2010

A-02 Overblik over Forefront Protection Manager 2010. Christian Stahl chstahl@microsoft.com. Formål. Formålet med denne session er at give et overblik over ForeFront Protection Manager (FPM). Hvem er jeg. Christian Stahl - Ansat i Microsoft Services som Engagement Manager

rachel
Télécharger la présentation

A-02 Overblik over Forefront Protection Manager 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A-02 Overblik over Forefront Protection Manager 2010 • Christian Stahl • chstahl@microsoft.com

  2. Formål • Formålet med denne session er at give et overblik over ForeFront Protection Manager (FPM)

  3. Hvem er jeg • Christian Stahl - Ansat i Microsoft Services som Engagement Manager • CISSP og CISA • Underviser på ITU, IT Arkitektur og Sikkerhed • Har været i IT branchen siden 1996 • HP Danmark fra 1996 til 2000 (konsulent) • HP USA fra 2000 til 2002 (konsulent) • HP Danmark fra 2002 til 2004 (senior konsulent) • Saxo bank 2004 til 2005 (senior manager) • Microsoft 2005  nu • Fokus har altid været IT sikkerhed, infrastruktur og mobility • Arbejdet de sidste mange år som løsningsarkitekt for større komplekse projekter involverende alt fra fysiske serverrum til netværk og applikationsdesign

  4. Agenda • Introduktion til Security Management • Introduktion til ForeFront Protection Manager (FPM) • FPM funktionalitet • FPM arkitektur • Demo

  5. Forefront Roadmap Today CY 2009 H2 CY 2010 H1 Management Management Consoles Protection and Access Solutions Active Directory RMS Active Directory RMS

  6. Security Management today Server Application Protection Vulnerability Assessment Endpoint Protection Network Edge Management Console Management Console Management Console Console Reporting Console Reporting Console Reporting Console • Jumping between consoles waste time • Each console has its own policyparadigm • Product’s are in silos with no integration • Lack of integration with infrastructure generate inefficiencies • Difficult to know if solutions are protecting from emerging threats

  7. Silo'd best of breed solution are not enough • Breaches came from a combination of event: • 62% were attributed to a significant error • 59% resulted from hacking and intrusions • 31% incorporated malicious code • 22% exploited a vulnerability • Time span of data breach events Source: 2008 Data Breach Investigations Report. Verizon Business http://www.verizonbusiness.com/resources/security/databreachreport.pdf

  8. Simplified Management with FPM • One console for simplified, role-based security management • Define one security policy for your assets across protection technologies • Deploy signatures, policies and software quickly • Integrates with your existing infrastructure: SCOM, SQL, WSUS, AD, NAP, SCCM

  9. Forefront Protection Manager • Comprehensive, coordinated protection with dynamic responses to complex threats • Unified management across client, server application, & edge security in one console • Critical visibility into overall security state including threats and vulnerabilities Next GenerationForefront Client Security Next GenerationForefront Server Security Next GenerationEdge Security and Access Antivirus / Antispyware Exchange Protection Firewall Host Firewall & NAP SharePoint Protection VPN Others – To be announced at a later date Others – To be announced at a later date Others – To be announced at a later date

  10. An Integrated Security System Management & Visibility Dynamic Response Client and Server OS Server Applications Network Edge vNext

  11. Security Assessments Channel Example: Zero Day Scenario Compromised User: Andy Low Fidelity High Severity Expire: Wed Network Admin Security Admin Desktop Admin Alert TMG identifies malware on DEMO-CLT1 computer attempting to propagate (Port Scan) FCS identifies Andy has logged on to DEMO-CLT1 Compromised Computer DEMO-CLT1 High Fidelity High Severity Expire: Wed FPM Core Client Security Forefront TMG Forefront Server for: Exchange, SharePoint OCS WEB NAP Active Directory Block IM Quarantine Scan Computer Malicious Web Site Reset Account Block Email Andy DEMO-CLT1

  12. Shared Information…

  13. Console Sneak Peak

  14. Critical Visibility & Control • Know your security state • View insightful reports • Investigateand remediate security risks

  15. Risk Management Dashboard • Risk = Security State X Asset Value • Asset value via FPM policies • Overall security risk driven by actionable rules • Single number to sort assets by • Enterprise security status reports

  16. Microsoft Update FPM Conceptual Architecture Forefront Security Assessment Channel Windows Server Update Services (WSUS) FPM Core Server FPM Data Analysis & Collection Servers 3rd party protection service Systems Center Operations Manager Threat Management Gateway Servers Virus &Spyware Definitions Settings Settings Settings Settings Exchange Servers Events Events Events Events FPM Console SharePoint Servers Desktops, Laptops and Servers

  17. TMG: Connect to FPM Provided by FPM Admin

  18. FPM: TMG connectivity state

  19. Response

  20. FPM: Response Plan (Policy)

  21. TMG Assessment / Response

  22. TMG: Response Implementation

  23. Deployment

  24. Single Server

  25. Multiple server deployment

More Related