120 likes | 252 Vues
Ronald Beekelaar Beekelaar Consultancy ronald@beekelaar.com. Forefront Overview . Introductions. Presenter – Ronald Beekelaar MVP Windows Security MVP Virtual Machine Technology E-mail: ronald@beekelaar.com Work Beekelaar Consultancy Security consultancy Forefront, IPSec, PKI
E N D
Ronald BeekelaarBeekelaar Consultancyronald@beekelaar.com Forefront Overview
Introductions • Presenter – Ronald Beekelaar • MVP Windows Security • MVP Virtual Machine Technology • E-mail: ronald@beekelaar.com • Work • Beekelaar Consultancy • Security consultancy • Forefront, IPSec, PKI • Virtualization consultancy • Create many VM-based labs and demos
Agenda • Part 1 - Forefront Strategy and Overview • Part 2 - Forefront Client Security (FCS) • FCS Architecture • Deployment • Scannig • Part 3 - Forefront Server Security • Forefront Security for Exchange • Forefront Server Security Management Console (FSSMC) • Forefront Security for SharePoint • Part 4 - Forefront Edge Security (IAG) • History SSL-VPN • Connection Types • IAG Configuration • Part 5 - Forefront Future • Roadmap FCS, ISA, IAG • Codename "Stirling"
Seminar Hours Schedule: • 09.00 – 10.30: Session • 10.30 – 10.45 – Break • 10.45 – 12.00: Session • 12.00 – 13.00 – Obed (60 minutes) • 13.00– 14.15: Session • 14.15 – 14.30 – Break • 14.30 – 15.00: Session • 15.00 – 15.15 – Rafle
Forefront Lab VMs and ManualsAvailable on hand-out DVD Forefront Client Forefront Client Security Lab Forefront Server Forefront for Exchange Lab Forefront for SharePoint Lab Forefront Management Console Lab Forefront Edge ISA 2006 Lab IAG 2007 Lab
Themes • Define configuration policies • Client health checking • Enforce client configuration changes (compliance) • Monitoring • Reporting
Client Health Checking • Static checking • MBSA • Forefront Client Security - Security State Assessment • Checks fixed set of settings • SC Configuration Manager - Desired Configuration Management • Can define operations (= change) • Connect checking • Remote Access Quarantine (rqs.exe, rqc.exe) • Win2003 RRAS and ISA 2004 VPN • Runs script or executable + change • Intelligent Application Gateway 2007 - Endpoint Policies • Runs script to check • Network Access Protection (NAP) - Win2008 • Checks settings + change
Security and Access Offerings Comprehensive line of business security products that helps you gain greater protection and secure access through deep integration and simplified management Server Applications Client and Server OS Network Edge Windows Networking Solutions • Terminal Services • Scalable Networking Pack • Server & Domain Isolation • Network Access Protection • Secure Wireless
Client and Malware Offerings FOR INDIVIDUAL USERS FOR BUSINESSES Windows Defender Windows Live Safety Center Windows Live OneCare ForefrontClient Security ForefrontServer Security MSRT Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware Real-time antispyware Central reporting and alerting Customization IT Infrastructure Integration
Forward Roadmap Forefront Codename “Stirling” Client Server Applications Edge Next Generation Internet Security & Acceleration Server Next GenerationForefront Client Security Next GenerationForefront for Exchange Forefront for SharePoint • Unified Management across client, server application, & edge security in one console • Comprehensive, coordinated protection with dynamic responses to complex threats • Critical Visibility into overall security state including threats and vulnerabilities One product that delivers comprehensive, coordinated protection with unified security management and reporting across clients, server applications, and the network edge
Potentially unwanted software detected1 Increasingly Challenging Security Environment 50.7M 1:217 Ratio of computers infected with malware detected andcleaned by MSRT2 166% Increase in percentage of infected messages caught by EHS in1H 2007 compared to 1H 20063 Percentage of infections by top 25 pieces of malware4 44% Percentage increase in category of potentially unwanted software (includes rogue security software ) 168% Get the Microsoft Security Intelligence Report (Jan. – June 2007) at: http://www.microsoft.com/sir • Windows Defender between January 1, 2007 and June 30, 2007 • MSRT in 1H 2007 • Exchange Hosted Services in 1H 2007 over 1H 2006 • Windows Defender in 1H 2007