1 / 23

Building an Integrated Security System Microsoft Forefront code name “Stirling”

Building an Integrated Security System Microsoft Forefront code name “Stirling”. Ravi Sankar Technology Evangelist | Microsoft http://ravisankar.spaces.live.com/blog. Agenda. Security and Access Challenges Forefront Today Forefront Codename “ Stirling ” Comprehensive Protection

imelda
Télécharger la présentation

Building an Integrated Security System Microsoft Forefront code name “Stirling”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building an Integrated Security SystemMicrosoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft http://ravisankar.spaces.live.com/blog

  2. Agenda • Security and Access Challenges • Forefront Today • Forefront Codename “Stirling” • Comprehensive Protection • Simplified Management • Critical Visibility • Demo • Q&A

  3. Security And Access Challenges Security challenges Difficult to Manage and Deploy Escalating Threats Fragmented Security More advanced Increased volume Profit motivated Many point products Poor interoperability Lack of integration Multiple consoles Uncoordinated reports Complex and costly Access Challenges Traditional VPNs Inadequate Difficult to Enforce Policies Growing Mobility More users More locations/devices Intranet/Extranet access Full connectivity is risky Poor apps integration Lack of scalability Changing legal rules Changing business rules Limited granularity

  4. A comprehensive line of business security products that helps you gain greater protection and secure access through deep integration and simplified management Client And Server OS Server Applications Network Edge

  5. An Integrated Security System Management And Visibility Dynamic Response Client And Server OS Server Applications Network Edge vNext

  6. An Integrated Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility across clients, servers, and the network edge Comprehensive Protection Integrated protection across clients, server and edge Dynamic responses to emerging threats Next generation protection technologies Simplified Management Manage from a single role-based console Asset and policy centric model Integrates with your existing infrastructure Know your security state in real-time View insightful reports Investigate and remediate security issues Critical Visibility

  7. Comprehensive Protection

  8. Comprehensive ProtectionIntegrated security system Silo’d Best of Breed Solutions are not enough • Customers do this today and still have security issues • Manual coordination is difficult and often incomplete • Expensive and difficult to understand if “I’m secure” Stirling and Dynamic Response are the answer • Layered Protection across the organization • Protection technologies that work together • Protection technologies that share security state information • Protection technologies that take action together Customers need an Integrated Security System Stirling’s protection technologies work together to better protect customers

  9. Zero Day Scenario Today Hours Phone Desktop Admin Network Admin Manual: Disconnect the Computer DNS Reverse Lookup Edge Protection Log Edge Protection Client Security Manual: Launch a scan WEB Client Event Log Malicious Web Site Andy DEMO-CLT1

  10. Security Assessments Channel Zero Day Scenario With Stirling and Dynamic Response Compromised User: Andy Low Fidelity High Severity Expire: Wed 2-3 min Alert Network Admin Security Admin Desktop Admin Compromised Computer DEMO-CLT1 High Fidelity High Severity Expire: Wed TMG identifies malware on DEMO-CLT1 computer attempting to propagate (Port Scan) FCS identifies Andy has logged on to DEMO-CLT1 Forefront TMG Stirling Core Client Security Forefront Server for: Exchange, SharePoint OCS WEB NAP Active Directory Scan Computer Block IM Quarantine Malicious Web Site Reset Account Block Email Andy DEMO-CLT1

  11. Enterprise Security • Stirling • Dynamic Response • Today Monitoring Low visibility on enterprise security Standard channel for security information Detection High rates of false positive/negative Share contextual Information Protection Manual enterprise wide response Automatic response and shield up Investigation Too much or too little data Efficient and focused investigation Stirling delivers: Better Protection - Faster Response - Lower Cost

  12. Stirling Protection Technologies Dynamic Response Information Sharing Coordinated Defense Adaptive Investigation Antivirus Antispyware Firewall Exchange Protection Host Firewall Web AV Content Filtering vNext vNext vNext NEW Remote Access NAP Integration Vulnerability Assessment & Remediation SharPoint Protection Content Filtering And More…

  13. Simplified Management

  14. Security ManagementToday Server Application Protection Vulnerability Assessment Endpoint Protection Network Edge Management Console Management Console Management Console Console Reporting Console Reporting Console Reporting Console • Jumping between consoles waste time • Each console has its own policy paradigm • Product’s are in silos with no integration • Lack of integration with infrastructure generate inefficiencies • Difficult to know if solutions are protecting from emerging threats

  15. Simplified Management With StirlingProtect your business with greater efficiency • One console for simplified, role-based security management • Define one security policy for your assets across protection technologies • Deploy signatures, policies and software quickly • Integrates with your existing infrastructure: SCOM, SQL, WSUS, AD, NAP, SCCM

  16. Critical Visibility AndControl

  17. Critical Visibility And ControlKnow where action is required • Know your security state • View insightful reports • Investigate and remediate security risks

  18. DEMO Stirling Beta 1

  19. Roadmap H1 2008 H2 2008 H1 2009 Integrated Security System BETA Codename “Stirling” Client andServer OS NEXT NEXT NEXT Server Applications NEW NEW Network Edge NEW NEW

  20. Summary Stirling is an Integrated Enterprise Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility across clients, servers, and the network edge • Dynamic, coordinated responses to threats • Focus on protecting assets • Manage security, not security products • Coherent and meaningful reports

  21. Next Steps • Become experts in existing Forefront products • Install Stirling Beta • Give us feedback!

  22. Q & A

More Related