Frank O Trujillo Senior Program Manager Microsoft SIM326 Agenda Forefront Protection for Office Overview Secure Messaging Protecting your email Secure Collaboration Protecting your collaboration portals ID: 516040
Download Presentation The PPT/PDF document "Microsoft Forefront End-to-End Protectio..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Microsoft Forefront End-to-End Protection for Information Worker Business
Frank O. Trujillo Senior Program Manager Microsoft
SIM326Slide2
AgendaForefront Protection [for Office] Overview
Secure Messaging Protecting your emailSecure CollaborationProtecting your collaboration portalsManagement Experience
Improved security management (multiple servers support)
Forefront Protection [for Office] LicensingSlide3
Forefront Protection [for Office] OverviewSlide4
Forefront for Office ProductsAligning protection with the workloadsSlide5
Forefront for Office Products Overview
Forefront
server protection solutions
help businesses protect their messaging and collaboration servers against viruses, worms,
spam,
and inappropriate content.
Comprehensive
Protection
Multiple scan engines at multiple layers throughout
the corporate infrastructure provide maximum
protection against email and collaboration threats
Multi-Layer premium Anti-Spam
Tight integration with Microsoft Exchange and
SharePoint maximizes availability and performance
Integration with Exchange and SharePoint
Simplified Management
Easy-to-use management console provides central configuration and operation, automated scan engine signature updates and reporting at the server and enterprise level
Forefront Online Protection for Exchange
Exchange Hosted Encryption
Forefront Protection 2010 for Exchange Server
Forefront Protection 2010 for SharePoint
Forefront Security for OCS
Forefront Protection Server Management Console 2010Slide6
Anti-Spam and AntiMalware capabilities
Forefront Protection 2010 for Exchange Server
Forefront
Online
Protection for Exchange
Forefront
Protection 2010 for SharePoint
Antivirus
Antispyware
Anti-spam
Microsoft AV
Kaspersky
Authentium
Virus Buster
Norman
Symantec
Kaspersky
Authentium
Microsoft AV
Kaspersky
Authentium
Virus Buster
Norman
Integrated
antispyware protection
BATV
- Bounce Address Tag Validation
Industry-leading 3
rd
party content filtering
engine
Premium IP Reputation based RBLs
Layered Defenses against Junk
Mail
IP
Reputation
Blocking
Connection Analysis
Reputation Analysis
Safe Senders Sync
Outlook Junk Email Plugin
Additional
Spam Filtering
Options
IP-Based Authentication
Non-Delivery
Report Backscatter
Mitigation
Outbound
Spam
FilteringRules-Based ScoringFingerprinting
Integrated antispyware protection
N/ASlide7
Filtering capabilities
Forefront Protection 2010 for Exchange Server
Forefront
Online
Protection
for Exchange
Forefront Protection
2010 for SharePoint
Edge
Keyword
RegEx
File Type
Attachment
&
File Scanning
Determines True File Type
Extensions
Format
Zip
Extensions
Filenames
Subject Line
Body
Message Character Sets
Cannot filter content inside attachments
Predefined rule sets
Filter inside attachments
Policy Rule Syntax options support: Basic and regular expressions
Can add custom dictionaries
Keyword
filtering to block
out-of-policy
content
Determines True File Type
Extensions
Format
Zip
Hosted Service Edge Filtering (MX Points to FOPE)
Transport Scanning
N/ASlide8
Rapid response
to new threats
Fail-safe protection through redundancy
Diversity of antivirus engines and heuristics
**
0.00 denotes proactive
detection
1
Source: AV-Test.org (
www.av-test.org
)
The Multiple Engine AdvantageSlide9
Protect Messages from Malware
Microsoft Solution
“Defense in Depth”
Competitors’ Solutions
On premises or in the cloud
Automatic Engine Updates
Single Engine
Multiple Engines
99% spam detection*
* With premium anti-spam services
38 times fasterSlide10
Secure MessagingProtecting your EmailSlide11
Secure Messaging Solutions Slide12
Gartner Magic Quadrant for Secure Email Gateways
The Gartner Magic Quadrant is copyrighted by Gartner, Inc., and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Microsoft.
-- Gartner, Inc. Magic Quadrant for Secure
Email
Gateways, Peter Firstbrook, Eric Ouellet, April 27, 2010. Slide13
FPE: Industry-Leading Performance
West Coast Labs:
Spam Catch Rate above 99%
Premium Anti-spam certification
Virus Bulletin: Continuous Live Spam Catch Rate above 99%:
99.77% (September 2009)
99.46% (November 2009)
99.32% (January 2010)
99.86% (March 2010)
99.93% (May 2010)
99.96% (July 2010)Slide14
July 2010Slide15
Forefront Protection 2010 for Exchange Server
Protection Availability:
Exchange 2010
Exchange 2007 SP1
Enterprise Network
External Mail
Unified Messaging
Voice mail &
voice access
Hub Transport
Routing
& Policy
Web browser
Outlook (remote user)
Mobile phone
Outlook (local user)
Line of business applications
Mailbox
Storage of mailbox items
Phone system (PBX or VOIP
)
Edge Transport
Client Access
Client connectivity
Web servicesSlide16
Exchange 2010
+ FPE
Benefits
Connection
Filtering
Forefront DNS Block
List
Aggregated RBL data from multiple external and internal vendors
N
o configuration
required
Protocol Filtering
Unified Management
C
onsolidated Connection/Sender/Recipient/Sender ID filtering for simplified management
Backscatter Filter
Blocks
NDR (backscatter) spam
Content
Filtering
Cloudmark
CMAE Engine
Option
of alternative 3
rd
party
content filter
Above 99% detection rate
No configuration required (installs with smart defaults)
Forefront True Type File FilteringReal file type inspection (not just extension)Actionable scanning of nested files/within ZIPGlobal Exception Lists
Single access point to sender and recipient exception lists (allow and block actions)Streamlined SCL
Less ambiguous ratings for less false positives end to end
Hybrid Model
Integration with Forefront Online Protection for ExchangeFPE Anti-spam Functional Highlights Slide17
Filter Rules:
Delete *.exe
Quarantine
Container Behavior (zip, rar, etc.)
Forefront scans within ZIP and other compressed formats and deletes only the offending file
Container file before scan
EXE
DOC
JPG
BMP
Container file after scan
TXT
DOC
JPG
BMP
Custom deletion text
Quarantine
EXESlide18
demoForefront Protection 2010 for Exchange Server (FPE)Slide19
FOPE Core Product CapabilitiesSlide20
FOPE Implementation ScenariosSlide21
Forefront Online Protection for Exchange
Edge Blocking
End User Quarantine
Administrator
Console
Corporate Network
Messaging
Administrator
Employees
Inbound Filtered
Email
About 90% of
Email is junk
Outbound Filtered Email
Also incorporates technology from…
External Senders/ Recipients
Exchange Server
Anti-spam
Antivirus
Policy
Automatic Spooling
* Encryption
*
Requires additional Exchange
Hosted Encryption License
Active Directory
FOPE Directory Synchronization Tool
Multilayer spam and virus protection and policy enforcement
Legitimate
Email
Junk EmailSlide22
Hybrid Messaging Protection
Antivirus and
anti-spam
protection for Exchange Server
2010/2007
Server Roles
On-Premises
Software
Online
Anti Malware
Anti-spam
Management
Forefront Online Protection for Exchange
Symantec
Authentium
Kaspersky
Inbound Messaging Hygiene
Stop Foreign Spam
Outbound Spam Mitigation
Anti-spam Feedback Loop
Message
Tracing
IT Admin Improvements
Forefront Protection 2010 for Exchange Server
MS AV + AntiSpyware
Kaspersky
Authentium
Virus
Buster
Norman
Internal mail
filtering
Industry-leading
3
rd
party content filtering
Forefront Protection Server Management Console
SMTP
Exchange Server
Edge Role
Hub Role
Mailbox Role
InternetSlide23
DEMOForefront Online Protection for Exchange (FOPE)Slide24
Secure CollaborationProtecting your collaboration portalsSlide25
The Need for SharePoint Protection
Unified Application
Gateway
Firewall
SQL Back End
Indexing Server
Web Front End
Management
Internal
SharePoint Users
External
SharePoint Users
Potential Malware
Internet
Potential MalwareSlide26
Integration with SharePoint
SharePoint
Databases
SharePoint
Web Front-End Servers
Forefront Protection for SharePoint
Upload/
Download
Antivirus
Scanning
Antispyware
Scanning
Keyword Filtering
File Filtering
Quarantine
VSAPISlide27
demoForefront Protection 2010 for SharePoint (FPSP)Slide28
Management ExperienceImproved security managementSlide29
Management Options for Forefront Protection ServersSlide30
Simplified Management
Manage
multi-server FPE
2010 and FPSP
2010 environments
Server Discovery and Grouping
Product
FPSMC
agent deployment
Deploy policies to custom-defined groups of servers
Manage cross-domain and non-domain
servers
from one console
Firewall friendly communication channel
Signature Redistribution for 32-bit and 64-bit
engines
Online integration with FOPE
Visibility & Control
Visibility into incidents across
FPE and
FPSP
Real-time monitoring for
security events
User friendly Dashboard view
Real-time and historical reports
Web-based interface for easier access
License distribution and activation
Centralized Quarantine
Enterprise Ready
Enterprise ready scalability
Support for SQL scenarios
Business continuity for critical functionality
Manage
FPE on C
lusters (Exchange 2007 and Exchange 2010)
Built on Microsoft Infrastructure
Windows Server 2008 R2
Hyper-V
WCF
Active Directory
SQL Server 2008
IE
7.0,
IE
8.0, IE 9.0 (In Progress)
FPSMC CapabilitiesSlide31
FPSMC Console
Accessible via Internet ExplorerCentral console for all FPSMC tasksRemote access via HTTPSlide32
Job Management
4 types of jobsDeployment job (Policy)
Signature
Redistribution Job
Scheduled Report Job
Product Activation Job
Jobs can be scheduled or run on demand
Jobs can be scoped to target a specific set of servers
Configured by the AdministratorSlide33
Reporting
On-demandIncident Detection, Spam Detection, Engine and Definition Version
Report scoped based on date range and desired servers
Report includes distribution of detections, trending, and raw data
Scheduled
Sent via email on a daily, weekly,
or
monthly basisSlide34
FPSMC Architecture Overview
Primary FPSMC
Backup FPSMC
Replication
Remote Access
Add FPE and FPSP servers to FPSMC and deploy Agent
Upload policy to FPSMC and create jobs
Run jobs to deploy policy
Retrieve Quarantine and Reporting data periodicallySlide35
demoForefront Protection Server Management Console (FPSMC)Slide36
Forefront Protection [for Office] LicensingSlide37
Forefront Protection [for Office] Product List and Acronyms
Forefront is Microsoft's brand/suite of security products:
Forefront Online Protection for Exchange - FOPE
Exchange Hosted Encryption - EHE
Forefront Protection 2010 for Exchange Server - FPE
Forefront Protection 2010 for SharePoint - FPSP
Forefront Security for OCS - FSOCS
Forefront Protection
Server Management
Console - FPSMC
Forefront Protection Server Script Kit - FPSSKSlide38
Subscription Licensed Products
Forefront Products
Stand
alone (SL = Subscription License)
Included in Suite
Included in other
CALs
Forefront Online Protection for Exchange
Forefront Online Protection for Exchange (per user) SL
Enterprise CAL Suite (per user)
Forefront Protection Suite (per user)
Exchange
Online
Exchange Server 2010 Enterprise CAL with services (per user)
Exchange Hosted Encryption
Add-on to Forefront Online Protection for Exchange (per user) SL
Add on to Enterprise CAL Suite (per user)
Add on to Forefront Protection Suite (per user)
Add on to Exchange
Online
Add on to Exchange Server 2010 Enterprise CAL (per user)
Forefront Protection for SharePoint
Forefront Protection 2010 for SharePoint Server (per user) SL
Forefront Protection 2010 for SharePoint for Internet Sites Add-on SL
Enterprise CAL Suite (per user)
Forefront Protection Suite (per user)
SharePoint Online (*runs on internal MSFT SharePoint servers)
Forefront Security for OCS
Forefront Security for Office Communications Server (per user) SL
Forefront Security for Office Communications Server External Connector Add-on SL
Enterprise CAL Suite (per
user
)Forefront Protection Suite (per user)
Forefront Protection for ExchangeForefront Protection 2010 for Exchange Server (per user) SL
Forefront Protection 2010 for Exchange Server External Connector Add on SLEnterprise CAL Suite (per user)
Forefront Protection Suite (per user)
Exchange Online (*runs on MSFT servers internally)
Exchange Server 2010 Enterprise CAL (user or Device)
Forefront
Protection Server Management Console
Forefront Server Security Management Console Services SL
Free download:
http://go.microsoft.com/fwlink/?LinkID=208514
Forefront Protection Server Script Kit
Forefront Server Security Management Console Services SL
Free download:
http://go.microsoft.com/fwlink/?LinkId=196613Slide39
Track Resources
Don’t forget to visit the
Cloud Power area within the TLC (
Blue
Section
)
to see product
demos and speak with experts about the
Server & Cloud Platform solutions that help drive your business forward.
You
can also find the latest information about
our products
at the following links:
Windows Azure -
http://www.microsoft.com/windowsazure/
Microsoft System Center -
http://www.microsoft.com/systemcenter/
Microsoft Forefront -
http://www.microsoft.com/forefront/
Windows Server -
http://www.microsoft.com/windowsserver/
Cloud Power -
http://
www.microsoft.com/cloud/
Private Cloud -
http://
www.microsoft.com/privatecloud/
Slide40
Resources
www.microsoft.com/teched
Sessions On-Demand & Community
Microsoft Certification & Training Resources
Resources for IT Professionals
Resources for Developers
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
Learning
http://northamerica.msteched.com
Connect. Share. Discuss.Slide41
Complete an evaluation on
CommNet
and
enter to win!Slide42Slide43
©
2011 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment
on
the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation
. MICROSOFT
MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Slide44
Keyword Filtering
Searches the message body for matches to keywords in selected listsCan be imported from an existing file
Can filter phrases
Supports
operators: AND, OR, NOT
Actions: Skip & Detect, Delete, SuspendSlide45
File Filtering
Filter by name, type, or size*.exe, *.doc, *>10mb
Filters can be combinations of size, name and type
<photo1.jpg>10mb, *.mp3>5mb, *>10mb
Suggested files to block: EXE, COM, PIF, SCR, VBS, SHS, CHM, and BAT
Actions: SkipDetect, Suspend (Realtime), Delete (Scheduled/OnDemand)Slide46