/
Forefront Online Protection for Exchange Forefront Online Protection for Exchange

Forefront Online Protection for Exchange - PowerPoint Presentation

sequest
sequest . @sequest
Follow
343 views
Uploaded On 2020-06-25

Forefront Online Protection for Exchange - PPT Presentation

Renato Francesco Giorgini Evangelist IT Pro RenatoFrancescoGiorginimicrosoftcom Agenda Panoramica Architettura Funzionalità AntiSpam Funzionalità AntiVirus Policy Enforcment Setup Iniziale ID: 787609

fope mail protection spam mail fope spam protection exchange microsoft server policy antivirus filtering forefront online network antispam anti

Share:

Link:

Embed:

Download Presentation from below link

Download The PPT/PDF document "Forefront Online Protection for Exchange" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1

Forefront Online Protection for Exchange

Renato Francesco Giorgini

Evangelist IT Pro

RenatoFrancesco.Giorgini@microsoft.com

Slide2

Agenda

Panoramica

Architettura

Funzionalità Anti-Spam

Funzionalità Anti-Virus

Policy Enforcment

Setup Iniziale

Reporting & Auditing

Scenari Misti

Slide3

Business Challenges

Reduce security costs

Implement security that integrates with existing

IT assets more effectively

Reduce administrative costs through simplified management and deployment

Protect

i

nformation so your business can grow

Prevent spam from undermining user productivity and safety

Provide a timely response to the latest malware and vulnerabilities

Add new technology to enable productivity without adding security risk

Share information while maintaining compliance

Restrict the distribution of inappropriate content

Prevent loss of sensitive information

Uniformly enforce compliance across an organization

Slide4

Choices for Exchange Message Filtering

Forefront Protection for Exchange Server (FPE)

On-premises antivirus and

antispam

with local configuration

Internal mail filtering and content filteringForefront Online Protection for Exchange (FOPE)

Antispam and antivirus protection in the cloudSLA backed e-mail security performanceHybrid scenarioSolutions compliment each other

Antivirus Filtering

Anti-spam Filtering

Slide5

FOPE

Architecture Overview

FOPE Online

Service

Internal

Mail server

Spam quarantine

Internet Cloud

Internet

Slide6

Real-time threat prevention

Layered anti-spam and

antivirus

Customized policy enforcement

Uninterrupted e-mail accessibility

Rapid recovery from unplanned disasters and network outages

Thirty-day rolling historical e-mail store

Gateway, policy-based e-mail encryption

No public and private key management

Full e-mail encryption

E-mail and IM retention for organizational governance and e-discovery

Customized

report generation for demonstrating compliance

Fully indexed, searchable archive

Exchange Hosted Services

Slide7

Exchange Online Protection - Features

Antispam

Antivirus

Policy Enforcment

Disaster Recovery

Directory Services Syncronization

Slide8

Architettura

Slide9

FOPE Global Network Infrastructure

Network infrastructure that delivers reliability and scalability

Hosted services provisioned across a global network infrastructure

Fully redundant, load-balanced architecture

Scalability to handle all message volume variations

Slide10

Rapid E-mail Delivery

(Average delivery commitment

of

less

than

1 minute)

99.999%

Network Uptime

Service Level Agreements

Each SLA is backed by a financial commitment from Microsoft

http://go.microsoft.com/fwlink/?LinkID=133205

100%

Known virus

Protection

98%

Spam

Detection

1:250,000

False Positive Ratio

Filtering Network Performance

Spam and Virus

Filtering Effectiveness

Terms and conditions apply. Please visit the Admin Center Resource Center at

http://admin.global.frontbridge.com

You may have to login to the system to view the service level agreement. Please contact your reseller or Microsoft

Account

Manager

if you wish to view these prior to

signing

up for the service.

Slide11

Demo

Slide12

Funzionalità Anti-Spam

Slide13

Edge Blocking

End User Quarantine

Administrator

Console

Corporate Network

Messaging

Administrator

Employees

Inbound Filtered

E-mail

About 90% of

E-mail is junk

Outbound Filtered E-mail

Also incorporates technology from…

External Senders/ Recipients

Exchange Server

Anti-spam

Antivirus

Policy

Disaster Recovery

* Encryption

*

Requires additional Exchange

Hosted Encryption License

Active Directory

FOPE Directory Synchronization Tool

Multilayer spam and virus protection and policy enforcement

Legitimate

E-mail

Junk E-mail

Forefront Online Protection for Exchange

Slide14

Antispam Protection

IP Repudiation Blocking

IP-Based Authentication

SMTP Connection Analysis

Real Time Attack Protection

Reputation AnalysisJunk Email ProtectionAdditional Spam Filtering Options

Cloudmark: Message FingerprintingNon-Delivery Report Backscatter MitigationRules-Based ScoringOutbound Spam filtering

Slide15

Enhanced Reputation Lists

URIBL.com

Spam Rules

Database

Forefront Online Protection Spam Filter

Bad

URLs

Internet Service Providers

Non-Permitted

IPs

Clean-up

Process

Slide16

Message reduced to fingerprints

Fingerprints compared to local cache

No Match? Apply heuristics

Spam

Legit.

FSE-protected Exchange recipient

Fingerprint

Cache

Reject

Cloudmark

Content Engine

Slide17

Outbound Spam Mitigation

Customer 1

FOPE

Spam Filter

Customer 2

Customer 3

FOPE

Regular Outbound

FOPE

Higher Risk Delivery Pool

Slide18

Spam Quarantine

Quarantined and stored for review for 15 days

Web Access

Redirected to SMTP Mailbox

Tagged with X-Header

Tagged in Subject Line

Slide19

Demo

Slide20

Funzionalità Anti-Virus

Slide21

Antivirus Protection

Multi-AV-Engine

Layered Defenses

Real-Time Threat Response

Fast Antivirus Signature Deployment

Slide22

Demo

Slide23

Policy Enforcment

Slide24

Protect Sensitive Information in E-mail

Automatically protect sensitive e-mail

Can leverage Exchange Server integration with Active Directory Rights Management Services

Filter

Email attachments

Messages

FOPE possible Actions:

Encrypt/DecryptAllow/RejectQuarantineRedirect/BCCUse TLS

EXTERNAL

PARTNER

ON PREMISES

Slide25

Demo

Slide26

Setup Iniziale

Slide27

Firewall

Setting up Hosted Protection

SMTP

Mail

FOPE Service

Mail

Your Organization

Mail Server

Create Account

MX record

Allow only FOPE SMTP traffic

Slide28

Directory Syncronization

Tool

Synchronize users, groups

Future basis for Forefront services in the cloud

User attribute differences synchronized

Requires install on Windows Serverhttps connectionPowerShell

enabledOutlook spam plug-inAllows reporting of spam to FOPE Admins through a button

Slide29

Virtual Domains

Not a real DNS Name Domain

Group of Users with shared configuration settings

Slide30

Demo

Slide31

Disaster Recovery

Five days of email queued online

Email can be routed to a different server

Slide32

Reporting & Auditing

Slide33

Demo

Slide34

Scenari

Misti

Slide35

FPE, FOPE or Hybrid?

Forefront Protection for Exchange Server

On-premise antimalware and

antispam

protection with local configuration

Concerned with internal mail filteringForefront Online Protection for Exchange

External antispam is primary concernNo issues around hostingHybrid scenario

Slide36

Hybrid Messaging Security

Firewall

Antivirus and anti-spam protection for Exchange Server

2007/2010

Server Roles

On-Premise

– Company LAN

Mailbox Server

SMTP

Exchange Edge

FOPE Gateway

Exchange Hub

Mail

Mail

Spam policy

Spam policy

Full Management Policy

Internet

Slide37

FOPE Gateway

Managed from on-premise systems

Forefront Protection Manager console

FPE Stand alone UI

Synchronizes on-premise data with FOPE

Active Directory informationFPE Antispam policyCollects data from FOPE to on-premise systems

Quarantine informationStatistics

Slide38

Deploying FOPE Hybrid Scenario

Follow these steps to prepare your Exchange environment and enable management of the FOPE gateway in FPE:

Register with FOPE and create an account

http://go.microsoft.com/fwlink/?LinkId=128194

Install the FOPE Gateway

Configure the FOPE settings in FPE and retrieve the FOPE datacenter IP addresses.

Redirect your mail to the FOPE datacenter by changing your Mail Exchange (MX) recordsConfigure your firewall rules and Exchange Edge receive connector informationThis will ensure that only mail that has been filtered by FOPE is accepted into your organization.

Slide39

Active

Protection

Enterprise Class Reliability

High availability Software as a Service (

SaaS

)

Disaster recovery and e-mail continuity

SLA-supported uptime and performance

Simplified Management

Multiple engine antivirus and

antispam

protection updated multiple times a day

98%+ spam detection SLA

Ability to address security concerns outside the network

In-the-cloud filtering frees up server & network resources

Integration with Forefront Protection Manager

Directory Synchronization eases management overhead

User managed quarantine reduces administrator burden

Slide40

Windows 7

Windows Server 2008 R2

Hyper-V Server R2

Internet Information Services 7.5

Exchange Server 2010

SharePoint Server 2010

System Center

Internet Explorer 8.0

Forefront Protection Suite (Codename “Stirling”)

RenatoFrancesco.Giorgini@microsoft.com

http://bit.ly/itpromomentum

Slide41

Per approfondimenti

www.microsoft.com/online/exchange-hosted-services/filtering.mspx

www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=be5963ee-917f-4677-94c5-02985d7e077e

www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f5714ed7-f14d-499e-b7d9-3365c9008113

Slide42

©

2008 Microsoft

Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.

MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

RenatoFrancesco.Giorgini@microsoft.com

http://blogs.technet.com/italy