Renato Francesco Giorgini Evangelist IT Pro RenatoFrancescoGiorginimicrosoftcom Agenda Panoramica Architettura Funzionalità AntiSpam Funzionalità AntiVirus Policy Enforcment Setup Iniziale ID: 787609
Download The PPT/PDF document "Forefront Online Protection for Exchange" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Forefront Online Protection for Exchange
Renato Francesco Giorgini
Evangelist IT Pro
RenatoFrancesco.Giorgini@microsoft.com
Slide2Agenda
Panoramica
Architettura
Funzionalità Anti-Spam
Funzionalità Anti-Virus
Policy Enforcment
Setup Iniziale
Reporting & Auditing
Scenari Misti
Slide3Business Challenges
Reduce security costs
Implement security that integrates with existing
IT assets more effectively
Reduce administrative costs through simplified management and deployment
Protect
i
nformation so your business can grow
Prevent spam from undermining user productivity and safety
Provide a timely response to the latest malware and vulnerabilities
Add new technology to enable productivity without adding security risk
Share information while maintaining compliance
Restrict the distribution of inappropriate content
Prevent loss of sensitive information
Uniformly enforce compliance across an organization
Slide4Choices for Exchange Message Filtering
Forefront Protection for Exchange Server (FPE)
On-premises antivirus and
antispam
with local configuration
Internal mail filtering and content filteringForefront Online Protection for Exchange (FOPE)
Antispam and antivirus protection in the cloudSLA backed e-mail security performanceHybrid scenarioSolutions compliment each other
Antivirus Filtering
Anti-spam Filtering
Slide5FOPE
Architecture Overview
FOPE Online
Service
Internal
Mail server
Spam quarantine
Internet Cloud
Internet
Slide6Real-time threat prevention
Layered anti-spam and
antivirus
Customized policy enforcement
Uninterrupted e-mail accessibility
Rapid recovery from unplanned disasters and network outages
Thirty-day rolling historical e-mail store
Gateway, policy-based e-mail encryption
No public and private key management
Full e-mail encryption
E-mail and IM retention for organizational governance and e-discovery
Customized
report generation for demonstrating compliance
Fully indexed, searchable archive
Exchange Hosted Services
Slide7Exchange Online Protection - Features
Antispam
Antivirus
Policy Enforcment
Disaster Recovery
Directory Services Syncronization
Slide8Architettura
Slide9FOPE Global Network Infrastructure
Network infrastructure that delivers reliability and scalability
Hosted services provisioned across a global network infrastructure
Fully redundant, load-balanced architecture
Scalability to handle all message volume variations
Slide10Rapid E-mail Delivery
(Average delivery commitment
of
less
than
1 minute)
99.999%
Network Uptime
Service Level Agreements
Each SLA is backed by a financial commitment from Microsoft
http://go.microsoft.com/fwlink/?LinkID=133205
100%
Known virus
Protection
98%
Spam
Detection
1:250,000
False Positive Ratio
Filtering Network Performance
Spam and Virus
Filtering Effectiveness
Terms and conditions apply. Please visit the Admin Center Resource Center at
http://admin.global.frontbridge.com
You may have to login to the system to view the service level agreement. Please contact your reseller or Microsoft
Account
Manager
if you wish to view these prior to
signing
up for the service.
Demo
Slide12Funzionalità Anti-Spam
Slide13Edge Blocking
End User Quarantine
Administrator
Console
Corporate Network
Messaging
Administrator
Employees
Inbound Filtered
E-mail
About 90% of
E-mail is junk
Outbound Filtered E-mail
Also incorporates technology from…
External Senders/ Recipients
Exchange Server
Anti-spam
Antivirus
Policy
Disaster Recovery
* Encryption
*
Requires additional Exchange
Hosted Encryption License
Active Directory
FOPE Directory Synchronization Tool
Multilayer spam and virus protection and policy enforcement
Legitimate
E-mail
Junk E-mail
Forefront Online Protection for Exchange
Slide14Antispam Protection
IP Repudiation Blocking
IP-Based Authentication
SMTP Connection Analysis
Real Time Attack Protection
Reputation AnalysisJunk Email ProtectionAdditional Spam Filtering Options
Cloudmark: Message FingerprintingNon-Delivery Report Backscatter MitigationRules-Based ScoringOutbound Spam filtering
Slide15Enhanced Reputation Lists
URIBL.com
Spam Rules
Database
Forefront Online Protection Spam Filter
Bad
URLs
Internet Service Providers
Non-Permitted
IPs
Clean-up
Process
Slide16Message reduced to fingerprints
Fingerprints compared to local cache
No Match? Apply heuristics
Spam
Legit.
FSE-protected Exchange recipient
Fingerprint
Cache
Reject
Cloudmark
Content Engine
Slide17Outbound Spam Mitigation
Customer 1
FOPE
Spam Filter
Customer 2
Customer 3
FOPE
Regular Outbound
FOPE
Higher Risk Delivery Pool
Slide18Spam Quarantine
Quarantined and stored for review for 15 days
Web Access
Redirected to SMTP Mailbox
Tagged with X-Header
Tagged in Subject Line
Slide19Demo
Slide20Funzionalità Anti-Virus
Slide21Antivirus Protection
Multi-AV-Engine
Layered Defenses
Real-Time Threat Response
Fast Antivirus Signature Deployment
Slide22Demo
Slide23Policy Enforcment
Slide24Protect Sensitive Information in E-mail
Automatically protect sensitive e-mail
Can leverage Exchange Server integration with Active Directory Rights Management Services
Filter
Email attachments
Messages
FOPE possible Actions:
Encrypt/DecryptAllow/RejectQuarantineRedirect/BCCUse TLS
EXTERNAL
PARTNER
ON PREMISES
Slide25Demo
Slide26Setup Iniziale
Slide27Firewall
Setting up Hosted Protection
SMTP
Mail
FOPE Service
Mail
Your Organization
Mail Server
Create Account
MX record
Allow only FOPE SMTP traffic
Slide28Directory Syncronization
Tool
Synchronize users, groups
Future basis for Forefront services in the cloud
User attribute differences synchronized
Requires install on Windows Serverhttps connectionPowerShell
enabledOutlook spam plug-inAllows reporting of spam to FOPE Admins through a button
Slide29Virtual Domains
Not a real DNS Name Domain
Group of Users with shared configuration settings
Slide30Demo
Slide31Disaster Recovery
Five days of email queued online
Email can be routed to a different server
Slide32Reporting & Auditing
Slide33Demo
Slide34Scenari
Misti
FPE, FOPE or Hybrid?
Forefront Protection for Exchange Server
On-premise antimalware and
antispam
protection with local configuration
Concerned with internal mail filteringForefront Online Protection for Exchange
External antispam is primary concernNo issues around hostingHybrid scenario
Slide36Hybrid Messaging Security
Firewall
Antivirus and anti-spam protection for Exchange Server
2007/2010
Server Roles
On-Premise
– Company LAN
Mailbox Server
SMTP
Exchange Edge
FOPE Gateway
Exchange Hub
Mail
Mail
Spam policy
Spam policy
Full Management Policy
Internet
Slide37FOPE Gateway
Managed from on-premise systems
Forefront Protection Manager console
FPE Stand alone UI
Synchronizes on-premise data with FOPE
Active Directory informationFPE Antispam policyCollects data from FOPE to on-premise systems
Quarantine informationStatistics
Slide38Deploying FOPE Hybrid Scenario
Follow these steps to prepare your Exchange environment and enable management of the FOPE gateway in FPE:
Register with FOPE and create an account
http://go.microsoft.com/fwlink/?LinkId=128194
Install the FOPE Gateway
Configure the FOPE settings in FPE and retrieve the FOPE datacenter IP addresses.
Redirect your mail to the FOPE datacenter by changing your Mail Exchange (MX) recordsConfigure your firewall rules and Exchange Edge receive connector informationThis will ensure that only mail that has been filtered by FOPE is accepted into your organization.
Slide39Active
Protection
Enterprise Class Reliability
High availability Software as a Service (
SaaS
)
Disaster recovery and e-mail continuity
SLA-supported uptime and performance
Simplified Management
Multiple engine antivirus and
antispam
protection updated multiple times a day
98%+ spam detection SLA
Ability to address security concerns outside the network
In-the-cloud filtering frees up server & network resources
Integration with Forefront Protection Manager
Directory Synchronization eases management overhead
User managed quarantine reduces administrator burden
Slide40Windows 7
Windows Server 2008 R2
Hyper-V Server R2
Internet Information Services 7.5
Exchange Server 2010
SharePoint Server 2010
System Center
Internet Explorer 8.0
Forefront Protection Suite (Codename “Stirling”)
RenatoFrancesco.Giorgini@microsoft.com
http://bit.ly/itpromomentum
Slide41Per approfondimenti
www.microsoft.com/online/exchange-hosted-services/filtering.mspx
www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=be5963ee-917f-4677-94c5-02985d7e077e
www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=f5714ed7-f14d-499e-b7d9-3365c9008113
Slide42©
2008 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
RenatoFrancesco.Giorgini@microsoft.com
http://blogs.technet.com/italy