What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar

Slides:

Advertisements

Similar presentations

A l a d d i n. c o m eSafe 6 FR2 Product Overview.

Advertisements

Enabling Secure Internet Access with ISA Server

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Forefront Threat Management Gateway 2010

PROTECTING YOUR LAN BORDER Best Practice for your Firewall Setting and Configuration. By Fernando Navarrete and Oswaldo Bolívar.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Adwait JoshiJim Harrison Sr. Product ManagerProgram Manager Microsoft Corporation SESSION CODE: SIA308.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA403 Donny Rose Senior Program Manager.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Module 5: Configuring Access to Internal Resources.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

LittleOrange Internet Security an Endpoint Security Appliance.

Kako povečati varnost omrežja s Forefront TMG Jože Markič, Kompas Xnet d.o.o.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

1 Integrating ISA Server and Exchange Server. 2 How works.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

1 Enabling Secure Internet Access with ISA Server.

EDUCAUSE Security 2006 Internet John Brown University.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.

Course 201 – Administration, Content Inspection and SSL VPN

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Securing Microsoft® Exchange Server 2010

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Barracuda Web Filter Overview. Introduction to the Barracuda Web Filter Integrated content filtering and Web security –Regulate leisure browsing Adult,

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Module 6 Planning and Deploying Messaging Security.

Virtual techdays INDIA │ august 2010 Threat Management Gateway 2010 – A Deep Dive Anirudh Singh Rautela │ TSP – Security, Microsoft Corporation.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Alan Schmarr Consultant BUI Session Code: 303 Agenda Forefront Overview TMG Value Proposition The deep dip Deployment and Management Web client protection.

Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.

Module 7: Advanced Application and Web Filtering.

Module 11: Designing Security for Network Perimeters.

Bill Jensen Bashar Kachachi Session Code: SIA309.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Security fundamentals Topic 10 Securing the network perimeter.

A Network Security -Firewall Bruce Turin.

SEC304 Enhancing Exchange, OWA and IIS Security with ISA Server Feature Pack 1 Steve Riley Microsoft Corporation

Securing the Network Perimeter with ISA Server 2004 Ravi Sankar IT Professional Evangelist Microsoft.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Network Security Solution. 2 Security Gateway Switch Network Security Products  Multi-Homing  VPN/Firewall  SPI Firewall  Anti-Virus  Anti-Spam 

BUILD SECURE PRODUCTS AND SERVICES

TMG Client Protection 6NPS – Session 7.

Enabling Secure Internet Access with TMG

Securing the Network Perimeter with ISA 2004

Forefront Security ISA

Threat Management Gateway

Configuring TMG as a Firewall

Information Security Session October 24, 2005

Using Software Restriction Policies

DirectAccess with Unified Access Gateway (UAG)

Presentation transcript:

What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar

Introductions Presenter – Ronald Beekelaar –MVP Security –MVP Virtual Machine Technology – Beekelaar Consultancy BV Work –Security consultancy –Virtualization consultancy –Create many VM-based labs and demos –Software to optimize, manage and run VM

Session Objectives Main goal: –Make it easier for you to talk to customers about Threat Management Gateway (TMG) –Or: implement TMG 2010 within your own organization –How to do that? Focus on new features in TMG 2010 –As successor to ISA 2006 Understand NIS Explain Outbound SSL Inspection –Sub goal: Use the lab environment for demos

Demo and Lab Environment For study, testing, demo, POC, etc –Download from: –Contains all Forefront products Including FIM and AD FS

What's new in TMG? Malware Inspection (AM) –For HTTP and HTTPS – antivirus / antispam filtering Network Inspection System (NIS) –Intrusion Prevention System URL Filtering HTTPS Inspection Web Access Policy ISP Redundancy (ISP-R) –Failover and load-balancing Enhanced NAT –For multiple outbound SMTP servers

TMG “Network Rules” New Feature: Enhanced NAT –Eg. SMTP Sender Policy Framework

Malware Inspection Detects viruses in HTTP traffic Uses MS AV engine –Same as FCS, FSE, FSSP, etc –Single engine – not multi-vendor Issue: –Scanning takes time – client may time out Solution: –Progress notification (for browser clients) –Content trickling + recall Send 50 bytes every 5 seconds

Network Inspection System (NIS) Signature-based detection of malicious network traffic –Based on MS Research GAPA project Generic Application Protocal Analyzer –Signatures for vulnerabilities (MS08-33) And some signatures for existing exploits –Microsoft releases security bulletin + security update (patch) + NIS signature Protects unpatched computers behind TMG

URL Filtering Microsoft Reputation Service (MRS) returns one of 91 “category” indications for each URL –Including “Unknown” Firewall rule: Allow category Sports after 5 PM only Content Request Content MRS ? category = sports + in cache

URL Filtering – Walking the Path

HTTPS Inspection Outbound traffic For Web publishing, inbound SSL Bridging is well-known (ISA Server 2000) Issue: –Cannot inspect outbound traffic in encrypted tunnel (SSL) Solution: –Use “SSL Bridging” on outbound SSL connections as well –Difference with Web publishing is that client can go to many different Web sites

HTTPS Inspection Mechanism In Web browser: In TMG request: SSL Request Certificate SSL Request Certificate Signed by Verisign Signed by”TMG CA”