Ronald Beekelaar Beekelaar Consultancy Forefront Overview
2 Introductions Presenter – Ronald Beekelaar MVP Windows Security MVP Virtual Machine Technology Work Beekelaar Consultancy Security consultancy Forefront, IPSec, PKI Virtualization consultancy Create many VM-based labs and demos
3 Agenda Part 1 - Forefront Strategy and Overview Part 2 - Forefront Client Security (FCS) FCS Architecture Deployment Scannig Part 3 - Forefront Server Security Forefront Security for Exchange Forefront Server Security Management Console (FSSMC) Forefront Security for SharePoint Part 4 - Forefront Edge Security (IAG) History SSL-VPN Connection Types IAG Configuration Part 5 - Forefront Future Roadmap FCS, ISA, IAG Codename "Stirling"
4 Seminar Hours Schedule: – 10.30: Session – – Break – 12.00: Session – – Lunch (60 minutes) – 15.00: Session – 15.15: Raffle
5 Forefront Lab VMs and Manuals Available on hand-out DVD Forefront Client Forefront Client Security Lab Forefront Server Forefront for Exchange Lab Forefront for SharePoint Lab Forefront Management Console Lab Forefront Edge ISA 2006 Lab IAG 2007 Lab
6 Themes Define configuration policies Client health checking Enforce client configuration changes (compliance) Monitoring Reporting
7 Client Health Checking Static checking MBSA Forefront Client Security - Security State Assessment Checks fixed set of settings SC Configuration Manager - Desired Configuration Management Can define operations (= change) Connect checking Remote Access Quarantine (rqs.exe, rqc.exe) Win2003 RRAS and ISA 2004 VPN Runs script or executable + change Intelligent Application Gateway Endpoint Policies Runs script Network Access Protection (NAP) - Win2008 Checks settings + change
8 Comprehensive line of business security products that helps you gain greater protection and secure access through deep integration and simplified management Network Edge Server Applications Client and Server OS Windows Networking Solutions Terminal Services Scalable Networking Pack Server & Domain Isolation Network Access Protection Secure Wireless
9 Unified Management across client, server application, & edge security in one console Comprehensive, coordinated protection with dynamic responses to complex threats Critical Visibility into overall security state including threats and vulnerabilities Unified Management across client, server application, & edge security in one console Comprehensive, coordinated protection with dynamic responses to complex threats Critical Visibility into overall security state including threats and vulnerabilities Server ApplicationsClientEdge One product that delivers comprehensive, coordinated protection with unified security management and reporting across clients, server applications, and the network edge Next Generation Forefront for Exchange Forefront for SharePoint Next Generation Forefront for Exchange Forefront for SharePoint Next Generation Forefront Client Security Next Generation Internet Security & Acceleration Server Next Generation Internet Security & Acceleration Server
10 Potentially unwanted software detected 1 Increasingly Challenging Security Environment 1.Windows Defender between January 1, 2007 and June 30, MSRT in 1H Exchange Hosted Services in 1H 2007 over 1H Windows Defender in 1H : % 44% Ratio of computers infected with malware detected and cleaned by MSRT 2 Increase in percentage of infected messages caught by EHS in 1H 2007 compared to 1H Percentage of infections by top 25 pieces of malware 4 Get the Microsoft Security Intelligence Report (Jan. – June 2007) at: M 168% Percentage increase in category of potentially unwanted software (includes rogue security software )
11