Presentation is loading. Please wait.

Presentation is loading. Please wait.

Server Security Technologies

Similar presentations


Presentation on theme: "Server Security Technologies"— Presentation transcript:

1 Server Security Technologies
Microsoft TechNet Seminar 2006 Server Security Technologies (not Dr.) Fred Baumhardt Security Technology Architect Microsoft Incubation Seminar Name

2 Microsoft TechNet Seminar 2006
Server Security Microsoft TechNet Seminar 2006 How not to do it This is not the way to protect your front perimeter or edge Seminar Name

3 Infrastructure Security
Architecture Security

4 Root Causes Enterprise organically grown under “Project” context
Infrastructure Architecture Enterprise organically grown under “Project” context Security was Secondary – vendors no best practice Internal Network wide open – everything to everything 0 day undefended – patch is the solution Classic Security Perimeter Unmanaged Unpatched Internet Some Core Systems Extranets Internet Systems Project 1…n System Branch Offices Departments This will Save Me !

5 Microsoft TechNet Seminar 2006
Security Rules The Biology of Security Worms are Anonymous – they don’t carry your password database…. Pathogens Break protocol rules – you wrote a buffer for 72 characters – attacker sent you 182 Worms send clients something they didn’t ask for Authenticate Traffic – Stops foreign Infection Enforce Protocol Rules at the Network Device – things that break are dropped Don’t process traffic that you didn’t ask for, understand protocols and know what to expect Seminar Name

6 Server Auth Auth at all levels

7 Plan + Execute Wipe Out Attack Classes example Outbound Proxy Zone
Internet Redundant Routers Redundant Firewalls NIC teams/switches Control Zone Control Zone Control Zone Control Zone Outbound Proxy Zone ExtranetData Network – SQL Presentation Inbound Proxy Control Zone Control Zone Control Zone Control Zone Application Servers Control Zone Control Zone Control Zone Control Zone Data Network – SQL Server Clusters Infrastructure Network – Internal Active Directory Messaging Network – Exchange FE Messaging Network – Exchange BE Control Zone Control Zone Control Zone Control Zone Client Networks 1…n RADIUS Network Intranet Network - Web Servers Management Network – MOM, deployment

8 Microsoft TechNet Seminar 2006
Plan + Execute Wipe Out Attack Classes NAP and Domain I NAP (will) and Domain Isolation (has) become the standard which new systems roll out to X NAP – can I get onto the network – are you healthy ? Network pre-auth, must be managed to get on. Domain Isolation – Assuming you are healthy where can you go, and what can you do ? X Seminar Name

9 Infrastructure Security
ForeFront Security

10 Capabilities Outsource the Risk Resolve the Risk Ignore the Risk
Understand The Risks Define the Strategy How Much Risk can we tolerate ? Does it aggregate ? Outsource the Risk Resolve the Risk Ignore the Risk Outsource the risk to others Buy managed services Hire Consultants (outsource blame) Transformation required To prevent re-occurence Should Wipe out Class of risk Quantify Risk and impact Decommission/Transition Allow long term “project” to fix it Low enough risk/cost ratio to allow .

11 Forefront Naming Transition
Previous Current H2 2006 2007+ Client Server Edge TBD TBD

12 Its about securing the workload
Microsoft TechNet Seminar 2006 Its about securing the workload Simple malware at client or server base insufficient Multiple malware vendors scanning traffic inside data repository, need engines per repository For mail, do it at edge and cloud, but other protocols are attacked internally, so protection should be internal Seminar Name

13 Workload Malware Approach
Microsoft TechNet Seminar 2006 Workload Malware Approach Antigen IM and Documents Live Communications Server Antigen EHS SharePoint Server ISA Server Antigen Exchange Hosted Services Antigen Exchange Front End Servers Exchange & BES Servers Seminar Name

14 Malware Engines across Products
Microsoft TechNet Seminar 2006 Malware Engines across Products Seminar Name

15 Plan + Execute Admin Training is Key – Users can be useful to IT
The Training and Feelings of IT Admin Training is Key – Users can be useful to IT Admins– (like pets ) can Help You – If you train them Work with your new IT to let them understand your architecture and why Security Policy should be open to be evolved, and should be enforced and challenged to application paradigms Application and Infrastructure admins should treat security and FW admins as peers Be Sensitive to Jobs and Roles, re-skilling is pain


Download ppt "Server Security Technologies"

Similar presentations


Ads by Google