Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mohan Atreya Sr. Product Manager RSA Corporation SIA311 Marcio Mello Sr. Program Manager Lead Microsoft Corporation.

Published byMeghan O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "Mohan Atreya Sr. Product Manager RSA Corporation SIA311 Marcio Mello Sr. Program Manager Lead Microsoft Corporation."— Presentation transcript:

1

2 Mohan Atreya Sr. Product Manager RSA Corporation SIA311 Marcio Mello Sr. Program Manager Lead Microsoft Corporation

3 Agenda The Microsoft and RSA Partnership AD RMS Overview RSA DLP / AD RMS Integration Overview RSA DLP Architecture Demonstration Q & A

4 The Business Challenge Data breaches have reached record levels – 245M exposed records due to breaches since 2005 Cost of compliance is a significant burden and continues to grow Companies face growing risks of data leaks & increase in compliance requirements Data must be protected, but also be accessible Data must be protected, but also be accessible Balance required between security and accessibility Increasingly need to enable use of information across company boundaries (partners, vendors, customers)

5 Current Point Solutions not Solving the End to End Data Security Problem VPN WAN LAN Partners Remote Employees Internal Employees Business Analytics Outsourced Dev. Enterprise Applications Production Database Replica Staging File Server Collaboration & Content Mgmt Systems Disk Arrays Backup Disk Backup Tape Backup System Disk Arrays Endpoint Network/E-mail Apps/DB FS/CMS Storage Endpoint Network/E-mail Apps/DB FS/CMS Storage Current solutions are not content aware across infrastructure so controls often applied without context Current solutions are not identity aware across infrastructure making it difficult to share sensitive data Separate management and policy tools must be stitched together

6 What Microsoft and RSA Announced on December 4, 2008 Microsoft and RSA partnering with a Built-In “systems” approach to protect sensitive information throughout the infrastructure based on content, context, and identity Microsoft building RSA Data Loss Prevention (DLP) classification technology directly into the Microsoft platform and future information protection products

7 What Microsoft and RSA Announced on December 4, 2008 RSA integrating Active Directory Rights Management Services (AD RMS) with RSA's DLP Suite Automate the application of AD RMS policies based on data sensitivity Microsoft and RSA collaboration enables organizations to: Centrally define information security policy Automatically identify and classify sensitive data anywhere in the infrastructure Use a range of controls to protect data throughout the infrastructure

8 AD Rights Management Services Provides identity-based protection for sensitive data Controls access to information across the information lifecycle Allows only authorized access based on trusted identity Secures transmission and storage of sensitive information wherever it goes – policies embedded into the content; documents encrypted with 128 bit encryption Embeds digital usage policies (print, view, edit, expiration etc. ) in to the content to help prevent misuse after delivery Persistent Protection + Encryption Policy: Access Permissions Use Right Permissions

9 RMS Provides Persistent Information Protection Location-based solutions protect initial access… Authorized Users Firewall Perimeter Unauthorized Users YES Information Leakage Access Control List Perimeter Authorized Users Unauthorized Users …but not usage

10 Information Workflow 2 2 1. Author and recipient are already bootstrapped with RMS certificates 2. Author creates e-mail 3. Author protects e-mail by defining RMS permissions and targeted recipients (Publish License) 4. Author sends e-mail to recipient 5. Recipient gets Use License from RMS Server 6. Recipient can access RMS protected e-mail 1 1 RACCLCRACCLC 6 6 UL 4 5 PL 3 3 AD SQL Author Recipient AD RMS Server

11 Rights Protected Document SQL Created when file is protected. Encrypted with the AD RMS server’s public key Encrypted with content key Contents of the file (text, pictures, and so on) Usage Rights Bob@fabrikam.com: Read, Print Lawyers@fabrikam.com: Read Publishing License Signed with AD RMS server’s private key Content Key AD RMS Client AD RMS Server

12 Products SQL 2007 6 XML Paper Specification SP1 1 1 2 2 3 3 4 4 5 5

13 RMS protecting a Word 2007 document

14

15

16

17

18

19

20

21

22

23

24 What is Data Loss Prevention (DLP)? Push policies across corporate infrastructure Discover and classify sensitive data Apply controls to protect sensitive data Report and audit to verify policy enforcement The DLP Process:

25 RSA DLP Product Suite DLP Datacenter Monitor Enforce Discover Enforce DLP Endpoint DLP Network Discover and Remediate ENTERPRISEMANAGERENTERPRISEMANAGER ENTERPRISEMANAGERENTERPRISEMANAGER Discover and remediate data at rest in the Datacenter Monitor sensitive data in motion as it leaves the Network Enforce sensitive data in motion as it leaves the Network Discover sensitive data at rest on corporate endpoints including laptops Enforce sensitive data in use on corporate endpoints including laptops Discover and Remediate Discover and Remediate Discover

26 RSA Data Loss Prevention Architecture

27 How Does Datacenter Scan Work? 1.Enterprise Manager sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network. 3.The Site Coordinator installs or connects to the grid workers in the grid machines 4.The Site Coordinator divides up the scanning work among them until the entire repository has been scanned 5.With either a dedicated server or making use of an existing server within a enterprise's infrastructure, the deployed grid software retrieves content from the assigned job and analyzes the content based on policy configuration 6.The Site Coordinator harvests the results from the grid machines (results are always harvested upstream) 7.The Enterprise Coordinator harvests the results from the Site Coordinator 8.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user. 1.Enterprise Manager sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network. 3.The Site Coordinator installs or connects to the grid workers in the grid machines 4.The Site Coordinator divides up the scanning work among them until the entire repository has been scanned 5.With either a dedicated server or making use of an existing server within a enterprise's infrastructure, the deployed grid software retrieves content from the assigned job and analyzes the content based on policy configuration 6.The Site Coordinator harvests the results from the grid machines (results are always harvested upstream) 7.The Enterprise Coordinator harvests the results from the Site Coordinator 8.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user. 1234 5 768

28 Scanning File Servers in Remote Offices 1.Enterprise Manager within Corporate Headquarters sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network 3.The Site Coordinator connects to the Remote File Server and installs either a permanent or temporary agent on the File Server 4.The agent performs the scan locally on the File Server using the system resources that have been determined by the Agent Throttling Settings: if the agent is installed in temporary mode, once the scan has completed the agent will automatically uninstall itself from the Remote File Server 5.The Site Coordinator harvests the results from the Remote File Server (results are always harvested upstream) 6.The Enterprise Coordinator harvests the results from the Site Coordinator 7.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user 1.Enterprise Manager within Corporate Headquarters sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network 3.The Site Coordinator connects to the Remote File Server and installs either a permanent or temporary agent on the File Server 4.The agent performs the scan locally on the File Server using the system resources that have been determined by the Agent Throttling Settings: if the agent is installed in temporary mode, once the scan has completed the agent will automatically uninstall itself from the Remote File Server 5.The Site Coordinator harvests the results from the Remote File Server (results are always harvested upstream) 6.The Enterprise Coordinator harvests the results from the Site Coordinator 7.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user 123 4 576 Temp or Perm Agent

29 Scanning Data on Endpoints 1.Enterprise Manager sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network. 3.The Site Coordinator connects to the Remote File Server and installs either a permanent or temporary agent on the target Endpoint. 4.The agent performs the scan locally on the Endpoint using the system resources that have been determined by the Agent Throttling Settings. If the agent is installed in temporary mode, once the scan has completed the agent will automatically uninstall itself from the Endpoint. 5.The Site Coordinator harvests the results from the Endpoint (results are always harvested upstream) 6.The Enterprise Coordinator harvests the results from the Site Coordinator 7.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user. 1.Enterprise Manager sends a request to the Enterprise Coordinator 2.Enterprise Coordinator passes the command to the appropriate Site Coordinator on a local or remote network. 3.The Site Coordinator connects to the Remote File Server and installs either a permanent or temporary agent on the target Endpoint. 4.The agent performs the scan locally on the Endpoint using the system resources that have been determined by the Agent Throttling Settings. If the agent is installed in temporary mode, once the scan has completed the agent will automatically uninstall itself from the Endpoint. 5.The Site Coordinator harvests the results from the Endpoint (results are always harvested upstream) 6.The Enterprise Coordinator harvests the results from the Site Coordinator 7.The Enterprise Manager harvests the results from the Enterprise Coordinator and process the results into the database for display to the user. 123 4 576 Temp or Perm Agent

30 RMS Integration with DLP 6.5 2. Gets Rights Policy Templates (sync) 5. Processes Files 4. Sends Policies, associated Templates 7. Returns Events, error messages Microsoft AD Rights Management Services (AD RMS) Enterprise Manager Enterprise Coordinator 3. EM Administrator associates Rights Policy Template with Datacenter Policy Violation Rules 1. Active Directory Administrator configures Rights Policy Templates Site Coordinator/ Agents Site Coordinator/ Agents 6. Creates Publishing License using Template

31 RSA DLP RMS Demo

32 Long term – Microsoft and RSA Building Information Protection into Infrastructure Add-on Policies Add-on Policies RSA DLP Enterprise Manager RSA Microsoft E-mail/UC Endpoint Network Apps FS/CMS Storage Microsoft Information Protection Management Built-in DLP Classification and RMS Controls Microsoft Environment and Applications RSA DLP Endpoint RSA DLP Endpoint Complementary Platforms and functionality RSA DLP Network RSA DLP Network RSA DLP Datacenter RSA DLP Datacenter Common policies throughout infrastructure Built-in approach to protect data based on content, context, identity Future ready: Seamless upgrade path for current DLP customers

33 Summary Microsoft and RSA partnering to secure sensitive data with a Built-In “systems” approach to build protection into the infrastructure Common policies and classification throughout the entire system Microsoft building RSA Data Loss Prevention (DLP) classification technology directly into the Microsoft platform and future information protection products Microsoft selected RSA due to its strength in the areas of correlation, policies, scalability First step is the RSA DLP Suite’s integration with AD RMS Automate the application of AD RMS policies based on data sensitivity

34 Additional RMS Resources Website http://www.microsoft.com/rms http://www.microsoft.com/rms Blog http://blogs.msdn.com/rms http://blogs.msdn.com/rms TechNet virtual lab http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx MSIT deployment http://www.microsoft.com/technet/itsolutions/msit/infowork/deprmswp.mspx http://www.microsoft.com/technet/itsolutions/msit/infowork/deprmswp.mspx

35 www.microsoft.com/teched Sessions On-Demand & Community http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification & Training Resources Resources Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. www.microsoft.com/learning Microsoft Certification and Training Resources

36 Complete an evaluation on CommNet and enter to win! Required Slide

37 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Required Slide

38 AD RMS Template Acquisition

39 AD RMS Template Selection

40 AD RMS Template in a DLP Policy

41 DLP Incidents Involving AD RMS

Download ppt "Mohan Atreya Sr. Product Manager RSA Corporation SIA311 Marcio Mello Sr. Program Manager Lead Microsoft Corporation."

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.
Faith Allington Program Manager Microsoft Corporation WSV322.

Faith Allington Program Manager Microsoft Corporation WSV322.
Agenda Customer pain points and how data classification can help Ecosystem Windows Server 2008 R2 for file Classification Infrastructure Demos Customer.

Agenda Customer pain points and how data classification can help Ecosystem Windows Server 2008 R2 for file Classification Infrastructure Demos Customer.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Wally Mead Senior Program Manager Microsoft Corporation Session Code: MGT303.

Wally Mead Senior Program Manager Microsoft Corporation Session Code: MGT303.
Rob Hwacinski Sr. Program Manager Lead Microsoft Corporation WEM206 Ashwin Kulkarni Sr. Product Manager Microsoft Corporation.

Rob Hwacinski Sr. Program Manager Lead Microsoft Corporation WEM206 Ashwin Kulkarni Sr. Product Manager Microsoft Corporation.
Virtual techdays INDIA │ 18-20 august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)

Virtual techdays INDIA │ august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Dan Parish Program Manager Microsoft Session Code: OFC 304.

Dan Parish Program Manager Microsoft Session Code: OFC 304.
Business Solutions Using Microsoft ® Office SharePoint ® Server ROADSHOW.

Business Solutions Using Microsoft ® Office SharePoint ® Server ROADSHOW.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.

Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
John “JG” Chirapurath Director, Identity & Security BG Microsoft SIA-205 Business Ready Security.

John “JG” Chirapurath Director, Identity & Security BG Microsoft SIA-205 Business Ready Security.
Arend-Jan Speksnijder Solutions Architect Microsoft Dynamics Lighthouse team Dynamics AX2009 Technical Overview and Demo (DYN301)

Arend-Jan Speksnijder Solutions Architect Microsoft Dynamics Lighthouse team Dynamics AX2009 Technical Overview and Demo (DYN301)
Gavin Russell-Rockliff BI Technical Specialist Microsoft BIN202.

Gavin Russell-Rockliff BI Technical Specialist Microsoft BIN202.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.

Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Tim Rains Group Product Manager Microsoft Session Code: SIA101.

Tim Rains Group Product Manager Microsoft Session Code: SIA101.
Patrick Ortiz Global SQL Solution Architect Dell Inc. BIN209.

Patrick Ortiz Global SQL Solution Architect Dell Inc. BIN209.
Ben Robb MVP, SharePoint Server cScape Ltd OFC204.

Ben Robb MVP, SharePoint Server cScape Ltd OFC204.
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

Similar presentations

Ads by Google