1. Asif Jinnah Microsoft IT – United Kingdom

2. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere Access Concepts & Solutions Infrastructure Solutions to safeguard Microsoft's flexible workforce The Microsoft Environment

3. 129,000 e-mail accounts 9.5 million remote connections/month 5+ million internal e-mails daily 3,000 internal applications 6 billion IMs per month 435 million unique users 29 billion e-mails sent per day 280 billion page views per day

4. Others may manage your network and data centers Software plus Services [SaaS] augmenting traditional IT – data and applications hosted remotely Increasingly complex granular partner access controls Traditional Perimeter security is not sufficient alone Emergence of new technology enablers Always remote employees Flexible definition of the “office” Corpnet access from customer sites Data is walking out the front door Laptops, USB drives, cellular network cards, Smart Phones/PDAs Malware and spyware for everyone Mobile Workforce Mobile Technology Globalization & Outsourcing Reperimeterization of the network

5. ...the visible and the invisible

6. Control Evolution Transport Enable deep inspected transport as needed Transport Enable deep inspected transport as needed Network Provide connectivity and WAN optimization Network Provide connectivity and WAN optimization Application Ensure application integrity Application Ensure application integrity Host Protect hosts from malware and attacks Host Protect hosts from malware and attacks Data Protect data in storage, transit, and use Data Protect data in storage, transit, and use Many are protecting their hosts and data here We should be protecting our hosts here And protecting our data here

7. ApplicationsandData X X X Trusted, compliant machine; with malware Trusted, compliant, healthy machine Untrusted machine Trusted, non-compliant machine Compliant but Untrusted machine SSL VPN – Granular Access Access to data and applications is restored once NAP remediates the client

8. Corporate Network Business Partner Behind customer firewall Layer 7 VPN Gateway Compliant Client IPsec/IPv6 Down-level Client SSL-VPN All Corpnet Resources Dual Protocol (IPv6/IPv4) Non-Compliant Clients Office PC VPN with Mobile Device User with mobile device Internet Security for a flexible workforce

9. IPsec boundary Creates Secure Net environment Remote access clients/dial-up Workgroups Labs All Devices ~330,000 Unique management challenges Secure Net Devices ~270,000 Devices managed through SMS/SCCM ~265,000 ~16,000 servers IPsec 9

10. Network Security Monitor, Detect, Respond Attack & Penetration Technical Investigations IDS and A/V Assessment & Governance InfoSec Risk Assessment InfoSec Policy Management Security Architecture InfoSec Governance App Consulting & Engineering End-to-End App Assessment & Mitigation Application Threat Modelling External & Internal Training Engineering & Engagement Engineering Lifecycle Process & Methods Secure Design Review Awareness & Communication Identity & Access Management IdM Security Architecture IdM Gov & Compliance IdM Eng Ops & Services IdM Accounts & Lifecycle Compliance Regulatory Compliance Vulnerability Scanning & Remediation Scorecarding RespondRespondDefineDefine AssessAssess DesignDesignOperateOperate MonitorMonitor

11. “Security is the fundamental challenge that will determine whether we can successfully create a new generation of connected experiences that enable people to have anywhere access to communications, content and information” - Bill Gates

12. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14. James Burns – No Slides

15. Paul MacKinnon - Slides to be emailed post event