Microsoft Security

Overview
Microsoft Forefront Edge Security and Access
Why should we be more secure?
What is Microsoft Forefront Security Suite ?
Overview
Forefront for client
Overview
Forefront for server
Forefront for Exchange and SharePoint server 2007
Forefront for Edge
IAG Server (Intelligent Application Gateway Server)
Exchange Hosted Services

Why should we be more

secure ?

Cybercrime is a real threat.

Hackers are interested in gathering information
(Credit card details, individual details...) =>
Fraudulous use of credit cards and or personal
individual details for identity theft...
Cyber crime affects individuals, customers, insurance
companies, companies image and long term
existence.
Hackers are not kids anymore.
Hackers are a lot smarter than you think. They are
organised crime organisations, they have an in depth
knowledge in programming, Windows, Unix, Linux,
Network and they will use any opened door to gain
access.
Social engineering is an easy way to gather
information as many employees will give out
information if they find their interlocutor pleasant and
nice.
We can never win against the threat, this is a
perpetual fight.

Consequences for affected companies :

Loss of productivity, loss of data, termination or resignation of
employees, increased insurance cost, long-term loss of business,
loss of significant business/profit
Companies are not securing their data as they should be...

Network Attacks

75% of security
investment focused here

Application Attacks

75% of attacks focused

here

The price of stolen

information
English Revenue and Customs admits theft of 13,000 civil
servants personal information. Tax Credit system had to
be shut down to halt the fraud. 15m was stolen. Dec 05
A printing firm contracted by Marks & Spencers in the UK
has had a laptop stolen putting 26,000 employees at risk
for identity theft May 2007.
Employee of Nationwide Building Society has their laptop
stolen from home containing account information for 11m
customers. Aug 06 (Fined 1m for this)
Although the scientist downloaded about 15 times more
data than the second most active user, no alarm bells rang
until after he submitted his resignation from DuPont, the
company behind Kevlar, Teflon, and hundreds of other
brands and trademarks. The value of the stolen
information is set at 400 million USD Feb 2007.

FOREFRONT SECURITY SUITE

What is Forefront Security

Suite ?
Forefront for client
Secure Windows clients (Desktops and file servers) against
spywares, viruses...
Forefront for server
Secure Exchange/SharePoint servers against viruses, spam,
worms in order to deliver clean emails and documents.
Forefront for edge
Inter network communications protection to insure security of
information and application between clients and servers.

Forefront for clients

Integrated antivirus and antispyware engine,
delivering real-time protection from and
scheduled scanning for viruses, spyware, and
other threats.
Central management system, generating reports
and alerts on the security status of their
environment.
State assessment or scans for determining which
managed computers need patches or are
configured insecurely.

Forefront for Exchange

Anti Spam, Anti Virus and Anti Worm protection
for Exchange server.
Can run 5 different anti virus engines at the
same time reducing the risk because we do not
depend on one vendor only.
Filter the Spam with rules (Keywords or
combination) and automated antivirus signature
updates.

Internet
Distributed protection
Performance tuning
Content filtering
Central management
Exchange Server/
Windows-based
SMTP Server

A
B
C
D
E

Forefront engines
VirusBuster
Sophos
Norman
Microsoft Anti Malware
Kaspersky
CA VET
CA Inoculate
Authentium Command
AhnLab
All engines are independent from each other.
Updates are made available from Microsoft website, 15 mn after
they have been sent from the partners.

Forefront for Sharepoint

Scan uploaded and downloaded
documents before they are saved
against worms, malicious code,
viruses.

IAG SERVER

IAG Server

Intelligent Application Gateway Server

SSL-based application access with

endpoint security management.

IAG Server

Intelligent Application Gateway Server

Browser based access.

Block malicious traffic and attacks
(No network traffic)
Drive policy compliance (Limit
exposure and liability, better ROI)

IAG Server

Intelligent Application Gateway Server

Remote machine profiling
Determine the health status of the remote machine and dynamically give access accordingly.

Cache wiper
Clear browser cache, disk cache and overwrite 7 times the clusters where the file was
initially
downloaded.
It is impossible to recover a file after this process.

Authentification vendors
Works with 60 different vendors such as Radius, RSA SecureID...

Network integration
SharePoint 2003/2007, OWA, Dynamics, ActiveSync, Terminal-Services, Citrix, SAP, Lotus
Domino, WebSphere and many more

Network isolation
No network connectivity between the remote user and the remote server/service.
The remote client does have an IP address (Unless this is required by IP Phone or any
other application/device that requires an IP address)

Overview
Web
LDAP

SSL VPN
connectivity and
endpoint security
Ve
verification
nd
or
s

Partn
er
s
y
plo
Em s
ee

Intelligent Application
Gateway

ird y
h
T art
p

Po
44 rt
3

Externa
l
Firewall

M
ap S
ps

Oracle

IBM /
Lotu
s

SharePoin
t Server Exchange
Active
Server
Directo
ry

SA
P

Exchange Hosted
Services

Exchange Hosted Services

Traditional
Virus (<1%)
Spam (70%)
Legitimate(30
%)
SMTP

Hosted

E-mail
store

Virus (<1%)
Spam (70%)
Legitimate(30
%)
SMTP

E-mail
store

Why outsource AV & AntiSpam?

Manage cost
and
complexity
No HW/SW to install
and manage
Outsource routine IT
management
Predictable
subscription based
service
Scalable at no
additional cost

Secure, protect
and comply

Eliminate threats
before they reach
the network
Policy-compliant
infrastructure
Service-based e-mail
archiving for rapid
deployment

Inbox value and

access

Eliminate spam and

viruses from the email stream to boost
productivity
Reliable e-mail
availability and
continuity systems
Recover from
unplanned outages or
disasters

End-user access

Easy recovery

Service Level Agreement

Infrastructure SLAs
99.999% network uptime
< 2 minute delivery

Accuracy SLAs
100% virus detection and blocking
95% spam effectiveness
1:250,000 false positive ratio