Microsoft Forefront overview
Microsoft Security2/9/20151
Overview Microsoft Forefront Edge Security and AccessWhy should
we be more secure?
What is Microsoft Forefront Security Suite ? Overview
Forefront for client Overview
Forefront for server Forefront for Exchange and SharePoint
server 2007
Forefront for Edge IAG Server (Intelligent Application Gateway
Server)
Exchange Hosted Services
2/9/20152
Why should we be more secure ?Why should we be so concerned
?What the real risk is ?
2/9/20153
Cybercrime is a real threat.Hackers are interested in gathering
information (Credit card details, individual details...) =>
Fraudulous use of credit cards and or personal individual details
for identity theft...Cyber crime affects individuals, customers,
insurance companies, companies image and long term
existence.Hackers are not kids anymore.Hackers are a lot smarter
than you think. They are organised crime organisations, they have
an in depth knowledge in programming, Windows, Unix, Linux, Network
and they will use any opened door to gain access.Social engineering
is an easy way to gather information as many employees will give
out information if they find their interlocutor pleasant and
nice.We can never win against the threat, this is a perpetual
fight.
Over 60% of the people who were asked to provide their
companylogins password gave it out to a guy who just asked them
gently !(INFOSEC 2007)
4
Consequences for affected companies :Loss of productivity, loss
of data, termination or resignation ofemployees, increased
insurance cost, long-term loss of business,loss of significant
business/profitCompanies are not securing their data as they should
be...
75% of security investment focused hereNetwork
AttacksApplication Attacks75% of attacks focused here
English Revenue and Customs admits theft of 13,000 civil
servants personal information. Tax Credit system had to be shut
down to halt the fraud. 15m was stolen. Dec 05A printing firm
contracted by Marks & Spencers in the UK has had a laptop
stolen putting 26,000 employees at risk for identity theft May
2007.Employee of Nationwide Building Society has their laptop
stolen from home containing account information for 11m customers.
Aug 06 (Fined 1m for this)Although the scientist downloaded about
15 times more data than the second most active user, no alarm bells
rang until after he submitted his resignation from DuPont, the
company behind Kevlar, Teflon, and hundreds of other brands and
trademarks. The value of the stolen information is set at 400
million USD Feb 2007.The price of stolen informationConsequences
for companies are huge and could potentially cost their own
business.
6
FOREFRONT SECURITY SUITE
What is Forefront Security Suite ?Forefront for clientSecure
Windows clients (Desktops and file servers) againstspywares,
viruses...
Forefront for serverSecure Exchange/SharePoint servers against
viruses, spam,worms in order to deliver clean emails and
documents.
Forefront for edgeInter network communications protection to
insure security ofinformation and application between clients and
servers.
Overview of Microsoft Forefront.Microsoft Forefront Security
Suite is like Microsoft Office, there are several different
products within.Like Office will provide all the necessary tools to
improve your productivity at many levels, Forefront Security Suite
will also provide security improvements at many levels (Clients,
Applications and Edge).
2/9/20158
Forefront for clientsIntegrated antivirus and antispyware
engine, delivering real-time protection from and scheduled scanning
for viruses, spyware, and other threats. Central management system,
generating reports and alerts on the security status of their
environment.State assessment or scans for determining which managed
computers need patches or are configured insecurely.
2/9/20159
Forefront for ExchangeAnti Spam, Anti Virus and Anti Worm
protection for Exchange server.Can run 5 different anti virus
engines at the same time reducing the risk because we do not depend
on one vendor only.Filter the Spam with rules (Keywords or
combination) and automated antivirus signature updates.
2/9/201511
Internet
A
B
C
D
EExchange Server/ Windows-based SMTP ServerDistributed
protectionPerformance tuningContent filteringCentral management
Forefront enginesVirusBusterSophosNormanMicrosoft Anti
MalwareKasperskyCA VETCA InoculateAuthentium CommandAhnLab
All engines are independent from each other.Updates are made
available from Microsoft website, 15 mn after they have been sent
from the partners.
The 9 Forefront engines.If one update fails, the other engine
continues to run.If one update fails, the particular engine that
was being updated will revert back to the previous anti virus
signature.
2/9/201513
Forefront for SharepointScan uploaded and downloaded documents
before they are saved against worms, malicious code, viruses.
2/9/201514
IAG SERVER
IAG ServerIntelligent Application Gateway ServerSSL-based
application access with endpoint security management.
IAG ServerIntelligent Application Gateway ServerBrowser based
access.Block malicious traffic and attacks (No network
traffic)Drive policy compliance (Limit exposure and liability,
better ROI)
IAG ServerIntelligent Application Gateway ServerRemote machine
profilingDetermine the health status of the remote machine and
dynamically give access accordingly.
Cache wiperClear browser cache, disk cache and overwrite 7 times
the clusters where the file was initiallydownloaded. It is
impossible to recover a file after this process.
Authentification vendorsWorks with 60 different vendors such as
Radius, RSA SecureID...
Network integrationSharePoint 2003/2007, OWA, Dynamics,
ActiveSync, Terminal-Services, Citrix, SAP, LotusDomino, WebSphere
and many more
Network isolationNo network connectivity between the remote user
and the remote server/service.The remote client does have an IP
address (Unless this is required by IP Phone or anyother
application/device that requires an IP address)
Overview
Intelligent Application GatewayExternal Firewall
Port 443
LDAPOracleExchange ServerSharePoint
ServerVendorsEmployeesPartners
IBM / LotusSAPWeb
Active Directory
SSL VPN connectivity and endpoint security verification
Third-partyMS apps
Exchange Hosted Services
Exchange Hosted ServicesTraditional
Hosted
SMTPE-mail storeVirus (
