Upload
imelda
View
53
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Building an Integrated Security System Microsoft Forefront code name “Stirling”. Ravi Sankar Technology Evangelist | Microsoft http://ravisankar.spaces.live.com/blog. Agenda. Security and Access Challenges Forefront Today Forefront Codename “ Stirling ” Comprehensive Protection - PowerPoint PPT Presentation
Citation preview
Building an Integrated Security SystemMicrosoft Forefront code name “Stirling”
Ravi SankarTechnology Evangelist | Microsofthttp://ravisankar.spaces.live.com/blog
AgendaSecurity and Access ChallengesForefront TodayForefront Codename “Stirling”
Comprehensive ProtectionSimplified ManagementCritical Visibility
DemoQ&A
Security And Access Challenges
More usersMore locations/devicesIntranet/Extranet access
Full connectivity is riskyPoor apps integration Lack of scalability
Changing legal rulesChanging business rulesLimited granularity
Growing Mobility Traditional VPNs Inadequate
Difficult to Enforce Policies
More advancedIncreased volumeProfit motivated
Many point products Poor interoperability Lack of integration
Multiple consolesUncoordinated reportsComplex and costly
Escalating Threats Fragmented Security Difficult to Manage and
Deploy
Security challenges
Access Challenges
A comprehensive line of business security products that helps you gain greater protection and secure access
through deep integration and simplified management
Network EdgeServer ApplicationsClient And Server OS
Management And VisibilityDynamic Response
Network EdgeServer Applications
Client And Server OS
vNextAn Integrated
Security System
Integrated protection across clients, server and edgeDynamic responses to emerging threatsNext generation protection technologies
Comprehensive
Protection
Manage from a single role-based consoleAsset and policy centric modelIntegrates with your existing infrastructure
SimplifiedManagemen
t
Know your security state in real-time View insightful reportsInvestigate and remediate security issues
CriticalVisibility
An Integrated Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility
across clients, servers, and the network edge
ComprehensiveProtection
Comprehensive ProtectionIntegrated security systemSilo’d Best of Breed Solutions are not enough
Customers do this today and still have security issuesManual coordination is difficult and often incompleteExpensive and difficult to understand if “I’m secure”
Stirling and Dynamic Response are the answerLayered Protection across the organizationProtection technologies that work togetherProtection technologies that share security state informationProtection technologies that take action together
Customers need anIntegrated Security System
Stirling’s protection technologies work together to better protect customers
DNS Reverse Lookup
Client Event Log
Edge Protection
Log
Network Admin
Edge Protection
Client Security
Hours
DEMO-CLT1 Andy
DesktopAdmin
Manual: Launch a scan
WEB
Malicious Web Site
Phone
Manual: Disconnect the Computer
Zero Day ScenarioToday
Security Assessments Channel
2-3 min
TMG identifies malware on DEMO-CLT1 computer attempting to propagate (Port Scan)
Security Admin
Network Admin
DEMO-CLT1 Andy
DesktopAdmin
Malicious Web Site
WEB
Forefront TMG Client
Security
CompromisedComputer DEMO-CLT1High FidelityHigh SeverityExpire: Wed
CompromisedUser: AndyLow FidelityHigh SeverityExpire: Wed
Stirling Core
NAPActive
Directory
Forefront Server
for:Exchange
, SharePoi
ntOCS
FCS identifies Andy has logged on to DEMO-
CLT1
Alert
Scan Computer
Block Email
Block IM
Reset Account
Quarantine
Zero Day ScenarioWith Stirling and Dynamic Response
Enterprise Security
Too much or too little data
Efficient and focused investigation
Today
High rates of false positive/negative
Manual enterprise wide response
Monitoring Low visibility on enterprise security
Standard channel for security information
Share contextual Information
Automatic responseand shield up
Detection
ProtectionInvestigatio
n
StirlingDynamic Response
Stirling delivers:Better Protection - Faster Response - Lower Cost
Stirling Protection Technologies
vNextvNext
vNext
NEW
AntivirusAntispyware
Host Firewall
NAP IntegrationVulnerability
Assessment & Remediation
Exchange Protection
Content Filtering
SharPoint Protection
Firewall
Web AV
Remote Access
Dynamic ResponseCoordinated Defense Adaptive InvestigationInformation Sharing
Content Filtering
And More…
SimplifiedManagement
Security ManagementToday
Jumping between consoles waste timeEach console has its own policy paradigmProduct’s are in silos with no integration
Lack of integration with infrastructure generate inefficienciesDifficult to know if solutions are protecting from emerging threats
Management Console
Management Console
Management Console
Reporting Console Reporting Console Reporting Console
Console
Endpoint Protection
Server Application Protection
Network Edge Vulnerability Assessment
Simplified Management With StirlingProtect your business with greater efficiency
One console for simplified, role-based security management
Define one security policy for your assets across protection technologies
Deploy signatures, policies and software quickly
Integrates with your existing infrastructure: SCOM, SQL, WSUS, AD, NAP, SCCM
Critical Visibility And Control
Know your security state
View insightful reports
Investigate and remediate security risks
Critical Visibility And ControlKnow where action is required
Stirling Beta 1
DEMO
RoadmapH2 2008
Client andServer OS
ServerApplications
Network Edge
IntegratedSecurity System
NEW
NEW
NEX
TN
EXT
NEW
NEX
T
Codename “Stirling”
NEWBETA
H1 2008 H1 2009
SummaryStirling is an Integrated Enterprise Security System that delivers comprehensive, coordinated protection with simplified management and critical visibility across clients, servers, and the network edge Dynamic, coordinated responses to threats
Focus on protecting assetsManage security, not security productsCoherent and meaningful reports
Next StepsBecome experts in existing Forefront products
Install Stirling Beta
Give us feedback!
22
Q & A
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.