24 Hours Of Exchange Server 2007 ( Part 14 Of 24)

1,862 views
1,792 views

Published on

Maintaining Anti-Virus

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,862
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
252
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

24 Hours Of Exchange Server 2007 ( Part 14 Of 24)

  1. 1. 24 Hours of Exchange Server 2007 (Part 14 of 24): Maintaining AntiVirus Harold Wong [email_address] blogs.technet.com/haroldwong Audio: please try Streaming Internet Audio first If that doesn’t work, use: (800) 683-9254: Pin 3054
  2. 2. What We Will Cover <ul><li>Understanding antivirus functionality </li></ul><ul><li>Deploying a defense-in-depth approach </li></ul><ul><li>Antivirus software integration </li></ul>
  3. 3. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Microsoft ® Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  4. 4. Introduction to Anti-Spam Management <ul><li>Sender reputation filtering </li></ul><ul><li>Recipient ID filtering </li></ul><ul><li>Attachment filtering </li></ul><ul><li>Connection filtering </li></ul>Which of the following is not a type of Exchange Server 2007 anti-spam filtering?
  5. 5. Introduction to Anti-Spam Management <ul><li>Connection filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Outlook junk e-mail filtering </li></ul>Which anti-spam filtering feature includes the spam quarantine?
  6. 6. Introduction to Anti-Spam Management <ul><li>Perimeter firewall </li></ul><ul><li>Edge Transport server </li></ul><ul><li>Internal firewall </li></ul><ul><li>Connection filtering </li></ul>What is considered the first line of defense against spam attacks?
  7. 7. Understanding Individual Components <ul><li>IP Allow List </li></ul><ul><li>Safe Provider List </li></ul><ul><li>Real-time Block List </li></ul><ul><li>Spam Quarantine List </li></ul>Which of the following is not a feature of connection filtering?
  8. 8. Understanding Individual Components <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Which of the following filters do not query outside servers or services?
  9. 9. Understanding Individual Components <ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Which of the following component level filtering includes safelist aggregation?
  10. 10. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  11. 11. The Defense-in-Depth Approach Perimeter Security Edge Security Data Security
  12. 12. Virus Protection with Spam Filters . exe . dll .com . bat Reverse DNS Lookup Query Sender’s DNS Tarpitting RBL Lookup Connection Filtering Recipient Filtering Sender ID Filtering Sender Reputation Filtering Attachment Filtering
  13. 13. <ul><li>Configuring Filters for Virus Protection </li></ul><ul><ul><li>Configure RBL lookups </li></ul></ul><ul><ul><li>Query sender’s DNS </li></ul></ul><ul><ul><li>Configuring attachment filtering </li></ul></ul>demonstration
  14. 14. Outlook Web Access Virus Protection Public computer Private computer
  15. 15. Exchange Server 2007 Spam Quarantine Spam quarantine mailbox Yes SCL exceeds quarantine No
  16. 16. <ul><li>Managing the Spam Quarantine </li></ul><ul><ul><li>Create the spam quarantine mailbox </li></ul></ul><ul><ul><li>Set spam mailbox in the Edge Transport </li></ul></ul><ul><ul><li>Reviewing the spam quarantine mailbox </li></ul></ul>demonstration
  17. 17. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Attachment filtering </li></ul>Q1: Which spam filtering technology played an early role in virus protection?
  18. 18. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Q2: Which type of filtering allows the Edge Transport server to look up IP addresses in a list of known virus hosts?
  19. 19. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Attachment filtering </li></ul>Q3: Which filtering mechanism moves e-mail messages into the spam quarantine mailbox?
  20. 20. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  21. 21. Antivirus Software Integration VSAPI (Not Recommended)
  22. 22. Forefront Security for Exchange Server Client Security Hub Security Edge Security CA Sophos AhnLab VirusBuster Kaspersy Labs Norman Data Defense * Microsoft ® Forefront™ Security for Exchange Server (FSE)
  23. 23. <ul><li>Installing Forefront Security </li></ul><ul><ul><li>Install the Forefront security software </li></ul></ul><ul><ul><li>Run the Forefront security administrator </li></ul></ul><ul><ul><li>Send and scan an e-mail message </li></ul></ul>demonstration
  24. 24. Exchange Hosted Filtering Messages containing active malicious code E-mail quarantine Directory Service Exchange Hosted Filtering
  25. 25. Third-Party Products
  26. 26. AntiVirus Software and Services <ul><li>Edge Transport server </li></ul><ul><li>Hub Transport server </li></ul><ul><li>Mailbox server </li></ul><ul><li>Desktop client computers </li></ul>Q1: Which system should not run e-mail antivirus scanning according to Exchange Server 2007 best practices?
  27. 27. AntiVirus Software and Services <ul><li>Five </li></ul><ul><li>Six </li></ul><ul><li>Seven </li></ul><ul><li>Eight </li></ul>Q2: What is the maximum number of antivirus scanning engines that can be configured for Forefront?
  28. 28. AntiVirus Software and Services <ul><li>One </li></ul><ul><li>Two </li></ul><ul><li>Three </li></ul><ul><li>Four </li></ul>Q3: What is the minimum number of antivirus engines you can configure when using Microsoft Exchange Hosted Filtering?
  29. 29. Session Summary <ul><li>Antivirus functionality in Exchange Server 2007 </li></ul><ul><li>Defense-in-depth approach </li></ul><ul><li>Antivirus software integration </li></ul>
  30. 30. Questions and Answers <ul><li>Submit text questions using the “Ask” button. </li></ul><ul><li>Don’t forget to fill out the survey. </li></ul><ul><li>For upcoming and previously live webcasts: www.microsoft.com/webcasts </li></ul><ul><li>Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781 </li></ul><ul><li>Today's webcast was presented using Microsoft ® Office Live Meeting. Get a free 14-day trial by visiting: www.microsoft.com/presentlive   </li></ul>

×