Exchange 2010
Advanced Security with
Forefront
Name
Title
Microsoft Corporation
E-mail Security A Growing Concern
     Spam problems continue
     • Spammers constantly evolving new techniques
     • Sy...
Better Together Protection
Integrated defense in depth



      Encryption              Anti-Spam             Anti-Virus

...
Encryption
    Default encryption internally and externally
•   Client to Server - Secure Sockets Layer (SSL)
•   Server t...
Encryption
Protect sensitive data
        S/MIME Support
        Enables users to send signed and encrypted e-mail to one
...
Encryption
Enable processing of rights protected e-mail


                                    Infected messages and
      ...
Perimeter Protection
  Overview
                                                             Enterprise Network


        ...
Perimeter Protection
EdgeSync enhances anti-spam filtering



             MALWARE                  SAFE /BLOCKED SENDER
 ...
Basic Anti-Spam
Three layers of protection
    Connection Filtering
1                                                     ...
Premium Anti-Spam
More protection, less configuration


 1   Connection Filtering                    • Pre-configured DNS ...
Forefront Anti-Malware
One solution, multiple anti-malware engines
•   Deploy single solution using multiple integrated te...
The Multiple Engine Advantage
Proven faster, more effective
                              Response time1 (in hours)       ...
Hosted and Hybrid Protection
Forefront Online Protection for Exchange

 Hosted Service                                  On...
Unified Management
   One console for Exchange and Forefront settings
 Central configuration for managing Exchange        ...
Exchange 2010 + Forefront
Better Together Security
      Superior anti-spam and anti-virus protection
      •   Configurab...
© 2009 Microsoft Corporation. All rights reserved. Microsoft and other product names are or may be registered trademarks a...
Upcoming SlideShare
Loading in...5
×

Microsoft Unified Communications - Exchange 2010 Advanced Security with Forefront Presentation

1,043

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,043
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
32
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Microsoft Unified Communications - Exchange 2010 Advanced Security with Forefront Presentation"

  1. 1. Exchange 2010 Advanced Security with Forefront Name Title Microsoft Corporation
  2. 2. E-mail Security A Growing Concern Spam problems continue • Spammers constantly evolving new techniques • Systems often outdated and rely only on IP filtering • Only 11% of organizations reported 99% effectiveness* Malware attacks on the rise • Malware incidents are increasing in organizations of all sizes* • Attacks are often blended (e.g. spammed viruses) • Increasing use of attachments to transmit viruses* Increasing need for data encryption • New regulations demand increased data privacy • Data leakage carries legal, financial risks • Encryption can be difficult to implement and manage *IDC, 2009
  3. 3. Better Together Protection Integrated defense in depth Encryption Anti-Spam Anti-Virus Basic Multiple Automatic Encryption Engine Anti- S/MIME Support Malware Premium Detection Information Rights Management Support Unified Management Hosted, Hybrid Protection Perimeter Protection
  4. 4. Encryption Default encryption internally and externally • Client to Server - Secure Sockets Layer (SSL) • Server to Server - Transport Layer Security (TLS) • Perimeter to Perimeter - Opportunistic TLS Perimeter Internet Network Perimeter Network Clients Internal Network
  5. 5. Encryption Protect sensitive data S/MIME Support Enables users to send signed and encrypted e-mail to one another from a variety of devices. • Send from Outlook, Outlook Web App, and Windows Mobile 6.0+ Information Rights Management Support Provides persistent protection to control who can access, forward, print or copy sensitive data. • AD RMS Pre-licensing improves mobile/offline experience • Automatic IRM-protection through transport rules • Transport decryption to enable AV/AS scanning • Native IRM support in OWA
  6. 6. Encryption Enable processing of rights protected e-mail Infected messages and spam can be filtered Protected messages sent to transport server Messages are re-encrypted and delivered Messages and attachments decrypted to enable content Journaled messages filtering, transport rules include decrypted clear- text copy
  7. 7. Perimeter Protection Overview Enterprise Network Edge Hub Transport Transport Routing & policy External Routing & AV/AS mail Mailbox Storage of Unified mailbox items Messaging Voice mail & Mobile voice access phone Web browser Client Access Client connectivity Outlook Web services (remote user) Outlook (local user)
  8. 8. Perimeter Protection EdgeSync enhances anti-spam filtering MALWARE SAFE /BLOCKED SENDER SPAM LISTS Internet Edge Server Internal Network Safe and blocked sender lists synched to Edge in seconds Fewer false positives enables more aggressive filtering
  9. 9. Basic Anti-Spam Three layers of protection Connection Filtering 1 Incoming Internet Filters connections based on internal E-mail and third party IP block/allow lists. 1 Connection Filtering Sender-Recipient Filtering 2 2 Sender-Recipient Filtering Filters individual addresses based on internal Content lists and sender reputation. 3 Filtering Administrator Quarantine Content Filtering Mailbox / Store 3 Attachment Filtering Scans words and phrases based on User Inbox internal lists and automated analysis. User Junk E-mail Folder
  10. 10. Premium Anti-Spam More protection, less configuration 1 Connection Filtering • Pre-configured DNS Block List • Aggregates data from multiple vendors Administrator configures IP block/ allow lists and DNS block lists 2 Sender-Recipient Filtering • Sender-recipient lists managed from Administrator configures sender- one point on console recipient lists separately Content Filtering 3 • Pre-configured content filter • Continuous minute-by-minute updates • Configurable content filter • Inspects file type, not just extension • Bi-weekly automatic updates • Attachments stripped per extension
  11. 11. Forefront Anti-Malware One solution, multiple anti-malware engines • Deploy single solution using multiple integrated technologies • Includes all engines in base cost • Run up to five engines simultaneously on any scan job • Most up-to-date engine automatically selected for optimal performance A B C D Internet Exchange 2010 E
  12. 12. The Multiple Engine Advantage Proven faster, more effective Response time1 (in hours) Single-engine solutions • Rapid response WildList Number Malware Name Forefront Engines Vendor A Vendor B Vendor C to new threats 01/09 01/09 autorun_itw542.ex_ buzus_itw3.ex_ 0.00 0.00 1185.47 2.92 89.83 10.87 1161.83 53.98 • Fail-safe protection 01/09 01/09 conficker_itw5.dl_ koobface_itw18.ex_ 0.00 0.00 0.00 360.65 113.55 0.00 0.00 1050.18 through 01/09 momibot_itw2.ex_ 0.00 0.00 0.00 982.05 01/09 pinit_itw2.ex_ 42.85 205.03 0.00 873.23 redundancy 01/09 zbot_itw30.ex_ 0.00 0.00 0.00 0.00 01/09 zbot_itw31.ex_ 0.67 990.50 1.17 53.75 01/09 zbot_itw39.ex_ 0.00 946.40 0.00 0.00 • Diversity of 02/09 02/09 agent_itw94.ex_ autorun_itw580.ex_ 0.00 0.00 0.00 341.37 204.17 917.60 723.10 336.67 antivirus engines 02/09 02/09 autorun_itw585.ex_ autorun_itw594.ex_ 0.00 0.00 602.93 704.05 0.00 0.00 0.00 42.40 and heuristics 02/09 02/09 magania_itw21.ex_ onlinegames_itw624.ex_ 0.00 0.00 0.00 386.88 0.00 22.12 522.60 0.00 02/09 onlinegames_itw627.ex_ 0.00 207.33 60.88 7.42 02/09 onlinegames_itw643.ex_ 0.00 22.13 6.22 32.18 02/09 zbot_itw42.ex_ 0.00 1120.87 0.00 0.00 03/09 autoit_itw90.ex_ 0.00 0.00 0.00 1101.62 03/09 autorun_itw597.ex_ 0.00 555.12 0.00 16.88 03/09 autorun_itw598.ex_ 0.00 2.88 187.27 667.85 03/09 autorun_itw601.ex_ 0.00 510.32 0.00 0.00 Less than 5 hours 03/09 autorun_itw616.ex_ 0.00 555.12 0.00 16.88 03/09 ircbot_itw485.ex_ 0.00 3.37 0.37 79.05 5 to 24 hours 03/09 mariof_itw2.ex_ 0.00 309.40 945.95 653.03 03/09 onlinegames_itw651.ex_ 0.00 0.00 145.48 55.47 03/09 zbot_itw43.ex_ 0.00 757.28 0.00 0.00 More than 24 hours ** 0.00 denotes proactive detection 1 Source: AV-Test.org 2009 (www.av-test.org)
  13. 13. Hosted and Hybrid Protection Forefront Online Protection for Exchange Hosted Service On-Premise Software Internet SMTP Edge Transport Hub Transport Mailbox Antivirus and anti-spam protection for Exchange Server 2010 Server Roles A choice of security options Hosted: - Stop spam and viruses before they reach your network - Reduce security management costs and maintenance Hybrid: - Protection for both external and internal threats
  14. 14. Unified Management One console for Exchange and Forefront settings Central configuration for managing Exchange Dashboard for enterprise-wide 2010 and Forefront on premise and hosted visibility and reporting security settings Forefront Reports Exchange SPAM Detail Statistics Report Scope: All Computers Report Time Span: Start: 8/29/2007 09 :00 PST End: 8/30/2007 09 :00 PST Generated on: 8/30/2007 09 :00 All dates and times are shown in Pacific Time (GMT -8:00) Consolidated Exchange SPAM Detail Statistics Data Scope: All view of filters Message Blocked by connection filter 10000 and settings 8000 IP Block List 4000 IP Block Providers 6am 6pm Message Allowed by connection filter 10000 8000 IP Allow List 4000 6am 6pm Message Blocked by SMTP filter 10000 8000 Sender Sender ID 4000 Recipient 6am 6pm Message Distributed by content filter actions 10000 Received 8000 Rejected Deleted 4000 Quarantined 6am 6pm SPAM Confidence Level distribution SCL 0 SCL 1 SCL 2 SCL 3 SCL 4 SCL 5 SCL 6 SCL 7 SCL 8 SCL 9 Unknown
  15. 15. Exchange 2010 + Forefront Better Together Security Superior anti-spam and anti-virus protection • Configurable multi-layered filtering agents • Continuous automatic content updates • Multi-engine malware for faster, more reliable filtering Extended encryption capabilities • Automatic encryption inside and outside the organization • Broad support for S/MIME and Information Rights Management Simplified management • Option of hosted and hybrid AV/AS options for lower TCO • Manage Exchange and Forefront settings from one console
  16. 16. © 2009 Microsoft Corporation. All rights reserved. Microsoft and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×