Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

24 Hours Of Exchange Server 2007 ( Part 14 Of 24)

2,047 views

Published on

Maintaining Anti-Virus

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

24 Hours Of Exchange Server 2007 ( Part 14 Of 24)

  1. 1. 24 Hours of Exchange Server 2007 (Part 14 of 24): Maintaining AntiVirus Harold Wong [email_address] blogs.technet.com/haroldwong Audio: please try Streaming Internet Audio first If that doesn’t work, use: (800) 683-9254: Pin 3054
  2. 2. What We Will Cover <ul><li>Understanding antivirus functionality </li></ul><ul><li>Deploying a defense-in-depth approach </li></ul><ul><li>Antivirus software integration </li></ul>
  3. 3. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Microsoft ® Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  4. 4. Introduction to Anti-Spam Management <ul><li>Sender reputation filtering </li></ul><ul><li>Recipient ID filtering </li></ul><ul><li>Attachment filtering </li></ul><ul><li>Connection filtering </li></ul>Which of the following is not a type of Exchange Server 2007 anti-spam filtering?
  5. 5. Introduction to Anti-Spam Management <ul><li>Connection filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Outlook junk e-mail filtering </li></ul>Which anti-spam filtering feature includes the spam quarantine?
  6. 6. Introduction to Anti-Spam Management <ul><li>Perimeter firewall </li></ul><ul><li>Edge Transport server </li></ul><ul><li>Internal firewall </li></ul><ul><li>Connection filtering </li></ul>What is considered the first line of defense against spam attacks?
  7. 7. Understanding Individual Components <ul><li>IP Allow List </li></ul><ul><li>Safe Provider List </li></ul><ul><li>Real-time Block List </li></ul><ul><li>Spam Quarantine List </li></ul>Which of the following is not a feature of connection filtering?
  8. 8. Understanding Individual Components <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Which of the following filters do not query outside servers or services?
  9. 9. Understanding Individual Components <ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Which of the following component level filtering includes safelist aggregation?
  10. 10. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  11. 11. The Defense-in-Depth Approach Perimeter Security Edge Security Data Security
  12. 12. Virus Protection with Spam Filters . exe . dll .com . bat Reverse DNS Lookup Query Sender’s DNS Tarpitting RBL Lookup Connection Filtering Recipient Filtering Sender ID Filtering Sender Reputation Filtering Attachment Filtering
  13. 13. <ul><li>Configuring Filters for Virus Protection </li></ul><ul><ul><li>Configure RBL lookups </li></ul></ul><ul><ul><li>Query sender’s DNS </li></ul></ul><ul><ul><li>Configuring attachment filtering </li></ul></ul>demonstration
  14. 14. Outlook Web Access Virus Protection Public computer Private computer
  15. 15. Exchange Server 2007 Spam Quarantine Spam quarantine mailbox Yes SCL exceeds quarantine No
  16. 16. <ul><li>Managing the Spam Quarantine </li></ul><ul><ul><li>Create the spam quarantine mailbox </li></ul></ul><ul><ul><li>Set spam mailbox in the Edge Transport </li></ul></ul><ul><ul><li>Reviewing the spam quarantine mailbox </li></ul></ul>demonstration
  17. 17. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Attachment filtering </li></ul>Q1: Which spam filtering technology played an early role in virus protection?
  18. 18. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Sender ID filtering </li></ul><ul><li>Sender reputation filtering </li></ul>Q2: Which type of filtering allows the Edge Transport server to look up IP addresses in a list of known virus hosts?
  19. 19. AntiVirus Features of Exchange Server 2007 <ul><li>Connection filtering </li></ul><ul><li>Sender filtering </li></ul><ul><li>Content filtering </li></ul><ul><li>Attachment filtering </li></ul>Q3: Which filtering mechanism moves e-mail messages into the spam quarantine mailbox?
  20. 20. Agenda <ul><li>Review </li></ul><ul><li>Antivirus features in Exchange Server 2007 </li></ul><ul><li>Antivirus Software and Services </li></ul>
  21. 21. Antivirus Software Integration VSAPI (Not Recommended)
  22. 22. Forefront Security for Exchange Server Client Security Hub Security Edge Security CA Sophos AhnLab VirusBuster Kaspersy Labs Norman Data Defense * Microsoft ® Forefront™ Security for Exchange Server (FSE)
  23. 23. <ul><li>Installing Forefront Security </li></ul><ul><ul><li>Install the Forefront security software </li></ul></ul><ul><ul><li>Run the Forefront security administrator </li></ul></ul><ul><ul><li>Send and scan an e-mail message </li></ul></ul>demonstration
  24. 24. Exchange Hosted Filtering Messages containing active malicious code E-mail quarantine Directory Service Exchange Hosted Filtering
  25. 25. Third-Party Products
  26. 26. AntiVirus Software and Services <ul><li>Edge Transport server </li></ul><ul><li>Hub Transport server </li></ul><ul><li>Mailbox server </li></ul><ul><li>Desktop client computers </li></ul>Q1: Which system should not run e-mail antivirus scanning according to Exchange Server 2007 best practices?
  27. 27. AntiVirus Software and Services <ul><li>Five </li></ul><ul><li>Six </li></ul><ul><li>Seven </li></ul><ul><li>Eight </li></ul>Q2: What is the maximum number of antivirus scanning engines that can be configured for Forefront?
  28. 28. AntiVirus Software and Services <ul><li>One </li></ul><ul><li>Two </li></ul><ul><li>Three </li></ul><ul><li>Four </li></ul>Q3: What is the minimum number of antivirus engines you can configure when using Microsoft Exchange Hosted Filtering?
  29. 29. Session Summary <ul><li>Antivirus functionality in Exchange Server 2007 </li></ul><ul><li>Defense-in-depth approach </li></ul><ul><li>Antivirus software integration </li></ul>
  30. 30. Questions and Answers <ul><li>Submit text questions using the “Ask” button. </li></ul><ul><li>Don’t forget to fill out the survey. </li></ul><ul><li>For upcoming and previously live webcasts: www.microsoft.com/webcasts </li></ul><ul><li>Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781 </li></ul><ul><li>Today's webcast was presented using Microsoft ® Office Live Meeting. Get a free 14-day trial by visiting: www.microsoft.com/presentlive   </li></ul>

×