Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

50357 a enu-module04

562 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

50357 a enu-module04

  1. 1. Module 4: Secure Mail Relay© 2009, Microsoft. All rights reserved. All other trademarks are the property of their respective owners.
  2. 2. Module Overview Secure Mail Relay overview Solution components Deployment considerations
  3. 3. Lesson 1 – Secure Mail Relay Overview
  4. 4. E-mail Threats ~98% of all e-mail is Estimated cost is $130 billion spam/malicious in 2009 Over 400 billion unwanted Causes 90% of NDRs e-mails in H2 2008 Risk of software vulnerabilities Percentage of incoming messages filtered by Forefront Online Protection for Exchange, 1H06-2H08 100% 80% 60% 40% 20% 0% 1H06 2H06 1H07 2H07 1H08 2H08 4
  5. 5. The Solution Filter unwanted e-mail as early as possible 100% 80% 60% 40% 20% 0% 1H06 2H06 1H07 2H07 1H08 2H08 Edge Filtered Content Filtered Unfiltered Percentage of incoming messages blocked by Forefront™ Protection for Exchange using edge-blocking and content filtering, 1H06-2H08 5
  6. 6. Mail Protection – ISA Server 2006 Simple protocol inspection only Checks valid commands, maximum length External Network SMTP Filter SMTP Server
  7. 7. Mail Protection – Forefront ThreatManagement Gateway Full featured SMTP hygiene Exchange Edge Transport for SMTP stack Requires valid license Integrated with Microsoft® Forefront™ Protection 2010 for Exchange Server Antimalware Antispam Antiphishing Also supports generic SMTP mail servers
  8. 8. E-mail Protection Features Protection at the edge Protects mail at the edge of the organization with Forefront Protection 2010 for Exchange Server Advanced protection and premium antispam Multiple scan engines to protect against malware and provide a premium antispam solution Integrated management Easy management of Microsoft Exchange Server Edge role and Forefront Protection 2010 for Exchange Server through Forefront TMG Array deployment Support for managing and load balancing traffic among multiple servers
  9. 9. Admin Interface 9
  10. 10. Lesson 2 – Solution Components
  11. 11. Solution ComponentsMicrosoft Products Forefront Protection 2010 for Exchange Server Microsoft® Exchange Server® 2007 (or 2010) Edge Transport Forefront Threat Management Gateway Windows Server® 2008 x64 11
  12. 12. Feature OwnershipFeature Exchange FPE 2010 Edge RoleIP Allow / Block Lists  IP Allow / Block List Providers  (custom)  (FF DNSBL)Sender / Recipient Filtering, Sender ID  Sender Reputation Basic Content Filtering (SmartScreen) Premium Antispam (Cloudmark) File Filtering Message Body Filtering Antivirus and Antispyware Forefront TMG cannot manage Subject Line, Sender-Domain, or Allowed Senders in FPE
  13. 13. Mail Protection – Forefront ThreatManagement Gateway Anti-virus Engines Forefront Security for Exchange (FSE) Multi-layer Filters Multi-layer Filters Exchange Edge Role Receive Connector Send Connector Network Inspection System (NIS) TMG Filter Driver External Network Internal Network ``
  14. 14. EdgeSync Service Exchange Server service running on Exchange Hub Transport role Pulls data from GC and writes to AD LDS on Forefront TMG (TCP port 50636) Configures: SMTP Routes (Exchange Connectors) Accepted Domains Global Address List Safe Sender Lists 14
  15. 15. Typical Deployment Topology Any Forefront TMG SMTP ArrayServers myorg.com Internal SMTP Server SMTP Internal Traffic Network Internet SMTP Traffic Partner EdgeSync SMTP (Exchange Server Only) MX pointing to Forefront Server TMG external IP address 15
  16. 16. Lesson 3 – Configuring SMTP Protection
  17. 17. SMTP Protection Installation In each member of the Forefront TMG array: Install Active Directory® Lightweight Directory Services (AD LDS) Install Exchange Server 2007 SP1 (or 2010) Edge Transport role Install Forefront Protection 2010 for Exchange Server Install Forefront Threat Management Gateway 2010 17
  18. 18. SMTP Protection Configuration Steps Run e-mail policy wizard Configure SMTP routes Configure spam filtering Configure virus and content filtering Enable and configure EdgeSync 18
  19. 19. Configure SMTP Routes Defines how Forefront TMG routes traffic from and to the organization SMTP servers At least two routes required: Internal_Mail_Servers define the IP addresses and SMTP domains of the internal mail servers External_Mail_Servers define which mail is allowed to enter the organization and the external FQDN/IP address that will receive mail
  20. 20. Configure Spam Filtering Defines spam filtering policy Connection-level filtering IP Allow List IP Allow List Providers IP Block List Block List Providers Protocol-level filtering Configuring Recipient Filtering Configuring Sender Filtering Configuring Sender ID Configuring Sender Reputation Content-level filtering
  21. 21. Spam FilteringConnection-level Filtering 21
  22. 22. Spam FilteringProtocol-level Filtering 22
  23. 23. Spam FilteringContent-level Filtering
  24. 24. Virus and Content Filtering Configures antivirus, file attachment, and message body filtering Virus filter – Engine selection policy and remediation actions File filters – Unwanted file attachments based on file type, filename, and prefix Message body filters – Identify unwanted e-mail messages by applying keyword lists to the contents of the message body
  25. 25. Virus and Content Filtering
  26. 26. Virus and Content FilteringConfiguration
  27. 27. Replicating Configuration to Exchange Serverand FPE FPE Service 1. TMG UI 4. Configure services using PowerShell API Administrator Exchange 3. Array Edge Service 2. Store members load to DB new configuration 27
  28. 28. Questions
  29. 29. Lab 4: Secure Mail Relay In this lab, you will: Configure EdgeSync Define an e-mail policy Verify antimalware and antispam protection Exercises 7 and 8 Estimated Completion Time: 60 min
  30. 30. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Forefront, Windows and other product names are or may be registered trademarks and/ortrademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. BecauseMicrosoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guaranteethe accuracy of any information provided after the date of this presentation.MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

×