Session 11 Patrick Hevesi, Enterprise Technology Architect, WW CATM Security Lead
Microsoft Forefront – Business Ready Security Solutions
Evolving Threats
- 2 axes – threat and person
- Threats = Curiosity, Personal Fame, Personal Gain, National Interest
- Person = Script-Kiddy, Undergraduate, Expert, Specialist
- Results: Vandal (largest area by volume), Author, Trespasser, Thief (largest area by $ lost and fastest growing segment), Spy(largest amount of gov’t IT security $ spent)
Evolving Threat Landscape
- huge improvements in bandwidth of networks
- botnets leveraging peer to peer
- 88% of attacks are on applications – top 3 applications attacked: #1 Adobe Reader, #2 iTunes, #3 Quicktime
- the explosion of social networks introduce hugely naive users to places where they voluntarily give up their personal data
- Malware sites #1 Game Cheats #2 Pornography #3 Music Lyric #4 Gossip sites
- http://www.microsoft.com/sir – security intelligence report (free report – updated every 6 months)
Core Infrastructure Optimization Solutions (optimized desktop, optimized datacenter, business ready security)
- best protection is to run Windows NOT as administrator especially when surfing the web
- Microsoft worked with Intel and Dell to build security into hardware and software (OS working with the hardware – 64 bit)
- Network Access Protection – 2 certificates (IPSEC) issued – one for the machine and one for the user enforces machine health
- http://microsoft.com/optimization – self service questions to see where your organization is on a maturity scale – Dynamic IT
- Dynamic IT scale – basic (cost centre), standardized (cost efficiency), rationalized (business enabler), dymanic (strategic asset)
Business Ready Security – help securely enable business by managing risk and empowering people
- Identity Protection, Identity Access, Identity Management
Forefront – Endpoint Protection, Protection for Exchange, Identity Manager, ISA Server Edge Security (client, server, mobile, cloud)
- Defense in Depth – 64 bit hardware, 64 bit Windows 7 and Mobile, Windows Server Core, Network Access Protection (NAP)
- Services – Forefront Online Protection for Exchange
- Edge – Intelligent Gateway Application, Internet Security & Accleration Server
- Server – Forefront Security for SharePoint, Security for Exchange Server, Security for OCS
- Client and Server OS – Forefront Client Security
- Forefront has 5 built in virus scan engines working together
- Microsoft Security Essentials – free tool, next generation of Forefront Client Security
- Windows Rights Management Services – BitLocker, Encryption File System (EFS), information protection
- Identity and Access Management – Forefront Identity Manager, Windows AD, ADFS, Certificate Lifecycle Mgmt
- Systems Management – System Center – Configuration Mgr, Operations Mgr, Data Protection Mgr, Windows Server Update Services, SQL Server 2008
- New Products – Forefront Protection Management – see security on SharePoint, Exchange, OCS and the cloud services
