Future of the Server Room Tour. Future of Your Server Room Three Pillars of Windows Server 2008...

Future of theServer Room Tour

<Name><Title><Date>

Future of Your Server Room

Three Pillars of Windows Server 2008Virtualization Today and TomorrowTake Control of Your NetworkBring Security to the Forefront

Ottawa Montreal Calgary Vancouver Toronto

Security ChallengesSecurity is still a key priority

73% of IT Pro’s fear losing their job due to security breach*65% of attacks are initiated internally**

Multiple servers, multiple different AV tools; different AV tool, different management toolOut of date AV definitions open the door to possible threatsManagement and monitoring of client security


* King Research 2007** Gartner Report 2006

Defence In-Depth


Policies, Procedures, & Awareness

Physical Security

Using a layered approach:Increases an attacker’s risk of detectionReduces an attacker’s chance of success

OS hardening, authentication, patch management

Firewalls, Network Access Quarantine Control

Application hardening, antivirus

ACLs, encryption, EFS

Security documents, user education

Perimeter

Internal Network

Host

Application

Data

Guards, locks, tracking devices

Network segments, IPSec, NIDS

3 Dimensions of Client Security


User Account Control

IE7 with Protected Mode

Randomize Address Space Layout

Advanced Desktop Firewall

Kernel Patch Protection (64bit)

Unified Virus & Spyware Protection

Central Management

Reporting, Alerting and State Assessment

Infrastructure Software Integration

Policy Based Network Segmentation

Restrict-To-Trusted Net Communications

Server and Domain Isolation (SD&I)

Combined SolutionWindows Vista™

Forefront™ Client Security

BitLocker

Protects data when it is at restAvailable in Vista and Server 2008Provides for cost effective decommissioning

Capable of almost instant disk sanitationSignificantly reduces cost of PC asset decommissioning


NetworkAccessRequests Not Compliant

Policy Compliant

How NAP Works

Corporate Network

Restricted Network

WindowsClient

NetworkAccessDevices

NPS

ActiveDirectory

RemediationServers

HealthStatements

QA

SHA

EC QS

SHV



Demo

DHCP Based NAP

Security Landscape


ForeFront Server Security

Centralized management of all the ForeFront Security toolsContent filtering for SharePointSpam protection for Exchange 2007Rapid updating of AV enginesMultiple engines to better protect your servers and clients


Multiple Engine Advantage• Rapid response to

new threats

• Fail-safe protection through redundancy

• Diversity of anti-virus engines and heuristics

• Small footprint on servers

Response Time (hours)Forefront Set 1

Forefront Set 2

Forefront Set 3

Vendor A

Vendor B

Vendor C

0406 Mytob.NQ@mm 1.5 1.0 3.1 9.9 17.4 2.1

0406 Mytob.NQ@mm 1.0 1.0 1.0 28.1 11.6 3.5

0406 Spybot!04C2 23.0 23.0 1.0 0.0 29.9 39.0

0406 Nugache.a 1.0 1.0 1.0 34.1 12.9 48.1

0506 Numuen.F 0.0 0.0 0.0 1.0 10.3 15.0

0506 Numuen.H 1.0 1.0 1.0 103.8 251.9 114.8

0506 Numuen.G 3.2 3.2 3.2 1.0 151.8 469.0

0506 Banwarum.C@mm 87.5 87.5 1.0 116.7 73.0 129.3

0506 Banwarum.B@mm 12.1 1.8 1.0 116.7 22.5 32.9

0506 Rbot!E905 0.0 0.0 0.0 1,141.8 217.6 1.0

0606 Bagle.EG 0.0 0.0 0.0 0.0 7.3 0.0

0606 Bagle.EH@mm 0.0 0.0 0.0 0.0 18.4 0.0

0606 Bagle.EG@mm 0.0 0.0 1.0 0.0 26.5 0.0

0606 Bagle.LY@mm 0.0 0.0 0.0 0.0 6.4 2.5

0706 Feebs.gen@mm 0.0 0.0 0.0 0.0 0.0 503.8

0706 Feebs.EU 0.0 0.0 0.0 52.3 173.2 39.0

0706 Virut.A 0.0 0.0 0.0 0.0 0.01,317.

0

> 24 hrs

4 to 24 hrs

< 4 hrs

1AVTest.org, 2006


Unified malware protection for business

desktop computers, mobile computers, and

server operating systems that is easier to

manage and control

One solution for spyware and virus protection

Built on protection technology used by millions worldwide

Effective threat response

Complements other Microsoft security products

One console for simplified security administration

Define policy to manage client protection agent settings

Deploy signatures and software faster

Integrates with your existing infrastructure

One dashboard for visibility into threats and vulnerabilities

View insightful reports

Stay informed with state assessment scans and security alerts

Client Security


FCS Architecture

Ottawa Montreal Calgary Vancouver TorontoNovember 2006

13

ForeFront Update Distribution

WSUS WSUS helper (if WSUS 2.0)

Force WSUS 2.0 to sync up with Microsoft Update hourly

Auto-approval rules for FCS definition updatesSubscribe to FCS product category and definition update classificationFailover to Microsoft Update


ForeFront Client Policies

FCS policy manages the followingAntimalware and Security State Assessment scan settingsSignature override settingsAlert levels and reportingAdvanced settings

Signature check frequencyPath and file extension exclusionsClient UI options



Demo

FCS Administration

Deploying Policies via File

Ability to deploy and report on a policy distributed outside of Group Policy

Exports the policy to a .reg fileImport on the client using the included “FCSLocalPolicyTool.exe”

Q: Why can’t I just double-click the .reg file and import?A1: Service is listening for an update via GP, and this won’t raise the proper event – policy won’t be picked up until you stop/start the serviceA2: The tool creates the proper LGPO object, which is the prescribed method to update policy

Can be used to distribute policy to non-AD machines (via scripts or other distribution tool)



Demo

Deploying FCS

ForeFront Reporting


Security SummaryAlert

Summary

Threat Summary

State Assessment

Deployment Summary


VisibilityIs my environment compliant with outlined policies?

Have I been exposed to and potential security threats?

Are any of my clients or servers at risk?

Guidance

Developer Tools

SystemsManagement

Active Directory Federation Services

(ADFS)

Identity Management

Services

Information Protection

Encrypting File System (EFS)

BitLocker™Network Access Protection (NAP)

Client and Server OS

Server Applications

Edge


Putting the Puzzle Together

Key Points So Far....


Defence •Mitigate internal threats•NAP/NPS to determine health of PCs

In •Deploy policies with or without AD•Report on the state of AV

Depth •Centralize management•MOM 2005 Built in

Today’s Highlights


•More Control•Greater Flexibility•Increased Security

Three Pillars

•Licensing Changes•Familiar management toolsVirtualization

•Monitor – not just Microsoft products•Report – State of network, security auditing•Act – Be proactive about maintenance

Management

•Defence In Depth•Mitigate internal threats•Leverage FCS reporting to determine state of networkSecurity

Resources

Microsoft.ca/technet/fosr/resources

Blogs.technet.com/canitpro

Blogs.technet.com/cdnitmanagers



Thanks! Please Submit Your Evaluations!

9 is good, 1 is bad!

Please tell us how we can do better!

Winners!



Questions


© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be

interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Date post:	29-Jan-2016
Category:	Documents
Upload:	matthew-hudson
View:	213 times
Download:	0 times

Future of the Server Room Tour. Future of Your Server Room Three Pillars of Windows Server 2008...

Documents