2. Forefront Ürün Ailesi Nedir ? Yeni Ürünler Yenilikler Yol Haritası Sorular Ajanda
3. Forefront Nedir ? Microsoft Forefront, mevcut IT altyapınızla kolayca entegre olan, yönetim, dağıtım ve analizde basitlik sağlayan, ve size detaylı bir güvenlik koruması sağlayan Güvenlik Ürünleri Ailesidir.
5. İş Gereksinimleri ve IT Zorlukları İş kaynaklarını genişletme sorunları Birlikte çalışma için basitleştirilmiş kullanıcı deneyimi Çoklu aygıt ve ofis zorlukları Uygulamalara her yerden güvenli erişim Hassas bilgilerin artması Hassas bilgilerin korunması Mali motive ile gelişen tehtidler Tehtidlere karşı korunma İş gereksinimleri IT ihtiyaçları Çeviklik ve Esneklik Kontrol
6. Business Ready Security Business Ready SecurityHelp securely enable business by managing risk and empowering people Protection Access Identity Management Heryerde koruma, Herhangi bir yerden erişim Basitleştirilmiş güvenlik deneyimi, Uyum Yönetimi İşletme genelinde entegre ve genişletilebilir güvenlik Highly Secure & Interoperable Platform
7. Business Ready Security Business Ready Security Solutions Integrated Security Secure Messaging Secure Endpoint Secure Collaboration Information Protection Identity and Access Management
15. Forefront Threat Management Gateway Web Security Service Forefront Protection 2010 for Exchange Server Forefront Online Protection for Exchange Forefront Protection Suite (FPS) UAG Unified Access Gateway Neleri İnceleyeceğiz ?
17. Firewall VPN Caching Proxy Web Access Policy Group URL Filtering Web Antivirüs SSL Inspection Intrusion Prevention System Email Security Enhanced Network Address Translation (NAT) Enhanced Voice over IP support Integration with "Stirling" Windows Server 64-bit support TMG Yenilikleri ?
25. Bir motor güncellemeler için devre dışı kaldığı zaman diğerlerinin korumayı sağlamasıSingle-engine solutions 1AVtest.org tarafından yapılan bağımsız araştırmalara göre
53. Multi-layer Spam Defenses Safelist aggregation Hybrid Model Protocol Filtering Connection Filtering Content Filtering* 3 2 1 Incoming Internet E-mail Anti-Backscatter Sender Filtering SMTP Tarpitting SenderID Filter DNSBL IP Allow/Deny Quarantine Language Independent 3rd Party Engine Recipient Filtering File Filtering SMTP backpressure Open Proxy Exception lists Keyword Filtering Anti-phishing IP submission rate Outbound Spam scanning 1 Connection Filtering Multi-directional 2 SMTP Filtering SMTP Content Filtering 3 Administrator Quarantine Mailbox / Store User Inbox User Junk E-mail Folder Premium Level Certification for 99% ongoing cumulative detection rate! *Includes new industry-leading filteringengine from Cloudmark
54. Hybrid Messaging Security Hosted Service On-Premise Software Firewall SMTP Internet Hub Transport Server Mailbox Server Client Access Server Antivirus and anti-spam protection for Exchange Server 2007 Server Roles Next generation added functionality
58. Stirling – Forefront Protection Suite “Stirling” Console Simplified Administration Easy Investigation Faster Response Exchange Protection Antivirus Antispyware Firewall Host Firewall Management Web AV Content Filtering Vulnerability Assessment & Remediation Remote Access vNext vNext vNext New Advanced Anti-Spam Network Inspection System NAP Integration NAP Integration SharePoint Protection Device Control AD Activity Analysis Endpoint Protection Edge Protection Content Filtering Messaging and Collaboration Server Protection
59. Stirling – Forefront Protection Suite Microsoft Codename “Stirling” Bütünleşik Güvenlik Sistemi Yönetim & Görünürlük Dinamik Cevaplar Eylem Eylem Paylaşılmış Bilgiler Son Nokta Güvenliği Mesajlaşma & İşbirliği uygulama güvenliği Dış bağlantı güvenliği
60. Nasıl Çalışıyor ? Forefront Security Assessment Channel Microsoft Update Stirling Core Server Windows Server Update Services (WSUS) Stirling Data Analysis & Collection Servers Threat Management Gateway Servers Systems Center Operations Manager Settings Settings Settings Settings Virus &Spyware Definitions Events Events Events Events Exchange Servers Stirling Console SharePoint Servers Desktops, Laptops and Servers
65. IBM, SAP,Oracle Mobile Home / Friend / Kiosk HTTPS / HTTP TS HTTPS (443) Internet Direct Access Non web Authentication End-point health detection Enterprise Readiness Edge Ready Information Leakage Prevention Non-Windows Business Partners / Sub - Contractors AD, ADFS, RADIUS, LDAP…. Data Center / Corporate Network Employees Managed Machines Internet / home / hotel / other company
66. UAG IAG 2007 UAG Application Intelligence and Publishing End Point Security SSL Tunneling Information Leakage Prevention Robust Authentication Support (KCD, ADFS, OTP) Product Certification (Common Criteria, ICSA) New NAP Integration New New Terminal Services Integration New Array Management New Enhanced Management and Monitoring (MOM Pack) New Enhanced Mobile Solutions New New and Customizable User Portal New Wizard Driven Configuration New Direct Access and SSTP Integration
Optimizes antivirus scanning on E14. Forefront Security for Exchange Server utilizes the transport agents and virus scanning API technologies of E14, helping provide compatibility, stability and optimal scanning performance for E14 server.
From left to right:IAG provides services to four types of audiences (from bottom up):Employees that are roamed with their laptops and need access. There are few reasons why they need UAG and not traditional VPN:Behind firewall most IPSec VPNs doesn’t work because they are UDP.Having the portal as one entry point for all corporate resources.No need to install and configure VPN client.Strong authentication (see next slides)Business partners / sub-contractors: today companies either provide them full VPN access which is almost irresponsible thing to do or just collaborate with them over e-mail. See the study in the end-point health slides for example about the risk of open the network for partners. Hostile environments like home PC, friends PC, Kiosk. “In any home where there is a teenager, the home PC is hostile environment….”Mobile devices – they are always outside the network.UAG Functionality Pillars (authentication, end-point health, etc.) are listed here but there are separate slides on each one of them.UAG Supports three types of applications delivery:Web / HTTP based where it acts as a reverse proxy. Among the tens of applications that are supported are:Exchange: Outlook Web Access, Outlook Anywhere (RPCoHTTP) and Exchange ActiveSync.SharePoint (all versions including 2007)Microsoft Dynamics CRM (3.0 and 4.0)Non-Microsoft applications such as IBM Lotus, IBM Domino, SAP portals, Oracle PeopleSoft, etcFor full list of applications that are supported today with IAG 2007 look here: http://technet.microsoft.com/en-us/library/cc303258.aspxTerminal Services applications that are served via Terminal Services Gateway that is embedded within UAG. UAG supports RemoteApp and RemoteDesktopNon-Web/HTTP applications by providing ad-hoc tunneling.
