Come learn how Forefront and Exchange Server 2010 work better together! This session covers how Forefront Protection 2010 for Exchange Server (FPE) and Forefront Online Protection for Exchange (FOPE) will facilitate protection of Microsoft Exchange Server 2010 from malware and unsolicited mail.
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Microsoft Exchange Server 2010 and Forefront Secure Messaging
1.
2. Better Together: Microsoft Exchange Server 2010 and Microsoft Forefront Secure Messaging Solution Cristian Mora Technical Product Manager Microsoft Corporation SIA 311 Alexander Nikolayev Program Manager Microsoft Corporation SIA 311
3. Agenda E-mail Security Threats Spam & Malware Phishing & Viruses Premium Antimalware Protection Premium Antispam Protection Administration and Management Forefront/Exchange Better Together Security Forefront Protection 2010 for Exchange: Key Differentiators Forefront/Exchange Better Together: Benefits and Better Together Security Summary
4. Top E-mail Threat Concerns Malware via URLs, Malware via Attachments, Phishing, Spam, Data Leakage. Source: Messaging Security Survey: The Good, Bad, and Ugly Study. IDC, 2009
5. “The growth in e-mail traffic means that over the next four years, organizations will need increasingly better defenses against all types of spam and malware… Battling spam alone is very costly – in 2009, a typical 1,000-user organization spends over $1.8 million annually to manage spam.” — The Radicati Group, Inc., E-mail Security Market, 2009-2013 … Around $8 Billion Lost to Viruses, Spyware and Phishing… 2 million consumers have had to replace their computers over the past two years due to software infections… 1 in 5 online consumers have been victims of Cybercrime… — 2009 State of the Net Survey “As one leading financial institution told us, it routinely sees that at least 14 out of every 15 incoming emails are pure spam” - Forrester Wave Email filtering Q2 2009, April 2009 “Almost 60% of organizations reported spam blocking effectiveness of less than 95%” - Brian E. Burke, “Messaging Security Survey” IDC February 2009
6. 7,197 5,259 5,242 4,564 4,630 4,367 4,280 3,326 2,854 2,870 2,625 2,560 1,707 May Jun Jul Apr Aug Mar Sep Feb Oct Jan Nov Dec04 Dec05 New Phishing Sites By Month Source:http://www.antiphishing.org
9. Business Ready SecurityHelp securely enable business by managing risk and empowering people Protection Access Protect everywhere, access anywhere Identity Simplify the security experience, manage compliance Management Highly Secure & Interoperable Platform Integrate and extend security across the enterprise from: to: Block Enable Cost Value Siloed Seamless
10. Information Protection Identity and Access Management Business Ready Security Solutions Secure Endpoint Secure Collaboration Secure Messaging
18. Forefront Protection 2010 for Exchange Server Antispam Protection DNSBL New content filter engine Anti-Backscatter Multiple engines Hybrid Model Enhanced Filtering Keyword Filtering Support for earlier Exchange server versions (Exchange 2003) FOPE Integration Integrated provisioning and Management File Filtering Multiple Engine Support Antivirus protection Antispam protection Exchange 2007 Integration Integrated into the Transport Pipeline Administration Powershell support New Interface dashboard Edge, Hub, and Mailbox Hyper V support Improved Performance VSAPI for virus scanning Microsoft Antispyware engine
19. Forefront/Exchange Better Together: Surpassing Security Expectations Exchange 2010 Forefront 2010 Encryption Antivirus Antispam Default Intra-Org ∙ Inter-Org mTLS support ∙ IRM support Multiple Engine Malware Detection Basic Premium Unified Management Hosted, Hybrid Protection Standard CAL Enterprise CAL
21. Protection 2010 for Exchange Server Forefront Protection 2010 for Exchange Server Deployment Options
22. Forefront Protection 2010 for Exchange Server Threat Management Gateway Enterprise Network Edge Transport Protection Availability: Exchange 2010 Exchange 2007 SP1 Hub Transport Routing & Policy External Mail Protection 2010 for Exchange Server Protection 2010 for Exchange Server Unified Messaging Voice mail & voice access Mailbox Storage of mailbox items Mobile phone Protection 2010 for Exchange Server Threat Management Gateway Client Access Client connectivity Web services Web browser Phone system (PBX or VOIP) Outlook (remote user) Line of business applications Outlook (local user)
23. Protection 2010 for Exchange Server Forefront Protection 2010 for Exchange Server Malware Protection
24.
25. Single-engine vendors provided responses in 5 days, 4 days,and 6 days respectively. Automatic Engine Updates On premises or in the cloud 99% spam detection* * With premium antispam services “ “Forefront Security for Exchange Server can support up to five scanning engines at the same time. Thus, it offers a more secure environment, compared with products that support using only a single engine.” - Akihiro Shiotani, Deputy Director of the Infrastructure Group Source: New Solution Helps Pharmaceutical Maker Improve IT Performance and Security. Microsoft case study, June 2008. http://www.microsoft.com/casestudies/Case_Study_Detail.aspx?CaseStudyID=4000002230
26. Forefront Protection 2010 for Exchange Server: Multiple AV Scanning Engines Advantages Leading antimalware engines deployment via integrated solution, Allows multi-directional protection of messaging stream: inbound, outbound, internal, and data at rest, Intelligent Engine Selection: Automatically chooses the most current and effective engines first, Allows administrators to balance security with performance needs. Removal of a single point of failure in the organization, Lower TCO – all engines included in base cost.
27. Performance Improvements Forefront Protection 2010 for Exchange Server vs. Forefront Security for Exchange 2007 Results (5 engines test) Technology investment Message throughput improvement From 25 to 40 messages/second Measured reduction is 30% Reduction in Context Switches Improvements in CPU Utilization 15% in CPU Utilization improvement Native 64-bit supportC Coming in SP1 Gated by the Exchange Server perf Spam Filtering throughput
32. Forefront Protection 2010 Antispam Features Recipient Filter Sender ID Filter Sender Filter Content Filter DNSBL Filter Backscatter Filter Junk E-mail Filter IP Block List Layered Antispam Technologies Connection Filtering (IP Block/Allow, DNSBL, SenderID filters) Protocol Filtering (Sender, Recipient, Backscatter filters) Content Filtering (spam/phishing) New additions: DNSBL, Cloudmark CMAE Engine, Backscatter, Hybrid Model
33. Reducing the Carbon Footprint of Spam: Forefront DNSBL Implemented as SMTP Receive Agent, configuration/maintenance-free feature, Multiple external and internal RBL providers with continuous flow of feeds, Queries sent to Forefront-owned DNS infrastructure, Efficiency: based on internal MSIT numbers 80-85% of all incoming connection requests being denied by DNSBL, Rejection response is actionable (to help with the corrective actions: “550 5.7.1 Do thisto get the IP removed from the DNSBL list…”
51. Relevant parts of the entire message are fingerprinted* Exceptions apply (Safe Senders/Recipients/Safe Listed IPs etc.)
52. Content Filter SCL definitions Forefront Content Filter enables normalization of raw spam score from CMAE engine to SCL Forefront normalization logic: All messages classified as not spam get SCL:-1 SCL assignment logic can be reverted to SCL:0 via powershell (New-FseExtendedOption –Name CFAllowBlockedSenders –Value true) SCL:-1 boundaries are within -1 to 4 in Exchange Actions available for messages within SCL range 5 to 9: Reject/Delete/Stamp and Continue/Quarantine SCL assigned to the message and can be enforced on a per-recipient basis
54. Forefront Unified Monitoring and Reporting Single Node – basic reports available for each technology layer, Multi Node – advanced reports available via Forefront Protection Manager, Single connection point to reporting via Forefront UI, Agent Logs, Perfmon Data, Incidents and Quarantine Database, Rich Eventing Model. Author policy Deploy Correct Collect Events Analyze View Alerts & Reports
58. Easy to use inerfaces and templates for system configuration and threat response“ "It let them bring everything together into one package for ease of management in the network“ - Amy Babinchak, Harbor Computer Services, Inc. Source: New Solution Helps Pharmaceutical Maker Improve IT Performance and Security. Microsoft case study, June 2008. http://www.microsoft.com/casestudies/Case_Study_Detail.aspx?CaseStudyID=4000002230
60. Protection 2010 for Exchange Server Forefront Protection 2010 for Exchange Server: an extension into Online Services
61. Firewall Hybrid Messaging SecurityWith FPE + FOPE + Exchange On-Premise Software Internet Spam policy Mail Spam policy FOPE Gateway Full Management Policy SMTP Mail Exchange Hub Mailbox Server Exchange Edge Antivirus and antispam protection for Exchange Server 2007/2010 Server Roles Protection 2010 for Exchange Server
62. Malware Protection: Multiple Engines Spam Protection: Layered Defense Key Differentiators Ease of Administration, Monitoring, and Reporting Protection 2010 for Exchange Server Hybrid Model: Integration with Online Service
63. Forefront Protection 2010 for Exchange Server Benefits Integrated multiple engine malware protection, Best of breed spam protection for on the premises and in the cloud customers: Precise spam detection with above 99% catch rate, Reduction in Carbon Footprint of spam by early rejection of unwanted messaging stream. Hybrid Model and Ease of Administration: Low TCO with High ROI for Exchange organizations, Flexible implementation.
64. Exchange + Forefront Better Together Security Summary Exchange 2010 provides… Default encryption and broader support for IRM Extensive infrastructure for per-user SCL Incremental Edge Synch for safe/blocked senders Per recipient list aggregation from Outlook Forefront 2010 extends foundation with… Premium multiple engine antimalware Auto-configuration of antispam agents Unified management of FPE, Exchange, FOPE Leading antispam content filter engine (above 99% detection rate) Option of hosted and hybrid protection for lower TCO Config/maintenance-free setup.
77. Please Complete An Evaluation FormYour input is important! Multiple ways to access Online Evaluation Forms: CommNet stations located throughout conference venues Via a Windows Mobile device Via the CommNet “Julian” offline Windows Mobile evaluation and session scheduling tool From any wired or wireless connection to:https://www.MyTechReady.com 1. 2. 3. 4. For more information please refer to your Pocket Guide Speaker – Click Hereto Launch Video