Help securely enable business by managing risk and empowering people Identity Highly Secure & Interoperable Platform Across on-premises & cloud from: Block Cost Siloed to: Enable Value Seamless.
Download ReportTranscript Help securely enable business by managing risk and empowering people Identity Highly Secure & Interoperable Platform Across on-premises & cloud from: Block Cost Siloed to: Enable Value Seamless.
Help securely enable business by managing risk and empowering people
Identity Highly Secure & Interoperable Platform
Across on-premises & cloud
from:
Block Cost Siloed
to:
Enable Value Seamless
Protect endpoints from emerging threats and information loss, while enabling more secure access from virtually anywhere
PROTECT
everywhere
ACCESS
anywhere
INTEGRATE
and
EXTEND
security
SIMPLIFY
security,
MANAGE
compliance • • • Enables multi-layered antimalware protection Protects critical data wherever it resides Provides more secure always-on access • • Uses existing System Center Configuration Manager infrastructure Builds on and extends Windows security • Provides unified administration for desktop management and protection • Increases visibility of potentially vulnerable desktops
Comprehensive Web Security
• Enables employees to safely use the Internet without worrying about malware and other threats.
Next Generation of ISA Server
• Includes and improves proven network protection technologies of ISA 2006
• HTTP Anti virus/spyware • URL Filtering • HTTPS forward inspection Secure Web Access • VoIP traversal (SIP) • Enhanced NAT • ISP Link Redundancy • Logging Improvements • Updated firewall client • NDIS Filter (Layer-2) Firewall • Exchange Edge/FPE integration • Anti-Virus • Anti-spam • Array-based Mgmt E-mail Protection • Network Inspection System (GAPA) • Flood Mitigation Intrusion Prevention • NAP integration with VPN role • Supports SSTP VPN Remote Access • Scenario UI & Wizards • Mixed Arrays • Enhanced reporting • W2K8 R1 SP2 or R2, native 64-bit Deployment & Management • Subscription Svcs: • HTTP: AV+URL Filtering • Email: AV+Anti-Spam • NIS signatures Web Protection 7
Secure Web Gateway Unified Threat Management (UTM)
• All-in-one solution for medium businesses and for branch offices • Firewall, Proxy, VPN, IPS, Email relay in a single box
Remote Access Gateway
• Authenticating proxy with security • Web Anti Malware and URL filtering • Inspection of HTTP and HTTPS traffic • Dial-in VPN • Site to site VPN • Secure Web Publishing
Secure Email Relay Management
• Anti Spam • Anti Virus • Email Filtering
MRS Cache Firewall Service
2 11
Web Proxy Engine
5 8
WinHTTP
9 4 10
WWSAPI
3 7 6
GET HTTP://my.kitty.cat.com/calico?gimmenow
HTTP://my.kitty.cat.com/calico?gimmenow
HTTP://kitty.cat.com/calico?gimmenow
HTTP://cat.com/calico?gimmenow
HTTP://com/calico?gimmenow
In MRS Cache?
SOAP Req to HTTPS://10.ds.mrs.microsoft.com
Nope… MRS Cache WWSAPI
WWSAPI POST HTTPS://10.ds.mrs.microsoft.com
WinHTTP CONNECT 10.ds.mrs.microsoft.com:443 WinHTTP SOAP Request SSL Tunnel WWSAPI 200 OK WinHTTP SOAP Response SOAP Response WinHTTP
URL Categories WWSAPI 403 12233 MRS Cache
Too Much MRS Traffic (~1GB/day)
LOTS LOTS
GET HTTP://my.kitty.cat.com/calico?gimmenow
SOAP Req to HTTPS://10.ds.mrs.microsoft.com
WWSAPI POST HTTPS://10.ds.mrs.microsoft.com
WinHTTP POST HTTPS://10.ds.mrs.microsoft.com
WWSAPI WinHTTP
http://www.microsoft.com/downloads/details.aspx?FamilyID=c17ba869-9671-4330-a63e-1fd44e0e2505
WU Config WinHTTP WPADSvc TMG Update Agent WUA API WinHTTP
MSKB 328010
MSKB 902093
Firewall Service Web Proxy Filter Malware Inspection Filter
502; 12210
Failed Connection Attempt
Additional information
TMG-01 2/3/2010 7:21:23 AM
Learn more & try our solutions at: www.microsoft.com/forefront
SIA320 |Business Ready Security: Protecting Endpoints from Advanced Threats with Microsoft's Secure Endpoint Solution SIA301 |Secure Endpoint: DirectAccess and Microsoft Forefront Unified Access Gateway 2010, the Complete Remote Access Solution SIA308 | Secure Endpoint: Advanced Protection from Dynamic Threats, a Microsoft Forefront Threat Management Gateway 2010 Deep Dive SIA309 |Secure Endpoint: What’s in Microsoft Forefront Endpoint Protection 2010 - A Deep Dive into the Features and Protection Technologies SIA325 | Secure Endpoint: Virtualizing Microsoft Forefront Threat Management Gateway (TMG) SIA02-INT | Secure Endpoint: Planning DirectAccess Deployment with Microsoft Forefront Unified Access Gateway SIA07-INT | Secure Endpoint: Architecting Forefront Endpoint Protection 2010 on Microsoft System Center Configuration Manager SIA05-HOL | Microsoft Forefront Threat Management Gateway Overview SIA09-HOL | Secure Endpoint Solution: Business Ready Security with Microsoft Forefront and Active Directory SIA11-HOL | Microsoft Forefront Unified Access Gateway (UAG) and Direct Access: Better Together Red SIA-3 | Microsoft Forefront Secure Endpoint Solution
Learn more about our solutions:
http://www.microsoft.com/forefront
Try our products:
http://www.microsoft.com/forefront/trial
www.microsoft.com/teched http://microsoft.com/technet www.microsoft.com/learning http://microsoft.com/msdn
Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31
st