David B. Cross Product Unit Manager Donny Rose Senior Program Manager Microsoft Corporation • Session Code: SIA403
Download ReportTranscript David B. Cross Product Unit Manager Donny Rose Senior Program Manager Microsoft Corporation • Session Code: SIA403
David B. Cross Product Unit Manager Donny Rose Senior Program Manager Microsoft Corporation • Session Code: SIA403 Agenda Forefront Overview TMG Value Proposition Feature Drill Down Web client protection Deployment and Management Intrusion Prevention System Call to Action Business Ready Security Help securely enable business by managing risk and empowering people Identity Highly Secure & Interoperable Platform from: Block Cost Siloed to: Enable Value Seamless Forefront TMG 2010 Web Client Protection Email Protection Network Intrusion Prevention (NIPS) Network Policy Control (Firewall) Remote Access (VPN, Secure Web Publishing) Management Comprehensive Integrated Simplified Anti-Malware Integration Microsoft Confidential TMG Feature Drill Down • Array Management • Scenario UI & Wizards • Change tracking • Enhanced reporting • W2K8, R2, 64-bit • HTTP Antivirus/spyware • URL Filtering • HTTPS forward inspection • Exchange Edge/FSE integration • Anti-Virus • Anti-spam • Network Inspection System (NIS) • Security Assessment and Response (SAS) Deployment & Management Secure Web Access E-mail Protection Intrusion Prevention • NAP integration with VPN role • VoIP traversal (SIP) • Enhanced NAT • ISP Link Redundancy • SQL logging • Updated TMG Client • Update Center : • HTTP: AV+URL Filtering • Email: AV+Anti-Spam • NIS signatures Remote Access Firewall Subscription Services 7 TMG Deployment Scenarios Secure Web Gateway Unified Threat Management (UTM) Remote Access Gateway Secure Email Relay • Authenticating proxy with security • Web anti-malware and URL filtering • Inspection of HTTP and HTTPS traffic • All-in-one solution for medium businesses and for branch offices • Firewall, Proxy, VPN, IPS, Email relay in a single box • Dial-in VPN • Site to site VPN • Secure Web Publishing • Anti Spam • Anti Virus • Email Filtering Deployment and Management Microsoft Confidential Secure Web Gateway Features Malware Inspection URL Filtering HTTPS Inspection Logging & Reporting • Download scanning of web pages • Integrated Microsoft anti-malware engine • Inspection settings per rule • URL category sets and exclusions • Integrated with forward proxy • Integrated with Microsoft Reputation Services • URL filtering, malware scanning and IPS protection • TMG Client notification to end users • New log fields with URL/Malware info • SQL Server Reporting Services • Customizable reports TMG Reports URL Filtering Microsoft Confidential TMG Feature Drill Down • Array Management • Scenario UI & Wizards • Change tracking • Enhanced reporting • W2K8, R2 64-bit • HTTP Antivirus/spyware • URL Filtering • HTTPS forward inspection • Exchange Edge/FPE integration • Anti-virus • Anti-spam • Anti-phishing • Network Inspection System (NIS) Deployment & Management Secure Web Access E-mail Protection Intrusion Prevention • NAP integration with VPN role • SSTP (SSL VPN) • VoIP traversal (SIP) • Enhanced NAT • ISP Link Redundancy • SQL logging • Updated TMG Client • Update Center : • HTTP: AV+URL Filtering • Email: AV+Anti-Spam • NIS signatures Remote Access Firewall Subscription Services 13 Network Inspection System (NIS) Closes the vulnerability window between vulnerability announcement and patch deployment Vulnerability discovered Microsoft Signature Authoring Team Signatures distribution by Microsoft Update Concurrent with security patches or in response to a 0-Day attack Granular control over deployed signatures High accuracy via telemetry Intrusion Prevention System Microsoft Confidential Lausitzer Wasser GmbH Falk Schmal Information Officer Company Lausitzer Wasser GmbH Medium-sized company IO-Rationalized Public-private-partnership of Eurawasser & the City of Cottbus Eurawasser one of Germany’s leading water and waste water service companies Part of Suez-Group Intentions to Change the IT Replacing Linux-Systems reponsible for: Proxy (Squid) SMTP-Gateway (Sendmail) SPAM-Protection (Spam-Assassin) Why One solution for all aspects Better virtualization story Reducing complexity & saving costs TMG Advantages Better control and security, by Introducing Contentfiltering (URL-Filtering and Edge-A/V) Authenticating users against AD-groups Better monitoring & reporting Fits perfectly into the management solution SCOM management pack WSUS & Forefront Summary Call-to-action! Test and evaluate the new release! More than next generation firewall: full featured Threat Management solution Multiple Threat Protection: Scan, detect and mitigate malware threats Secure Connectivity: Publishing, VPN and forward proxy Resources www.microsoft.com/teched www.microsoft.com/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http://microsoft.com/technet http://microsoft.com/msdn Resources for IT Professionals Resources for Developers Complete an evaluation on CommNet and enter to win an Xbox 360 Elite! © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.