Help securely enable business by managing risk and empowering people Protect everywhere, access anywhere Identity Integrate and extend security across the enterprise Highly Secure & Interoperable.
Download ReportTranscript Help securely enable business by managing risk and empowering people Protect everywhere, access anywhere Identity Integrate and extend security across the enterprise Highly Secure & Interoperable.
Help securely enable business by managing risk and empowering people Protect everywhere, access anywhere Identity Integrate and extend security across the enterprise Highly Secure & Interoperable Platform Simplify the security experience, manage compliance Across on-premise & cloud from: Block Cost Siloed to: Enable Value Seamless Protect endpoints from emerging threats and information loss, while enabling more secure access from virtually anywhere INTEGRATE and EXTEND security PROTECT everywhere ACCESS anywhere • Enables multi-layered antimalware protection • Protects critical data wherever it resides • Provides more secure always-on access • Uses existing System Center Configuration Manager infrastructure • Builds on and extends Windows security SIMPLIFY security, MANAGE compliance • Provides unified administration for desktop management and protection • Increases visibility of potentially vulnerable desktops Lower Cost of Deployment • Built on Configuration Manager software distribution infrastructure • Supports all Configuration Manager topologies including Branch Office and Non-DomainJoined • Ease of migration • Deployed across various operating systems (Windows Client & Server) Be Protected and Stay Productive • • • • Protect your desktops against viruses, spyware, rootkits, and malware Productivity oriented default configuration Integrated host firewall management Backed by global Malware Research and Response Unified Desktop Management • • • • Unified management interface targeted for the desktop admin Actionable and timely alerting Simple operation-oriented policy administration Historic reporting for security administrator Protection Malware Protection • Proven Microsoft Antimalware Engine • Zero Day Protection Through: • Behavior Monitoring • Emulation • Heuristics & Generics • Antimalware/Rootkit Protection • Windows Firewall Management • Performance-Oriented Defaults • Template-driven policy creation based on risk • Workload-specific policies for servers I need effective yet easy experience on my PCs to protect files, information, and identity High Productivity My users just want to work w/ minimal productivity hit, in the office or on the go Reactive Techniques (Against Known Threats) Proactive Techniques (Against Unknown Threats) Behavior Monitoring Application Layer File System Layer Network Layer In FEP 2010 In Win7 Data Execution Protection Address Space Layer Randomization Windows Resource Protection Antimalware Antimalware Dynamic Translation Translation & & Dynamic Emulation Emulation Internet Explorer 8 SmartScreen AppLocker Windows Firewall Centralized Management Real-time on-access protection System scanning and cleaning Behavior Monitoring Reputation Services Dynamic Signature Service Rootkit Detection and Removal New in FEP SpyNet / MRS Improved 2 Behavior and Kernel Monitoring Lo-Fi Generics 3 Real-time Protection Generics / Heuristics Scheduled / On Demand Scans After Malware Runs 1 Before Malware Runs Dynamic Signature Service 4 Behavior Monitoring Events Advanced Remediation Response Portal HANDLE hFile; hFile = CreateFile(L"NewVirus.exe", GENERIC_WRITE, 0, NULL, CREATE_NEW, FILE_ATTRIBUTE_HIDDEN, NULL); ... push 40000000h push offset string L"NewVirus.exe” call dword ptr [__imp__CreateFileW@28] cmp esi,esp DT ... push push call cmp 40000000h offset string L"NewVirus.exe” dword ptr [DT_CreateFile] esi,esp Real-Time Signature Delivery Behavior Classifiers Reputation Researchers Client Real-time Signature Sample Submit Sample Req Properties / Behavior SpyNet / MRS Keep Protected I need to centrally monitor FEP deployment, push missing updates and fix configuration issues Management • Converged System Management • Simple Centralized Policy • Critical Level Alerting • Security admin-oriented Reporting • Desired Configuration Manager (DCM)-based Vulnerability Assessments Report Compliance Show me last month trend of protection compliance Alert on Outbreak Alert me on emerging threats before they affect productivity FEP Central Site Primary Site Primary Site Primary Site Configuration Manager Console FEP UI Event log Configuration Manager Software Distribution Configuration Manager Reporting Configuration Manager Server DCM Configuratio n Manager Agent Registry WMI FEP Reports Managed Computer Configuration Manager DB FEP Reporting DB Configuration Manager FEP Forefront Endpoint Protection 2010 FEP Client FW WMI Registry GP Update Status, tasks Events AM Policy • Configuration Manager • Operationalized interface • Provides logging, reporting, status • Group Policy • Allows server admins to manage directly • Reporting and logging through System Center interface WSUS Event Log Configuration Manager Role-based and scope-based access controls for security admins Heterogeneous support for Mac and Linux SIA320 |Business Ready Security: Protecting Endpoints from Advanced Threats with Microsoft's Secure Endpoint Solution SIA301 |Secure Endpoint: DirectAccess and Microsoft Forefront Unified Access Gateway 2010, the Complete Remote Access Solution SIA308 | Secure Endpoint: Advanced Protection from Dynamic Threats, a Microsoft Forefront Threat Management Gateway 2010 Deep Dive SIA309 |Secure Endpoint: What’s in Microsoft Forefront Endpoint Protection 2010 - A Deep Dive into the Features and Protection Technologies SIA325 | Secure Endpoint: Virtualizing Microsoft Forefront Threat Management Gateway (TMG) SIA02-INT | Secure Endpoint: Planning DirectAccess Deployment with Microsoft Forefront Unified Access Gateway SIA07-INT | Secure Endpoint: Architecting Forefront Endpoint Protection 2010 on Microsoft System Center Configuration Manager SIA05-HOL | Microsoft Forefront Threat Management Gateway Overview SIA09-HOL | Secure Endpoint Solution: Business Ready Security with Microsoft Forefront and Active Directory SIA11-HOL | Microsoft Forefront Unified Access Gateway (UAG) and Direct Access: Better Together Red SIA-3 | Microsoft Forefront Secure Endpoint Solution Learn more about our solutions: http://www.microsoft.com/forefront Try our products: http://www.microsoft.com/forefront/trial www.microsoft.com/teched www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st http://northamerica.msteched.com/registration You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year