alan schmarr consultant bui session code: 303 agenda forefront overview tmg value proposition the...
Post on 04-Jan-2016
216 Views
Preview:
TRANSCRIPT
Access and Protection: A Technical Preview and Deep Dive of the Next Generation of Microsoft ISA Server
Alan SchmarrConsultantBUISession Code: 303
Agenda
Forefront OverviewTMG Value PropositionThe deep dip
Deployment and ManagementWeb client protectionIntrusion Prevention SystemFirewall enhancements
Demos Demos Demos!Call to Action
Management & Visibility
Dynamic Response
Network EdgeServer ApplicationsClient and Server OS
An Integrated Security System
TMG At A GlanceControl Network Policy Access at the Edge (Firewall)
Protect users from Web browsing threats (Web Client Protection)
Protect users from E-mail threats (Email Protection)
Protect desktops and servers from Intrusion attempts (NIPS)Enable Users to Remotely Access Corporate Resources (VPN, Secure Web Publishing)
Simplified Management & Deployment
Comprehensive
Integrated Simplified
TMG New Feature Drill Down• VoIP traversal (SIP) • Enhanced NAT• ISP Link Redundancy
& Aggregation
Firewall
• HTTP Anti-virus/spyware
• URL Filtering• HTTPS forward
inspection
Secure Web Access
• Exchange Edge/FSE integration
• Anti-Virus• Anti-spam
E-mail Protection
• Network Inspection System (NIS)
• Security Assessment and Response (SAS)
Intrusion Prevention
• NAP integration with VPN role
• SSTP support
Remote Access
• Array Management• Scenario UI & Wizards• Change tracking• Enhanced reporting• W2K8, native 64-bit
Deployment & Management
• Update Center :• HTTP: AV+URL
Filtering• Email: AV+Anti-Spam• NIS signatures
Subscription Services
6
TMG as a Firewall
First and foremost: World Class FirewallIntegrated SIP and VOIP supportISP link redundancy & aggregationEnhanced NAT support (ENAT)SQL logging and offline supportUpdated Firewall Client
Secure auto-discovery using Active Directory
Deployment & ManagementGetting Started Wizard
Re-designed user interface with task discoverability
All new array support and management
Update Center for signatures and content updates
Windows Server 2008 and 2008 R2 platforms
Virtualization ready!
Deployment Roles for TMG
Secure
Web Gateway
Firewall / IPS
Secure Email Relay Rem
ote Acce
ss
Unified Threat Management (UTM)
Forefront TMG in the Branch
Web Proxy & CacheFeaturing• Anti-Virus• URL Filtering• HTTPS Inspection• Network Intrusion Inspection
Site to Site VPN
Windows Server 2008 R2:Single Host for TMG & BranchCache (Hosted Cache)
Web Client Protection
Malware inspection
•Download scanning of files•Integrated Microsoft AV/AM engine•Inspection settings per rule
URL filtering•URL category sets and exclusions•Integrated with forward proxy •Beta 3 functionality
HTTPS inspection
•URL filtering, malware scanning and IPS protection•Firewall client notification to end users
Logging & Reporting
•New log fields with URL/Malware info•SQL Server Reporting Services•Customizable reports
Secure Email Relay
Full featured SMTP hygieneIntegrated with Forefront Security for Exchange
Anti-malwareAnti-spamAnti-phishing
Also supports generic SMTP mail serversRequires Exchange Server installation or media
Intrusion Prevention System
Forefront Network Inspection System (NIS)Closing the vulnerability window between vulnerability announcement and patch deployment
Signatures distribution by Microsoft Update
Security assessments and responses (SAS)0-Day detection and response
Behavior based Security Assessments
Using NIS for IPS
Detect and prevent known vulnerability-based attack attempts at the Edge of the network or in datacenterSame day availability of the patch and NIS signature Closes the vulnerability window which is needed for patch testing\deployment:
Patches need to be tested more thoroughlyCustomer acceptance (similar to AV updates)
17
Vulnerabilityfound Signature authoring team
TMG
Enforcement Point• Security Assessment Services (SAS) – in response to security assessments,
enforcement of policy to block or restrict internet access
• NAP Integration – integration with NAP policy to enforce VPN client quarantine
Enhanced Security• Security Assessment Services (SAS) – better security with assessment generation
from TMG data
Enterprise Reporting• Rich Forensic Investigations – investigate security incidents with data from TMG
• Security Suite Reporting – view consolidated security reports across protection technologies
TMG – Stirling Integration
TMG Analytics
Honey pot GAPA Signature Hit
Spam Detection
Click Fraud
Bot Access
Horizontal Scan
Vertical Scan
Vulnerability Scan
Outbound Bandwidth
Failed HTTP Request
Denied Connections
Stirling CoreConfiguration and Reports
Stirling DAC
TMG Logs
Firewall Process
Write Logs
Read Logs
Assessments, Configuration via SAS Channel
SAS Agent
COMInterface
SecurityResponses
Dynamic Policy
Update
Read
SQL Report Summaries
Stirling Agent
Reports via SCOM
TMG Adapter(APTA)
Analctics in Action
SummaryCall-to-action
Test and deploy our upcoming Beta!Join Stirling private beta program through http://connect.microsoft.com
More than next generation firewall: full featured Threat Management solutionMultiple Threat Protection:
Scan, detect and mitigate malware threats
Secure Connectivity:Publishing, VPN and forward proxy
Integrated Security Management:Simple deployment and dynamic response integration with Stirling product suite
www.microsoft.com/teched
International Content & Community
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources Tech·Ed Africa 2009 sessions will be made available for download the week after the event from: www.tech-ed.co.za
Track Resources
ISA/TMG Product Team Blog: http://blogs.technet.com/isablog/
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
top related