Secure Your Exchange ServerWith Forefront Protection 2010 for Exchange

Srinivas LTechnology Specialist – Security | MicrosoftSrinivas.L@microsoft.com

Agenda

• Business and IT Challenges

• Business Ready Security

• Secure Messaging

• Customer Testimonial

• The Road Ahead

• Solution Resources and Tools

• Summary

Multiple locations and devices

Difficulty in discovering and securing sensitive

information

Financially motivated evolving threats

Advanced spam technologies bypassing

scanners

Agility and Flexibility

ControlBUSINESS

NeedsIT Needs

Prevent sensitive information from leaking

Protection from advanced threats

Secure access to messaging from virtually

anywhere

Receive messaging free of spam

Business Needs and IT Challenges

Business Ready SecurityHelp securely enable business by managing risk and empowering people

Protect everywhere,access anywhere

Simplify the security experience,

manage compliance

Blockfrom:

Enable

Cost Value

Siloed Seamless

to:

Integrate and extendsecurity across the

enterprise

Highly Secure & Interoperable Platform

Identity

Business Ready Security Solutions

Secure MessagingSecure

Collaboration

Information Protection

Integrated Security

Identity and Access Management

Secure Endpoint

Secure Messaging

Enable more secure business communication from virtually any location or device, while preventing unauthorized use of confidential information

• Best-in-class anti-malware on premises / in cloud

• Protect sensitive information in email

• Provide more secure, always-on access

PROTECT everywhere ACCESS anywhere

• Built-in Information Protection

• Extend secure email with partners

INTEGRATE and EXTEND security

• Enterprise-wide visibility and reporting

• Unified management

SIMPLIFY security,MANAGE compliance

Protect Messages from Malware

Microsoft Solution“Defense in Depth”Competitors’ Solutions

On premises or in the cloud

Automatic Engine Updates

Single Engine Multiple Engines

99% spam detection*

* With premium antispam services

38 times faster

An AV-Test of consumer antivirus products revealed:• On average, Forefront engine sets

provided a response in 3.1 hours or less.

• Single-engine vendors provided responses in 5 days, 4 days, and 6 days respectively.

“Forefront Security for Exchange Server can support up to five scanning engines at the same time. Thus, it offers a more secure environment, compared with products that support using only a single engine.”– Akihiro Shiotani, Deputy Director of the Infrastructure Group, Astellas Pharma Information Systems Department

Protect Sensitive Information in E-mail

• Automatically protect sensitive e-mail with Active Directory RMS

• Filter message body and subject based on content criteria

• Policy based restricted usage of email attachments

Protect everywher

e,access

anywhere

Outlook Web Access

ON PREM

ISES

Using Intelligent Application Gateway, employees can connect easily, which means that our important customer information is accessible for them wherever they are.- Raymond Provily, Manager of Facilities“

• Simplified always on access

• Consolidated secure portal to simplify remote access

• Restricted, policy-based access to messaging servers

Provide More Secure, Anywhere AccessProtect

everywhere,

access anywhere

DIR

ECT ACCESS

SSL

VPN

SSL

VPN

Deep Integration with Exchange

• Information protection built-into and managed within Exchange

• Automatically decrypt protected e-mail for virus scanning and e-discovery

• Unique in-memory malware scanning to optimize Exchange performance

Integrate and

extendsecurity

Simplify Security ManagementSimplify security,manage

compliance

• Unified policy management for all messaging servers

• Enterprise-wide visibility through a centralized security console

• Easy investigation process with automatic data collection

• Enable compliance with detailed log analysis and easy-to-use reports

Current SituationMultiple Products for secure messaging

Separate gateway to detect sensitive content

External websites sending spam and

malware

Virus threats from internal senders

Remote access solution w/ separate identities

Internal users sending sensitive information to

partners in email

Separate SMTP virus scanner to detect and

remove spam and malware

Separate gateway to enable remote access

Spam

Spam

Spam

SpamSpam

Spam

Spam

Spam

SpamSpam

Secure MessagingSimple and easy

Always-on access built into platform

Internal mail protected withForefront Protection for Exchange

Information Protection built into the platform

Malware and spam cleaning in the cloud

with FOPE

Customer Testimonial

“With Forefront Security for Exchange Server, our comfort level is higher because the mail server and the security product are tightly integrated, and they’re both offered by the same vendor.”

Akihiro Shiotani | Section Chief of the Infrastructure Group Astellas Pharma Information Systems Department

CUSTOMER BUSINESS CHALLENGE

• Managing security solutions from multiple vendors

• Allowing employees to exchange e-mail from outside the office more easily

• Improving monitoring and reporting capabilities

CUSTOMER SOLUTION

• Microsoft Forefront line of business security products

• Microsoft System Center family of IT management solutions

CUSTOMER RESULTS/BENEFITS

• Improved security and reliability

• Simplified deployment, monitoring, and reporting

• Increased user and IT productivity

• Simplified publishing and pre-authenticated access to the servers

Secure Messaging – The Road AheadCurrently Shipping

CY 2009H2

CY 2010H1

Managem

ent

Pro

tect

ion &

Acc

ess

Pla

tform

Management Consoles

Solution Resources & Tools

Operations Guides

Administrator Guides

Troubleshooting Guides

Hands-on Labs and VMs

Evaluation Guides

Proof of Concepts

Architecture, Planning and Design Guides

Infrastructure Planning Guide

Data Protection Using Rights Management

Services

Secure Remote Application Publishing

Services

Application Server Protection

Secure Messaging

Enable more secure business communication from virtually any location or device, while preventing unauthorized use of confidential information

• Best-in-class anti-malware on premises / in cloud

• Protect sensitive information in email

• Provide more secure, always-on access

PROTECT everywhere ACCESS anywhere

• Built-in Information Protection

• Extend secure email with partners

INTEGRATE and EXTEND security

• Enterprise-wide visibility and reporting

• Unified management

SIMPLIFY security,MANAGE compliance

Learn more at: www.microsoft.com/forefront

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.

MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Better Together Protection Integrated Defense in Depth

Exchange 2010 Forefront

Encryption Anti-Virus

Default Intra-Org ∙

Inter-Org mTLS support

∙ IRM support

Multiple Engine Anti-

Malware Detection

Unified ManagementHosted, Hybrid Protection

Premium

Anti-Spam

Basic

Standard CAL Enterprise CAL

Premium Anti-SpamFunctional Highlights

Exchange 2010 + Forefront Benefits

Connection Filtering

Forefront DNS Block List

• Aggregates DNS data from multiple providers • No configuration required

Forefront Unified Management

Protocol Filtering

Unified management

• Consolidates Sender/Recipient/Sender ID filtering for simplified management

Anti-Backscatter • Blocks NDR backscatter spam

Content Filtering

Cloudmark Filter • Option of alternative 3rd party content filter • 99% detection rate; 0.04% false positive • No configuration required

Forefront True File Type Filtering

• Inspects the real file type, not just extension• Can also spot and delete files within ZIP

Global Exception Lists

• Single access point to sender and recipient exception lists (allow and block actions)

Streamlined SCL • Less ambiguous ratings for less false positives