säkerhet och compliance för e-post och realtidskommunikation brjann brekkan
TRANSCRIPT
Säkerhet och compliance för e-post och
realtidskommunikation
Brjann Brekkan
Agenda
Del 1Del 1Security 101 – Common terminologySecurity 101 – Common terminologyMicrosoft Secure MessagingMicrosoft Secure Messaging
Del 2Del 2Solutions from Microsoft on Secure Solutions from Microsoft on Secure MessagingMessaging
Agenda Del 1
Security 101 – Common terminologySecurity 101 – Common terminologyTransport of messagesTransport of messagesValidate Domain IdentityValidate Domain IdentityValidate Senders IDValidate Senders IDProtect InformationProtect InformationMalwareMalware
Microsoft Secure MessagingMicrosoft Secure MessagingMicrosoft Exchange Hosted ServicesMicrosoft Exchange Hosted ServicesMicrosoft Antigen solutionsMicrosoft Antigen solutionsMicrosoft ISA ServerMicrosoft ISA ServerMicrosoft Exchange ServerMicrosoft Exchange ServerMicrosoft Live Communication ServerMicrosoft Live Communication Server
Transport of messages
Message to Message to [email protected]@brekkan.com from [email protected] [email protected] names ; brekkan.comDomain names ; brekkan.comDNS Records ; MX and SIPDNS Records ; MX and SIPbrekkan.com brekkan.com exchange:1231380561.pamx1.hotmaiexchange:1231380561.pamx1.hotmail.coml.com
Mail is sent cleartext – Postcard !Mail is sent cleartext – Postcard !
Validate identity
[email protected]@brekkan.com receives email receives emailbrekkan.com server maybe validates brekkan.com server maybe validates sending serversending serverReverse DNS lookup Reverse DNS lookup Microsoft has solution called Sender Microsoft has solution called Sender IDID
DNS Based solution to validate sending DNS Based solution to validate sending serverserver
Well known domains, partners, Well known domains, partners, customers?customers?
Certificate validation between Mail Certificate validation between Mail serversservers
Validate senders ID
[email protected]@brekkan.com receives email receives [email protected]@microsoft.com has signed has signed email with Certificate based solutionemail with Certificate based [email protected] client validates [email protected] client validates certificate used to sign emailcertificate used to sign emailSender can also choose to encrypt Sender can also choose to encrypt emailemailTechnologies: Technologies:
S/MIMES/MIMEPGP PGP
Protect Information
Emails and IM contain informationEmails and IM contain informationProtect in transportProtect in transport
EncryptEncryptBetween clientsBetween clientsBetween serversBetween servers
SignSignMessageMessage
Protect after transportProtect after transportInformation Rights Managent / Digital Information Rights Managent / Digital Rights Management / Rights Management Rights Management / Rights Management ServicesServicesEFSEFS
Differentiates permissions by Differentiates permissions by recipientrecipient
Feature Comparison (S/MIME and IRM)
S/MIME S/MIME signingsigning
S/MIME S/MIME encryptionencryptionFeatureFeature
Authenticates the recipientAuthenticates the recipient
Can encrypt contentCan encrypt content
Protects against content Protects against content tamperingtampering
Offers content expirationOffers content expiration
Controls content reading, Controls content reading, forwarding, saving, modifying, or forwarding, saving, modifying, or printing by recipientprinting by recipient
NoNo
NoNo
Yes *Yes *
NoNo
NoNo
NoNo
NoNo
YesYes
No **No **
NoNo
NoNo
NoNo
YesYes
YesYes
YesYes
YesYes
YesYes
YesYes
IRMIRM
* S/MIME digital signatures do not prevent content tampering, but do indicate to the recipient if tampering was done after the signature was applied.
** S/MIME encryption helps prevent unauthorized access to encrypted data, but it does not prevent tampering of the encrypted information.
Capable of using a smart card for Capable of using a smart card for key storagekey storage
YesYes YesYes NoNo
What if email / IM is malware
Virus - don’t click...Virus - don’t click...Spam – don’t let through...Spam – don’t let through...Phising – learn what it is and filter it...Phising – learn what it is and filter it...... ... ... ...
Be Careful Out There !Be Careful Out There !
Antivirus and antispam protection Antivirus and antispam protection needed !needed !
Multilayered protection to Multilayered protection to protect from encrypted malware !protect from encrypted malware !
Summary of Security 101
Transport is not secure by default – Transport is not secure by default – yetyetIdentity validation is not part of SMTPIdentity validation is not part of SMTP
Enterprise IM is different Enterprise IM is different Todays technologies work but can be Todays technologies work but can be easiereasierProtect your information everywhereProtect your information everywhereAntivirus and Antispam and Antivirus and Antispam and Antiphising and well .. Anti Malware Antiphising and well .. Anti Malware is neededis needed
Today’s Challenges
“Most viruses are designed to propagate themselves through e-mail… In 2005, 86% of viruses used e-mail as a self-propagation medium…”
-- The Radicati Group, Inc., E-mail Security: Appliances, Software and Services, 2005 - 2009
900 million viruses and 52.4 billion spam messages are sent per day. Virus traffic has increased by 80% in 2005!
-- The Radicati Group, Inc., E-mail Security: Appliances, Software and Services, 2005 - 2009
In 2004, 78% of enterprises hit by viruses, and 37% reported unauthorized access to information
--2004 CSI and FBI Computer Crime and Security Survey
Agenda part 1
Security 101 – Common terminologySecurity 101 – Common terminologyTransport of messagesTransport of messagesValidate Domain IdentityValidate Domain IdentityValidate Senders IDValidate Senders IDProtect InformationProtect InformationMalwareMalware
Microsoft Secure MessagingMicrosoft Secure MessagingMicrosoft Exchange Hosted ServicesMicrosoft Exchange Hosted ServicesMicrosoft Antigen solutionsMicrosoft Antigen solutionsMicrosoft ISA ServerMicrosoft ISA ServerMicrosoft Exchange ServerMicrosoft Exchange ServerMicrosoft Live Communication ServerMicrosoft Live Communication Server
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
DMZDMZ
On-Premise On-Premise SoftwareSoftware
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
Microsoft Microsoft Exchange Hosted Exchange Hosted
ServicesServices
InternetInternet
Microsoft Secure Messaging
Microsoft Secure Messaging SolutionsMicrosoft Secure Messaging Solutions
Provide customers with Provide customers with choicechoice in how they deploy, manage their messaging in how they deploy, manage their messaging infrastructureinfrastructure
Offers a Offers a full, multi-layer solutionfull, multi-layer solution made up of on-premise software and hosted made up of on-premise software and hosted servicesservices
Offer software and services that run Offer software and services that run better togetherbetter together with Microsoft Exchange with Microsoft Exchange
About FrontBridge TechnologiesAbout FrontBridge TechnologiesPrivately-held company based in Los Angeles, CaliforniaPrivately-held company based in Los Angeles, CaliforniaLeading provider of managed messaging services Leading provider of managed messaging services Addresses corporate e-mail compliance, security, and Addresses corporate e-mail compliance, security, and availability availability Offers managed services for Microsoft Exchange, Lotus Offers managed services for Microsoft Exchange, Lotus Domino, and other SMTP-compliant e-mail serversDomino, and other SMTP-compliant e-mail servers
Customer BenefitsCustomer BenefitsNo upfront capital investmentNo upfront capital investmentMinimizes IT managementMinimizes IT managementAids in regulatory complianceAids in regulatory complianceProtection from viruses, spamProtection from viruses, spam
Customer BenefitsCustomer BenefitsNo upfront capital investmentNo upfront capital investmentMinimizes IT managementMinimizes IT managementAids in regulatory complianceAids in regulatory complianceProtection from viruses, spamProtection from viruses, spam
August 2005 acquisition as part of Microsoft’s comprehensive approach for providing customers with greater flexibility and choice in how their
messaging and collaboration solutions are delivered
FrontBridge Acquisition
Rapid deployment and easy Rapid deployment and easy provisioning provisioning Rapid response and scale to address Rapid response and scale to address threatsthreatsComprehensive set of servicesComprehensive set of services
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
Perimeter Perimeter Network Network
Software on the Software on the PremisesPremises
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
InternetInternet
Microsoft Secure Messaging
Exchange Services
Provides Provides CHOICECHOICE in how customers deploy, manage their messaging in how customers deploy, manage their messaging infrastructureinfrastructure
Exchange offers both on-premise Exchange offers both on-premise ANDAND hosted e-mail through service hosted e-mail through service providersproviders
Hosted Services Hosted Services COMPLEMENTCOMPLEMENT any Exchange mailbox any Exchange mailbox
HOSTED EXCHANGEHOSTED EXCHANGE(through service (through service
providers)providers)
Complementary ServicesComplementary ServicesChoice for MessagingChoice for Messaging
Hosted Services Network Infrastructure
Hosted services provisioned across a reliable network Hosted services provisioned across a reliable network infrastructureinfrastructure
SLA uptime guarantees of 99.999 percentSLA uptime guarantees of 99.999 percent
Services activated with simple mail exchange record redirectServices activated with simple mail exchange record redirect
Requires minimal IT administration; centralized controlRequires minimal IT administration; centralized control
Scalability without additional cost; can handle all message volume Scalability without additional cost; can handle all message volume variationsvariations
Helps free local loop, customer’s servers, and bandwidth from Helps free local loop, customer’s servers, and bandwidth from unwanted trafficunwanted traffic
Delivers legitimate messages to customer’s siteDelivers legitimate messages to customer’s site
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
DMZDMZ
On-Premise On-Premise SoftwareSoftware
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
Microsoft Microsoft Exchange Hosted Exchange Hosted
ServicesServices
InternetInternet
Microsoft Secure Messaging
Microsoft Secure Messaging SolutionsMicrosoft Secure Messaging Solutions
Provide customers with Provide customers with choicechoice in how they deploy, manage their messaging in how they deploy, manage their messaging infrastructureinfrastructure
Offers a Offers a full, multi-layer solutionfull, multi-layer solution made up of on-premise software and hosted made up of on-premise software and hosted servicesservices
Offer software and services that run Offer software and services that run better togetherbetter together with Microsoft Exchange with Microsoft Exchange
Antigen Solutions
Live Live Communications Communications
ServerServer
SharePoint SharePoint ServerServer
Exchange ServersExchange Servers
ISA ISA ServerServer
Windows SMTP Windows SMTP ServerServer
VirusesViruses
WormsWorms
SpamSpam
Stop viruses at the network edge on ISA server and SMTP Stop viruses at the network edge on ISA server and SMTP GatewaysGateways
Protect Exchange 5.5, 2000, and 2003 from viruses and Protect Exchange 5.5, 2000, and 2003 from viruses and provideprovidecontent filteringcontent filtering
Reduce spam on ISA Server, Exchange and Windows SMTP Reduce spam on ISA Server, Exchange and Windows SMTP servers with Antigen’s Advanced Spam Manager option servers with Antigen’s Advanced Spam Manager option Protect Live Communications Server 2005 with antivirus and Protect Live Communications Server 2005 with antivirus and content scanningcontent scanningProtect SharePoint document libraries from viruses and Protect SharePoint document libraries from viruses and unwanted contentunwanted content
IM and IM and DocumentsDocuments
E-E-mailmail
LayeredLayeredDefenseDefense
ss
Server Server OptimizationOptimization
Content Content ControlControl
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
DMZDMZ
On-Premise On-Premise SoftwareSoftware
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
Microsoft Microsoft Exchange Hosted Exchange Hosted
ServicesServices
InternetInternet
Microsoft Secure Messaging
Microsoft Secure Messaging SolutionsMicrosoft Secure Messaging Solutions
Provide customers with Provide customers with choicechoice in how they deploy, manage their messaging in how they deploy, manage their messaging infrastructureinfrastructure
Offers a Offers a full, multi-layer solutionfull, multi-layer solution made up of on-premise software and hosted made up of on-premise software and hosted servicesservices
Offer software and services that run Offer software and services that run better togetherbetter together with Microsoft Exchange with Microsoft Exchange
Using Exchange and ISA Server Together
Exchange Client Access Scenarios:Exchange Client Access Scenarios:OWAOWAOMA, ActiveSyncOMA, ActiveSyncRPC/HTTPRPC/HTTP
ISA Server 2004 provides additional ISA Server 2004 provides additional security to the above scenarios:security to the above scenarios:
Application layer inspectionApplication layer inspectionAuthentication solutionsAuthentication solutionsFirewall protectionFirewall protectionLogging and MonitoringLogging and MonitoringRPC filtering (for Exchange 2000)RPC filtering (for Exchange 2000)
More secure e-mail access for remote users
Improved manageability and ease of use
Exchange is better protected from malicious attacks
Microsoft® ISA Server 2004: an advanced application-layer firewall, Web cache, and virtual private network (VPN)
Secure Publishing of Exchange on the Internet using ISA Server 2004
Protect IT assets while providing employees with connectivity to Exchange, the Web and corporate network
New Version of Firewall Solution Improves E-mail Security for World’s Largest Software Company
“ISA Server 2004 has a vastly improved administrative user interface that makes it far easier to view and
manage access policies.”
Michael Ward, Senior Systems Engineer, Connectivity Services, Microsoft IT
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
DMZDMZ
On-Premise On-Premise SoftwareSoftware
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
Microsoft Microsoft Exchange Hosted Exchange Hosted
ServicesServices
InternetInternet
Microsoft Secure Messaging
Microsoft Secure Messaging SolutionsMicrosoft Secure Messaging Solutions
Provide customers with Provide customers with choicechoice in how they deploy, manage their messaging in how they deploy, manage their messaging infrastructureinfrastructure
Offers a Offers a full, multi-layer solutionfull, multi-layer solution made up of on-premise software and hosted made up of on-premise software and hosted servicesservices
Offer software and services that run Offer software and services that run better togetherbetter together with Microsoft Exchange with Microsoft Exchange
The Server and Client
Exchange ServerExchange ServerOutlookOutlookLive Communication ServerLive Communication ServerOffice CommunicatorOffice Communicator
Exchange 2003 Security Features
Secure Default SettingsSecure Default SettingsSome services turned off by default to reduce Some services turned off by default to reduce attack surface (e.g. OMA, POP3, etc.)attack surface (e.g. OMA, POP3, etc.)
Anti-spamAnti-spamExternal content blockingExternal content blocking in OWA and Outlook in OWA and Outlook 20032003DLs can require authenticated submissionDLs can require authenticated submissionReal time Blackhole list supportReal time Blackhole list supportAnti-Spam Partner IntegrationAnti-Spam Partner Integration
Kerberos Authentication for Outlook 2003Kerberos Authentication for Outlook 2003Single Sign-on, including with Multi-Forest Single Sign-on, including with Multi-Forest implementationsimplementations
Forms-Based Authentication for OWAForms-Based Authentication for OWATimeout, Forced LogoffTimeout, Forced Logoff
S/MIME Support for OWAS/MIME Support for OWA
Gateway Server Transport
Exchange Server 2003
Mailbox ServerStore
JunkMail
Folder
JunkMail
Folder
Inbox
Exchange 2003 OWA
Outlook 2003
SCL = Spam Confidence Level
Exchange/Outlook Anti-Spam IntegrationExchange/Outlook Anti-Spam Integration
Spam?
UserSafe & Junk
Senders
Exchange IMF
ISV Solutions
Allow/Deny Lists
Real-Time Block Lists
Recipient & Sender Filtering
Message + SCL
Spam?
UserSafe & Junk
Senders
Inbox
UserSafe & Junk
SendersSMTP
Message
Outlook Security features
Anti Spam integration with Exchange Anti Spam integration with Exchange ServerServerNo active content run in inboxNo active content run in inboxPicturesPicturesRPC / HTTPSRPC / HTTPSS/MIMES/MIMEInformation Rights Management Information Rights Management supportsupport
Secure Instant Messaging
Live Communication ServerLive Communication ServerOffice CommunicatorOffice Communicator
Secure IMSecure IMAD AuthenticationAD AuthenticationArchivingArchivingAnti Virus APIAnti Virus API3rd party for higher compliance 3rd party for higher compliance demandsdemands
Across Across NetworksNetworks
Across Across DevicesDevices
Application Application IntegrationIntegration
CalendariCalendaringng
Web & Video Web & Video ConferencingConferencing
InstantInstantMessagingMessaging
& VoIP& VoIP
E-MailE-Mail
Team Team WorkspacesWorkspaces
Identity Identity & Presence& Presence
End User Value:End User Value:Unified familiar experienceUnified familiar experienceRich-presence; multimodalRich-presence; multimodalFrom any device,From any device,
any applicationany application
IT Manager Value:IT Manager Value:Infrastructure simplificationInfrastructure simplificationSecure CommunicationSecure CommunicationConsolidationConsolidationLow TCOLow TCO
ISV & Developer Value:ISV & Developer Value:Standards-based platformStandards-based platformRich API’s & Web servicesRich API’s & Web servicesDeveloper toolsDeveloper tools
Integrated CommunicationsIntegrated Communications
Agenda part 2
Solutions from MicrosoftSolutions from MicrosoftMicrosoft Exchange Hosted ServicesMicrosoft Exchange Hosted ServicesMicrosoft AntigenMicrosoft AntigenMicrosoft ISA ServerMicrosoft ISA ServerThe server itselfThe server itself
Rapid deployment and easy Rapid deployment and easy provisioning provisioning Rapid response and scale to address Rapid response and scale to address threatsthreatsComprehensive set of servicesComprehensive set of services
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
Perimeter Perimeter Network Network
Software on the Software on the PremisesPremises
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
InternetInternet
Microsoft Secure Messaging
Spam, viruses, Spam, viruses, and phishing and phishing plague inboxesplague inboxes
Organizations Organizations have difficulty have difficulty staying ahead of staying ahead of messaging threatsmessaging threats
Active Active ProtectionProtection
Regulatory Regulatory compliance critical compliance critical in many industriesin many industries
Stiff penalties for Stiff penalties for e-mail misusee-mail misuse
1 in 5 employers 1 in 5 employers has had e-mail has had e-mail subpoenaed*subpoenaed*
Confident Confident ComplianceCompliance
Reduce Cost and Reduce Cost and ComplexityComplexity
Business Challenges
*2005 Electronic Monitoring & Surveillance Survey from American Management Association (AMA) and the ePolicy Institute*2005 Electronic Monitoring & Surveillance Survey from American Management Association (AMA) and the ePolicy Institute
Compliance Compliance RequiremeRequireme
ntsntsNetwork Network infrastructure infrastructure crowded with point crowded with point solutionssolutions
Need for reliable Need for reliable and cost-effective and cost-effective systemssystems
IT IT Infrastructure Infrastructure
ComplexityComplexity
Rising Security Rising Security VulnerabilitiesVulnerabilities
Active Active ProtectionProtection
Confident Confident ComplianceCompliance
Reduced Cost and Reduced Cost and ComplexityComplexity
Help eliminate Help eliminate threats before threats before they reach your they reach your networknetwork
Provide e-mail Provide e-mail that’s always that’s always availableavailable
Scale at no Scale at no additional cost to additional cost to protect against protect against threatsthreats
Manage Manage regulatory regulatory compliance compliance requirements requirements
Govern use of the Govern use of the e-mail system e-mail system and help prevent and help prevent misusemisuse
Respond quickly Respond quickly to litigation to litigation requestsrequests
Activate quickly Activate quickly with a simple mail with a simple mail exchange record exchange record change change
Integrate with Integrate with your existing e-your existing e-mail mail infrastructureinfrastructure
Deploy quickly Deploy quickly without up-front without up-front capital capital investmentinvestment
Hosted Service Benefits
Microsoft Exchange Hosted Services
Real-time threat prevention featuresReal-time threat prevention features
Multi-layer anti-spam and anti-virusMulti-layer anti-spam and anti-virus
Customized content and policy enforcementCustomized content and policy enforcement
E-mail retention for help with compliance and e-discoveryE-mail retention for help with compliance and e-discovery
Customized report generation for help demonstrating Customized report generation for help demonstrating compliancecompliance
Fully indexed, searchable archiveFully indexed, searchable archive
Full e-mail encryption Full e-mail encryption
No public and private key managementNo public and private key management
Gateway, policy-based e-mail encryptionGateway, policy-based e-mail encryption
Uninterrupted e-mail accessibilityUninterrupted e-mail accessibility
Rapid recovery from unplanned disasters and network Rapid recovery from unplanned disasters and network outagesoutages
Thirty-day rolling historical e-mail storeThirty-day rolling historical e-mail store
Hosted Filtering
Only requires a simple MX record Only requires a simple MX record
Real-time Attack Prevention (RTAP) and Directory Services protect against large Real-time Attack Prevention (RTAP) and Directory Services protect against large attacksattacks
Comprehensive virus filter delivers day-zero protection using multiple, anti-virus Comprehensive virus filter delivers day-zero protection using multiple, anti-virus enginesengines
Flexible policy filter to enforce any email-use rulesFlexible policy filter to enforce any email-use rules
Strong spam filtering effectivenessStrong spam filtering effectiveness
E-mail queuing helps ensure mail is never lostE-mail queuing helps ensure mail is never lost
Spam Quarantine
Policy Filter
Jelly Belly CandyCompany OverviewCompany Overview
Number one gourmet jelly bean companyNumber one gourmet jelly bean companyChallengeChallenge
70% of inbound email was spam, slowing their Exchange Server 70% of inbound email was spam, slowing their Exchange Server performance performance
SolutionSolutionImplemented Hosted Filtering to reduce the load on Exchange serverImplemented Hosted Filtering to reduce the load on Exchange server
ResultsResultsMore than 95% of spam stopped with zero false positivesMore than 95% of spam stopped with zero false positives15,000 viruses stopped every month15,000 viruses stopped every monthSaved more than 2 GB of storage per monthSaved more than 2 GB of storage per month
““The implementation The implementation was so easy - a simple was so easy - a simple MX record change and MX record change and reconfiguring our reconfiguring our firewall was all it took to firewall was all it took to see a dramatic decrease see a dramatic decrease in the amount of spam in the amount of spam we were receiving.”we were receiving.”
Gary Praegitzer, Gary Praegitzer, Network AdministratorNetwork Administrator
Hosted Filtering Benefits
A more secure, reliable messaging A more secure, reliable messaging experienceexperienceActive protection features help guard Active protection features help guard against e-mail threatsagainst e-mail threatsDisaster recovery helps ensure Disaster recovery helps ensure business business e-mail deliverye-mail deliveryHassle-free deployment and Hassle-free deployment and maintenancemaintenance
Archive repository benefits from upstream spam and virus protection Archive repository benefits from upstream spam and virus protection featuresfeatures
Full text indexing of e-mail and attachments, IM and Bloomberg mailFull text indexing of e-mail and attachments, IM and Bloomberg mail
HR/Legal can search all message streams and tag, forward, export HR/Legal can search all message streams and tag, forward, export contentcontent
Compliance tools for supervising, escalating, tracking messagesCompliance tools for supervising, escalating, tracking messages
Admin tools for message restoration, communication during an outageAdmin tools for message restoration, communication during an outage
Users can access message archive via the web for real time email Users can access message archive via the web for real time email functionalityfunctionality
Hosted Archive
Powerful E-Discovery
End-User Productivity
Brecek and Young AdvisorsCompany OverviewCompany Overview
Independent broker/dealer with billions under managementIndependent broker/dealer with billions under managementChallengeChallenge
Overburdened email systemOverburdened email systemSubject to NASD compliance requirementsSubject to NASD compliance requirementsSought solution for electronic archiving Sought solution for electronic archiving
SolutionSolutionImplemented Hosted Archive to assist with email retention and Implemented Hosted Archive to assist with email retention and compliance monitoring compliance monitoring Solution used during NASD auditSolution used during NASD audit
ResultsResultsStreamlined audit processStreamlined audit processCut message management costsCut message management costs
““The audit of our The audit of our
messaging system was messaging system was
made painless by our made painless by our
implementation of implementation of
Microsoft Exchange Hosted Microsoft Exchange Hosted
Archive.”Archive.”
– – Tom Delaney, Chief Tom Delaney, Chief
Compliance OfficerCompliance Officer
Hosted Archive Benefits
In-stream message captureIn-stream message capture
Web-based access tools require minimal Web-based access tools require minimal user traininguser training
Integrated message management toolsIntegrated message management tools
E-mail continuity, disaster recovery is E-mail continuity, disaster recovery is always on always on
Robust searchingRobust searching
No need for capital investmentNo need for capital investment
Message store benefits from upstream spam and virus protection Message store benefits from upstream spam and virus protection featuresfeatures
Messages captured and copied in real timeMessages captured and copied in real time
Searchable message store always contains last 30-days of e-mailSearchable message store always contains last 30-days of e-mail
Familiar GUI means minimal end user trainingFamiliar GUI means minimal end user training
Recovery Manager for e-mail restoration, seamless access during an Recovery Manager for e-mail restoration, seamless access during an outageoutage
Hosted Continuity
End-User Access
Recovery Management Tools
3D InternationalCompany OverviewCompany Overview
Design construction and project management companyDesign construction and project management companyChallengeChallenge
E-mail continuity needed because of approaching Hurricane RitaE-mail continuity needed because of approaching Hurricane RitaSolutionSolution
Implemented Microsoft Exchange Hosted Continuity to help ensure Implemented Microsoft Exchange Hosted Continuity to help ensure email continuity in the event that their primary Exchange server email continuity in the event that their primary Exchange server would go downwould go down
ResultsResultsFully-functional e-mail system available for use from remote Fully-functional e-mail system available for use from remote locationslocationsEmail continued as normal with employees using Hosted Continuity Email continued as normal with employees using Hosted Continuity
““With Hurricane Rita heading toward us, we With Hurricane Rita heading toward us, we
need to keep our communications going during need to keep our communications going during
a catastrophe.”a catastrophe.”
Gerald Van Benschop, Director of ITGerald Van Benschop, Director of IT
Hosted Continuity Benefits
E-mail continuity and disaster E-mail continuity and disaster recovery is always onrecovery is always onWeb-based access tools require Web-based access tools require minimal training minimal training In-stream message captureIn-stream message captureSearchable message storeSearchable message storeNo need for capital investment No need for capital investment
Business Challenges
E-mail is inherently insecureE-mail is inherently insecureOrganizations must find ways to Organizations must find ways to ensure the privacy and security of ensure the privacy and security of sensitive datasensitive dataNeed to protect partner and supply Need to protect partner and supply chain networkschain networksEnterprises are looking at ways to Enterprises are looking at ways to help reduce operating expenseshelp reduce operating expensesIT resources are overburdenedIT resources are overburdened
Encryption is performed via rules and enforced by gatewayEncryption is performed via rules and enforced by gateway
Voltage Identity-Based Encryption (IBE) uses a common ID for Voltage Identity-Based Encryption (IBE) uses a common ID for public keypublic key
Encrypts any e-mail and attachmentsEncrypts any e-mail and attachments
Supports all systems and e-mail clientsSupports all systems and e-mail clients
TLS-enabled network further ensures security of messages TLS-enabled network further ensures security of messages
Zero Download Manager (ZDM) enables secure, web-based Zero Download Manager (ZDM) enables secure, web-based decryption with encrypted replies for any mail recipientdecryption with encrypted replies for any mail recipient
Hosted Encryption
Policy Enforcement
Gateway EncryptionPolicy-based encryption Policy-based encryption transparent to the end usertransparent to the end user
Minimal end-user trainingMinimal end-user training
No passwords or No passwords or pre-enrollmentpre-enrollmentEncrypted messages Encrypted messages delivered directly to desktopdelivered directly to desktop
Message body and Message body and attachments remain attachments remain encryptedencrypted
No additional software No additional software required for decryptionrequired for decryption
No need for keys or No need for keys or certificatescertificatesZero Download MessengerZero Download Messenger
Example: SendExample: Send
Example: ReceiveExample: Receive
Zero Download MessengerRecipients authenticated Recipients authenticated before viewing encrypted before viewing encrypted messagesmessages
E-mail answerbackE-mail answerback
Decryption can be Decryption can be performed by users of all performed by users of all technical ability levels, even technical ability levels, even novicesnovices
Supports unknown and “one-Supports unknown and “one-time” recipientstime” recipients
Requires no additional Requires no additional software to read messagessoftware to read messagesAuthenticity verified by Authenticity verified by digital signaturedigital signatureRecipients able to reply with Recipients able to reply with confidence to encrypted confidence to encrypted messagesmessages
[email protected] authenticated by secure.frontbridge.com
Hosted Encryption Benefits
CompatibilityCompatibilityEase of useEase of useLow costLow costSecurity-enhancedSecurity-enhanced
Mitigate messaging risks before they reach Mitigate messaging risks before they reach the corporate e-mail serverthe corporate e-mail server
Reduce e-mail infrastructure cost and Reduce e-mail infrastructure cost and complexity by outsourcing to a trusted complexity by outsourcing to a trusted providerprovider
Help eliminate large upfront capital Help eliminate large upfront capital investmentsinvestments
Help meet compliance challengesHelp meet compliance challenges
Minimize load on Exchange Server by Minimize load on Exchange Server by handling hygiene and archival handling hygiene and archival management out in the Internetmanagement out in the Internet
Summary Hosted Services
Rapid deployment and easy Rapid deployment and easy provisioning provisioning Rapid response and scale to address Rapid response and scale to address threatsthreatsComprehensive set of servicesComprehensive set of services
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
Perimeter Perimeter Network Network
Software on the Software on the PremisesPremises
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
InternetInternet
Microsoft Secure Messaging
Antigen Solutions
Live Live Communications Communications
ServerServer
SharePoint SharePoint ServerServer
Exchange ServersExchange Servers
ISA ISA ServerServer
Windows SMTP Windows SMTP ServerServer
VirusesViruses
WormsWorms
SpamSpam
Stop viruses at the network edge on ISA server and SMTP Stop viruses at the network edge on ISA server and SMTP GatewaysGateways
Protect Exchange 5.5, 2000, and 2003 from viruses and Protect Exchange 5.5, 2000, and 2003 from viruses and provideprovidecontent filteringcontent filtering
Reduce spam on ISA Server, Exchange and Windows SMTP Reduce spam on ISA Server, Exchange and Windows SMTP servers with Antigen’s Advanced Spam Manager option servers with Antigen’s Advanced Spam Manager option Protect Live Communications Server 2005 with antivirus and Protect Live Communications Server 2005 with antivirus and content scanningcontent scanningProtect SharePoint document libraries from viruses and Protect SharePoint document libraries from viruses and unwanted contentunwanted content
IM and IM and DocumentsDocuments
E-E-mailmail
LayeredLayeredDefenseDefense
ss
Server Server OptimizationOptimization
Content Content ControlControl
Layered Defenses
Protection at multiple points in the Protection at multiple points in the networknetwork
Edge: Antigen for SMTP, Advanced Spam Edge: Antigen for SMTP, Advanced Spam ManagerManagerE-Mail Server: Antigen for Exchange, E-Mail Server: Antigen for Exchange, Advanced Spam ManagerAdvanced Spam ManagerSharePoint Server: Antigen for SharePoint SharePoint Server: Antigen for SharePoint Live Communications Server: Antigen for Live Communications Server: Antigen for Instant MessagingInstant Messaging
Multiple engine managementMultiple engine managementUp to eight antivirus engines availableUp to eight antivirus engines availableAdvanced Spam Manager integration with Advanced Spam Manager integration with Microsoft IMFMicrosoft IMF
Multiple Scan Engine Management
• Manage up to 8 scan enginesManage up to 8 scan engines
• Eliminate single point of failureEliminate single point of failure
• Minimize window of exposure Minimize window of exposure during outbreaks during outbreaks
Scan Engine 1Scan Engine 1
Scan Engine 4Scan Engine 4
Scan Engine 2Scan Engine 2
Scan Engine 3Scan Engine 3QuarantineQuarantine
Why Multiple Scan Engines?
Crash ProtectionCrash ProtectionIf one engine fails, other engines remain If one engine fails, other engines remain online and continue scanningonline and continue scanning
Rollback ProtectionRollback ProtectionTo receive updates, an engine is taken To receive updates, an engine is taken offline, updated, tested and reactivated. If offline, updated, tested and reactivated. If at any step the engine fails, Antigen at any step the engine fails, Antigen automatically rolls back to the previous automatically rolls back to the previous working version, activates it, and sends an working version, activates it, and sends an alert.alert.
Update ProtectionUpdate ProtectionWhen an engine is updating, the other When an engine is updating, the other active engines step in to scan, maintaining active engines step in to scan, maintaining the same level of protection. Mail does NOT the same level of protection. Mail does NOT queue nor pass through the system queue nor pass through the system unscanned.unscanned.
Signature Updates
24:38:00
23:15
21:38
21:33
21:27
21:18
20:46
20:24
19:54
18:49
18:44
18:18
18:18
18:14
17:38
17:27
17:19
16:56
16:54
16:39
Symantec
eTrust-VET
McAfee
Avast
AVG
Trend Micro
Norman
AntiVir
eTrust- INO
Panda
VirusBuster
Fortinet
F-Secure
Ikarus
Command
Sophos
BitDefender
AVK
F-Prot
Kaspersky
Sober.P Virus Sober.P Virus Detection TimeDetection Time
May 2, 2005 (GMT)May 2, 2005 (GMT) No. Updates/DayNo. Updates/Day
KasperskyKaspersky 18.518.5
Dr. WebDr. Web 10.710.7
SophosSophos 2.72.7
BitDefenderBitDefender 1.71.7
ClamAVClamAV 1.51.5
AntiVirAntiVir 1.41.4
F-SecureF-Secure 1.41.4
PandaPanda 1.31.3
IkarusIkarus 1.11.1
SymantecSymantec 1.11.1
Trend MicroTrend Micro 1.01.0
AV-Test.org May 2005
AV-Test.org Feb. 2005
January 2005 UpdatesJanuary 2005 Updates
Time of Day
Hour : Minute
Note: the chart (left) Note: the chart (left) represents a represents a singlesingle virus virus outbreak only. It does outbreak only. It does notnot represent average response represent average response times for the listed times for the listed antivirus labs.antivirus labs.
Sybari EnginesSybari Engines
Server Optimization
Focus on maximizing performanceFocus on maximizing performance
In-memory scanning for minimum In-memory scanning for minimum performance impactperformance impactPerformance tuning capability with Bias Performance tuning capability with Bias SettingsSettingsIsolates scan engines from main server Isolates scan engines from main server functionsfunctionsIntegration with Windows and Exchange Integration with Windows and Exchange clustering and load balancing capabilitiesclustering and load balancing capabilities
Integration with management infrastructureIntegration with management infrastructureSystem availability and performance System availability and performance monitoringmonitoringCentral configuration and problem Central configuration and problem resolutionresolution
Scan Engine 4Scan Engine 4
Scan Engine 2Scan Engine 2
Max Certainty: uses all engines (100%) Max Certainty: uses all engines (100%) Favor Certainty: uses 75% of available engines Favor Certainty: uses 75% of available engines
Neutral:Neutral: uses approx. 50% of available enginesuses approx. 50% of available enginesFavor Performance: uses 25% of available enginesFavor Performance: uses 25% of available enginesMax Performance: uses one engine for every scanMax Performance: uses one engine for every scan
Antigen Multiple Engine Manager (MEM) Bias Settings
Scan Engine 1Scan Engine 1
Scan Engine 4Scan Engine 4
Scan Engine 2Scan Engine 2
Scan Engine 3Scan Engine 3
Max Certainty:Max Certainty: uses all engines (100%)uses all engines (100%) Favor Certainty: uses 75% of available engines Favor Certainty: uses 75% of available engines Neutral: uses approximately 50% of available enginesNeutral: uses approximately 50% of available enginesFavor Performance: uses 25% of available enginesFavor Performance: uses 25% of available enginesMax Performance: uses one engine for every scanMax Performance: uses one engine for every scan
* Engines used are not * Engines used are not always the same. They are always the same. They are dynamically allocated from dynamically allocated from the available pool. the available pool.
Centralized Management
Sybari Enterprise ManagerSybari Enterprise ManagerProvides central management and Provides central management and reportingreportingEases migration and deploymentEases migration and deploymentProvides central deployment of updates to Provides central deployment of updates to reduce the window of vulnerabilityreduce the window of vulnerability
Sybari Antigen Management Pack for MOMSybari Antigen Management Pack for MOMMonitors events, performance counters, Monitors events, performance counters, and servicesand servicesAllows you to remotely update scan Allows you to remotely update scan engines or run manual scan jobsengines or run manual scan jobsProvides alerts on outbreaks and scan Provides alerts on outbreaks and scan engine update failuresengine update failures
Content Control
Content Filtering eliminates Content Filtering eliminates inappropriate contentinappropriate content
Administrator-defined keyword Administrator-defined keyword filtering blocks:filtering blocks:
Offensive languageOffensive languageLegally or ethically questionable materialLegally or ethically questionable materialConfidential company informationConfidential company information
Content filtering protects:Content filtering protects:E-mail message body contentE-mail message body contentDocuments in SharePoint librariesDocuments in SharePoint librariesIM conversations and file transfersIM conversations and file transfers
Content Control (cont.)
File filtering File filtering proactivelyproactively blocks a specific blocks a specific range of potentially dangerous file types range of potentially dangerous file types
Blocks both by extension and by true file typeBlocks both by extension and by true file typeRegardless of whether or not a virus signature existsRegardless of whether or not a virus signature exists
File types commonly blocked: EXE, COM, PIF, File types commonly blocked: EXE, COM, PIF, SCR, VBS, VBE, SHS, CHM, REG and BATSCR, VBS, VBE, SHS, CHM, REG and BATUnpacks and repacks ZIP files, removing only Unpacks and repacks ZIP files, removing only the blocked filethe blocked fileOffers whitelisting for trusted sendersOffers whitelisting for trusted sendersProvides separate filters for inbound, Provides separate filters for inbound, outbound and internaloutbound and internal
Antigen Email Security Solutions
Antigen for ExchangeDetects and removes viruses in Detects and removes viruses in e-mail messages and attachmentse-mail messages and attachments
Scans at SMTP stack (most Scans at SMTP stack (most processing intensive scans)processing intensive scans)Scans real-time at Exchange Scans real-time at Exchange information Storeinformation StoreProvides on-demand and Provides on-demand and scheduled scans of information scheduled scans of information storestoreUses Microsoft-approved virus Uses Microsoft-approved virus scanning API integration for scanning API integration for Exchange 2000 and 2003Exchange 2000 and 2003
Provides advanced content-filtering Provides advanced content-filtering capabilities for messages and capabilities for messages and attachmentsattachments
Integrates file filtering, keyword Integrates file filtering, keyword filtering and anti-spam at the filtering and anti-spam at the SMTP routing levelSMTP routing level
Protects Exchange Server 5.5, Protects Exchange Server 5.5, 2000, and 20032000, and 2003
ISA Server
Exchange Front End
Exchange Site 1
Exchange Site 2
Internet
Exchange Public Folder Server
Exchange Mailbox Server
Antigen for SMTP Gateways
Detects and removes e-mail viruses at the Detects and removes e-mail viruses at the network edgenetwork edge
Scans SMTP stack to disable threats Scans SMTP stack to disable threats within a message during the routing within a message during the routing processprocess
Provides advanced content filtering Provides advanced content filtering capabilities for messages and attachmentscapabilities for messages and attachments
Integrates file filtering, keyword Integrates file filtering, keyword filtering, anti-spam, and content filtering filtering, anti-spam, and content filtering during the routing processduring the routing process
Protects Windows Server 2003 and Protects Windows Server 2003 and Windows 2000 Server SMTP gatewaysWindows 2000 Server SMTP gateways
Proactively notifies administrators of Proactively notifies administrators of virus incidents and scan events by e-virus incidents and scan events by e-mail or event logmail or event log
SMTP Gateway Server/Routing Server
Internet
Firewall
Exchange Servers
Users
Advanced Spam ManagerOption available with Antigen for SMTP Gateways Option available with Antigen for SMTP Gateways or Antigen for Exchange serversor Antigen for Exchange serversEmploys signature-based SpamCure anti-spam Employs signature-based SpamCure anti-spam engineengineComplements Exchange 2003 Intelligent Message Complements Exchange 2003 Intelligent Message Filter (IMF)Filter (IMF)
Marks messages with Spam Confidence Level rating Marks messages with Spam Confidence Level rating Provides additional layer of protectionProvides additional layer of protection
Real-time content filtering for keywords and Real-time content filtering for keywords and expressionsexpressionsEnables administrators to create custom allow and Enables administrators to create custom allow and block lists based on sender, domain and IP block lists based on sender, domain and IP addressesaddresses
Advanced Spam Manager and IMF Advanced Spam Manager
Site Quarantine
Exchange Server with IMF
Inbox
Outlook Junk Mail
folder
SpamSpam
Available filtersAvailable filtersSpam filter (SpamCure)Spam filter (SpamCure)Subject line filteringSubject line filteringRBLs RBLs Domain/sender filters Domain/sender filters and whitelistsand whitelists
Antigen Advanced Spam Antigen Advanced Spam Manager and IMF use same Manager and IMF use same Spam Confidence Level Spam Confidence Level rating systemrating system
Antigen Collaboration Security Solutions
Antigen for SharePointVirus Protection for Virus Protection for Document LibrariesDocument Libraries
Scanning of all files uploaded and Scanning of all files uploaded and downloaded from document downloaded from document librarylibrary
Manual and scheduled scanning of Manual and scheduled scanning of all SPS files (supports both WSS all SPS files (supports both WSS and SPS)and SPS)
Content Policy EnforcementContent Policy EnforcementFile filtering to block documents File filtering to block documents from being posted based on name from being posted based on name match, file type or file extensionmatch, file type or file extensionContent scanning by keywords Content scanning by keywords within documents for within documents for inappropriate words and phrasesinappropriate words and phrases
SQL Document Library
SharePoint Server or WSS
Document
Users
Document
Antigen for Instant Messaging
Real-time scanning of IM Real-time scanning of IM conversationsconversations
Supports LCS 2005 pooling, Supports LCS 2005 pooling, PIC, file transfers, and PIC, file transfers, and encrypted conversationsencrypted conversationsScans Public IM via IM Scans Public IM via IM Logic IM Manager and LCS Logic IM Manager and LCS PIC supportPIC supportBlocks IMs with potentially Blocks IMs with potentially harmful linksharmful links
Scans for confidential Scans for confidential information and inappropriate information and inappropriate keywords in IMs and documentskeywords in IMs and documentsEnables administrators to Enables administrators to create white lists based on create white lists based on sender and recipientsender and recipient Microsoft Office
CommunicatorWindows
Messenger Clients
Live Communications Server
Firewall
Outside IM Clients
SummaryThreats to today’s enterprises are growing Threats to today’s enterprises are growing and e-mail and collaboration systems are and e-mail and collaboration systems are key entry pointskey entry points
Microsoft has a proven strategy for Microsoft has a proven strategy for securing e-mail and collaboration securing e-mail and collaboration environmentsenvironments
Antigen solutions provide comprehensive, Antigen solutions provide comprehensive, layered protection against viruses, worms layered protection against viruses, worms spam and inappropriate contentspam and inappropriate content
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServeServe
rr
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
Perimeter Perimeter Network Network
Software on the Software on the PremisesPremises
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
InternetInternet
Microsoft Secure Messaging
Secure Remote Access to Email
FeatureFeature NewNew
Application Application Layer Layer FirewallFirewall
SMTP filteringSMTP filtering
HTTP filter / OWAHTTP filter / OWA RPC filter (Exchange RPC filter (Exchange 2000)2000)
Outlook Outlook Web Access Web Access (OWA) Front (OWA) Front EndEnd
FBA (at the firewall)FBA (at the firewall) Session timeout (at the Session timeout (at the firewall)firewall)
Attachment blocking (at Attachment blocking (at the firewall)the firewall)
HTTP proxyHTTP proxy SSL bridgingSSL bridging
AuthenticatiAuthenticationon
RADIUS authenticationRADIUS authentication SecureID authenticationSecureID authentication
AdministratiAdministrationon
Configuration wizardsConfiguration wizards
Ease of useEase of use Mail Publishing Wizard, Easy to understand policy infrastructure and Mail Publishing Wizard, Easy to understand policy infrastructure and guidanceguidance
ExtensibilityExtensibility Partner offerings that scan e-mail for viruses and disallowed contentPartner offerings that scan e-mail for viruses and disallowed content
Leverages Leverages Microsoft Microsoft applicationsapplications
Exchange integration, Active Directory, IAS for RADIUS authenticationExchange integration, Active Directory, IAS for RADIUS authentication
DMZDMZ
Exchange Exchange Client AccessClient Access
ServicesServices
OutlookOutlook (RPC, RPC/HTTP)(RPC, RPC/HTTP)
Browser Browser (OWA, OMA)(OWA, OMA)
Other Other (POP, IMAP)(POP, IMAP)
Other orgs Other orgs (SMTP)(SMTP)
Internet Internet
Vanliga problemExchange OWA Front End In DMZ
Internal Internal NetworkNetwork
DMZDMZInternetInternet External External FirewallFirewall
Internal Internal FirewallFirewall
Front EndFront EndServerServer
DC/GCDC/GC
Exchange Exchange 2003 Back End2003 Back End
OWA ClientOWA Client
80/44380/443
88: Kerberos (UDP/TCP)88: Kerberos (UDP/TCP)
3268: 3268: LDAPLDAP
389: 389: LDAPLDAP
80: HTTP80: HTTP
53: DNS 53: DNS (UDP/TCP)(UDP/TCP)135: RPC Port 135: RPC Port MapperMapper1024-65536 Random RPC1024-65536 Random RPC
445: Netlogon SMB445: Netlogon SMB
Front End in DMZ kräver “Swiss cheese” konfigurering av Front End in DMZ kräver “Swiss cheese” konfigurering av brandväggenbrandväggenInherently insecureInherently insecure
LösningenPublish OWA Front-End with ISA
Internal Internal NetworkNetwork
DMZDMZInternetInternet External External FirewallFirewall
Internal Internal FirewallFirewall
ISA ServerISA Server Front End Front End ServerServer
OWAClientOWAClient
80/44380/443
80/44380/443DC/GCDC/GC
Exchange Exchange 2003 Back End2003 Back End
ISA Server är “bastion host”ISA Server är “bastion host”Web proxy terminerar alla anslutningarWeb proxy terminerar alla anslutningarDekrypterar HTTPSDekrypterar HTTPSInspekterar innehålletInspekterar innehålletInspekterar URL (med URLScan)Inspekterar URL (med URLScan)
ISAISAServerServer
Windows 2K or Windows 2K or 2003 AD / GC 2003 AD / GC ServerServer
Ex2003Ex2003Front EndFront End
FirewallFirewall
Perimeter Network (DMZ)Perimeter Network (DMZ) EX2003 EX2003 Back-End Back-End ServersServers
OWA ClientsOWA Clients(HTTP / HTML)(HTTP / HTML)
WAP 2.0, iModeWAP 2.0, iMode(xHTML, cHTML)(xHTML, cHTML)
Pocket PC, Pocket PC, Smartphone Smartphone (HTTP / HTML)(HTTP / HTML) Wireless Wireless
Carrier and Carrier and InternetInternet
Outlook ClientsOutlook Clients(RPC/HTTP)(RPC/HTTP)
FirewallFirewall
Samma arkitektur för samtliga enheter
Au
then
ticati
on
an
d A
uth
ori
zati
on
Au
then
ticati
on
an
d A
uth
ori
zati
on
Hosted ServicesHosted Services
Corporate Corporate NetworkNetwork
Exte
rnal
Exte
rnal
Fir
ew
all
Fir
ew
all
ISA ISA ServerServer
Inte
rnal
Inte
rnal
Fir
ew
all
Fir
ew
all
Perimeter Perimeter Network Network
Software on the Software on the PremisesPremises
Antigen for Antigen for ExchangeExchange
Antigen for SMTP Antigen for SMTP GatewaysGateways
Advanced Spam Advanced Spam ManagerManager
InternetInternet
Microsoft Secure Messaging
Exchange Server - Mobility
Mobile PC – RPC / HTTP and ISA Mobile PC – RPC / HTTP and ISA ServerServerMobile Devices – Exchange Server Mobile Devices – Exchange Server Active Synch and Windows Mobile 5 + Active Synch and Windows Mobile 5 + OthersOthers
Push mail , calendar , contacts , tasksPush mail , calendar , contacts , tasksSecurity managed from Exchange: Security managed from Exchange:
Local Device Security PinLocal Device Security PinWipe after # attemptsWipe after # attemptsRemote wipeRemote wipeCertificate Authentication if wantedCertificate Authentication if wantedRSA SecureID Authentication possibleRSA SecureID Authentication possible
Massa produkter och funktioner...
Vad händer ute hos företag idag?Vad händer ute hos företag idag?Tips from coachenTips from coachen
Lasse Pettersson är MVP, Most Valuable Lasse Pettersson är MVP, Most Valuable Professional på Exchange. Professional på Exchange. Humandata var först med Sybari i Humandata var först med Sybari i Sverige. Lasse är flitig artikelskrivar Sverige. Lasse är flitig artikelskrivar och forum deltagare på tex och forum deltagare på tex MSD2D.com. MSD2D.com.