Secure Platform

Secure Access

Data Protection

Rights Management Services (RMS) SharePoint, Exchange, Windows Mobile integration

Encrypting File System (EFS)Bitlocker

MalwareProtection

User Account ControlNetwork Access Protection (NAP)IPv6IPsec Windows CardSpace

Native smart card supportGINA Re-architectureCertificate ServicesCredential roaming

Security Development Lifecycle (SDL)Kernel Patch ProtectionKernel-mode Driver Signing

Secure StartupWindows Service Hardening

Windows DefenderIE Protected ModeAddress Space Layout Randomization (ASLR)Data Execution Prevention (DEP)

Bi-directional FirewallWindows Security Center

Security Development Lifecycle (SDL)Windows Server Virtualization (Hypervisor)Role Management ToolOS File Integrity

Secure Platform

Network Protection

IdentityAccess

Data Protection

Read-only Domain Controller (RODC)Active Directory Federation Srvcs. (ADFS)Administrative Role Separation

PKI Management ConsoleOnline CertificateStatus Protocol

Network Access Protection (NAP)Server and Domain Isolation with IPsecEnd-to-end Network AuthenticationWindows Firewall With Advanced Security

On By Default

Rights Management Services (RMS) Full volume encryption (Bitlocker)USB Device-connection rules with Group Policy

Improved AuditingWindows Server Backup

Collection

In Person

Online

From3rd Party

Storage

Structured Databases

Unstructured Data

Electronic Databases

Backup

Usage

InApplications

ByEmployees, Marketers

Shared with3rd Parties

Retention/Distruction

Archive

Destruction

Framework for Data GovernancePeople Policy Process

Technology

Management SystemManagement System System Center, Active Directory GPO

Forefront Edge and Server Security, NAP

Perimeter

Network Access Protection, IPSec

Internal Network

Forefront Client Security, Exchange MSFP

Device

SDL process, IIS, Visual Studio, and .NET

Application

BitLocker, EFS, RMS, SharePoint, SQLData

User Active Directory and Identity Lifecycle Mgr

Isolated

Trusted

Remediation Server

Web Server

Remote Access Gateway

Infrastructure Servers

Unmanaged DevicesMalicious

Users

Trusted Home

New Customer

Unhealthy PC

Secure Anywhere AccessEnd-to-end security with IPv6 and IPsecAccess driven by policy not topologyCertificate based multi-factor authenticationHealth checks and remediation prior to access

Policy-driven network access solutionsWindows Firewall with advanced filteringServer and Domain IsolationNetwork Access Protection (NAP)ISA Server 2006Intelligent Application Gateway (2007)Windows Filtering Platform

AuthorizationManager

RMSMIISADFSDomain/DirectoryServices

CertificateServices

Secure collaborationEasily managing multiple identitiesGovernment sponsored identities (eID)Hardware supported trust platformDisparate directories synchronization

Centralized ID controls and mgmt.Embedded identity into applicationsPolicy Governance / ComplianceRole Based PermissionsIdentity and Data Privacy

Brings together metadirectory, certificate management, and user provisioning across Windows and enterprise systems into a single packaged offering.

User ProvisioningAutomates the process of user provisioningand de-provisioningSimplifies compliance through automated IDA enforcementEnforces consistent credentials across systems

Certificate and Smart Card ManagementReduces cost of managing certificate-based credentialsAutomates workflow-driven certificate issuanceand revocationVastly simplifies deployment of smart cards

Identity SynchronizationProvides single view of a user across enterprise systemsAutomatically keeps identity information consistentacross systems

Consumer/ Small Business

Corporate

Client ProtectionServer Protection Edge Protection

Simple PC maintenanceAnti-Virus Anti-SpywareAnti-Phishing

FirewallPerformance TuningBackup and Restore

Edge, server and client protection“Point to Point” SolutionsSecurity of data at rest and in transitMobile workforceManageability

United States

EMEA

APAC

CSS Security and Microsoft Malware Protection CentersOperate on a 24/7 – 365 – Follow-the-Sun basis

Partner with your Microsoft Account Team to create or review your Security Action Plan

Talk about Infrastructure Optimization and the value it could bring to your organization

Implement a Defense-in-Depth security architecture using our advanced security technologies

Leverage Microsoft prescriptive security guidance and online security training

Stay informed through Microsoft Security Bulletins, Security Newsletters and Security Events

Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Trustworthy Computing: www.microsoft.com/security/twcMicrosoft Forefront: www.microsoft.com/forefrontInfrastructure Optimization: www.microsoft.com/ioMicrosoft Security Assessment Tool: www.microsoft.com/security/msat

General Information:Microsoft Live Safety Center: safety.live.comMicrosoft Security Response Center: www.microsoft.com/security/msrcSecurity Development Lifecycle: msdn.microsoft.com/security/sdlGet the Facts on Windows and Linux:

www.microsoft.com/windowsserver/compare

Anti-Malware:Microsoft OneCare Live: beta.windowsonecare.comMicrosoft Defender: www.microsoft.com/athome/security/spyware/softwareSpyware Criteria:

www.microsoft.com/athome/security/spyware/software/isv

Guidance Centers:Security Guidance Centers: www.microsoft.com/security/guidanceSecurity Guidance for IT Professionals: www.microsoft.com/technet/securityThe Microsoft Security Developer Center: msdn.microsoft.com/securityThe Security at Home Consumer Site: www.microsoft.com/athome/security

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the

date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.