Forefront Online Protection for Exchange
Download
Report
Transcript Forefront Online Protection for Exchange
Forefront Online Protection for Exchange
Renato Francesco Giorgini
Evangelist IT Pro
[email protected]
Agenda
Panoramica
Architettura
Funzionalità Anti-Spam
Funzionalità Anti-Virus
Policy Enforcment
Setup Iniziale
Reporting & Auditing
Scenari Misti
Business Challenges
Protect information so your business can grow
Prevent spam from undermining user productivity and safety
Provide a timely response to the latest malware and vulnerabilities
Add new technology to enable productivity without adding security risk
Share information while maintaining compliance
Restrict the distribution of inappropriate content
Prevent loss of sensitive information
Uniformly enforce compliance across an organization
Reduce security costs
Implement security that integrates with existing IT assets more effectively
Reduce administrative costs through simplified management and deployment
Choices for Exchange Message Filtering
Forefront Protection for Exchange Server (FPE)
Forefront Online Protection for Exchange (FOPE)
On-premises antivirus and antispam with local configuration
Internal mail filtering and content filtering
Antispam and antivirus protection in the cloud
SLA backed e-mail security performance
Hybrid scenario
Solutions compliment each other
FOPE Architecture Overview
Internet Cloud
Internet
FOPE
Online
Service
Spam quarantine
Internal
Mail server
Exchange Hosted Services
Real-time threat prevention
Layered anti-spam and antivirus
Customized policy enforcement
E-mail and IM retention for organizational governance and e-discovery
Customized report generation for demonstrating compliance
Fully indexed, searchable archive
Uninterrupted e-mail accessibility
Rapid recovery from unplanned disasters and network outages
Thirty-day rolling historical e-mail store
Gateway, policy-based e-mail encryption
No public and private key management
Full e-mail encryption
Exchange Online Protection - Features
Antispam
Antivirus
Policy Enforcment
Disaster Recovery
Directory Services Syncronization
Architettura
FOPE Global Network Infrastructure
Network infrastructure that delivers reliability and
scalability
Hosted services provisioned across a global network
infrastructure
Fully redundant, load-balanced architecture
Scalability to handle all message volume variations
Service Level Agreements
Spam and Virus
Filtering Effectiveness
Filtering Network
Performance
100%
98%
1:250,000
Known virus
Protection
Spam
Detection
False Positive
Ratio
99.999%
Network Uptime
Rapid E-mail Delivery
(Average delivery commitment
of less than 1 minute)
Each SLA is backed by a financial commitment from Microsoft
http://go.microsoft.com/fwlink/?LinkID=133205
Terms and conditions apply. Please visit the Admin Center Resource Center at http://admin.global.frontbridge.com
You may have to login to the system to view the service level agreement. Please contact your reseller or Microsoft
Account Manager if you wish to view these prior to signing up for the service.
Demo
Funzionalità Anti-Spam
Forefront Online Protection for Exchange
Multilayer spam and virus protection and policy enforcement
External Senders/
Recipients
Corporate Network
Legitimate
E-mail
Junk E-mail
Exchange Server
Outbound
Filtered E-mail
Edge Blocking
Antivirus
Policy
* Encryption
Anti-spam
Inbound Filtered
E-mail
FOPE Directory
Synchronization Tool
Active
Directory
Disaster Recovery
About 90% of
E-mail is junk
* Requires additional Exchange
Hosted Encryption License
Administrator
Console
End User
Quarantine
Also incorporates
technology from…
Messaging
Administrator
Employees
Antispam Protection
IP Repudiation Blocking
IP-Based Authentication
SMTP Connection Analysis
Real Time Attack Protection
Reputation Analysis
Junk Email Protection
Additional Spam Filtering Options
Cloudmark: Message Fingerprinting
Non-Delivery Report Backscatter Mitigation
Rules-Based Scoring
Outbound Spam filtering
Enhanced Reputation Lists
Bad
URLs
URIBL.com
Spam Rules
Database
Forefront
Online
Protection
Spam Filter
Non-Permitted
IPs
Internet Service Providers
Clean-up
Process
Cloudmark Content Engine
Fingerprint
Cache
Spam
Reject
Legit.
FSE-protected Exchange
recipient
Message
reduced
to fingerprints
Fingerprints compared
to local cache
No Match? Apply
heuristics
Outbound Spam Mitigation
Customer 1
FOPE
Regular Outbound
Customer 2
FOPE
Spam Filter
Customer 3
FOPE
Higher Risk
Delivery Pool
Spam Quarantine
Quarantined and stored for review for 15 days
Web Access
Redirected to SMTP Mailbox
Tagged with X-Header
Tagged in Subject Line
Demo
Funzionalità Anti-Virus
Antivirus Protection
Multi-AV-Engine
Layered Defenses
Real-Time Threat Response
Fast Antivirus Signature Deployment
Demo
Policy Enforcment
Protect Sensitive Information in E-mail
Automatically protect sensitive e-mail
Can leverage Exchange Server integration with Active
Directory Rights Management Services
Filter
Email attachments
Messages
FOPE possible Actions:
Encrypt/Decrypt
Allow/Reject
Quarantine
Redirect/BCC
Use TLS
Demo
Setup Iniziale
Setting up Hosted Protection
FOPE Service
MX
record
Create Account
Your Organization
Mail
Firewall
SMTP Mail
Mail Server
Allow only FOPE SMTP traffic
Directory Syncronization Tool
Synchronize users, groups
Future basis for Forefront services in the cloud
User attribute differences synchronized
Requires install on Windows Server
https connection
PowerShell enabled
Outlook spam plug-in
Allows reporting of spam to FOPE Admins through a button
Virtual Domains
Not a real DNS Name Domain
Group of Users with shared configuration
settings
Demo
Disaster Recovery
Five days of email queued online
Email can be routed to a different server
Reporting & Auditing
Demo
Scenari Misti
FPE, FOPE or Hybrid?
Forefront Protection for Exchange Server
Forefront Online Protection for Exchange
On-premise antimalware and antispam protection
with local configuration
Concerned with internal mail filtering
External antispam is primary concern
No issues around hosting
Hybrid scenario
Hybrid Messaging Security
On-Premise – Company LAN
Internet
Firewall
Spam policy
Mail
Spam policy
FOPE Gateway
Full Management Policy
SMTP
Mail
Exchange Edge
Exchange Hub
Mailbox Server
Antivirus and anti-spam protection for Exchange
Server 2007/2010 Server Roles
FOPE Gateway
Managed from on-premise systems
Synchronizes on-premise data with FOPE
Forefront Protection Manager console
FPE Stand alone UI
Active Directory information
FPE Antispam policy
Collects data from FOPE to on-premise systems
Quarantine information
Statistics
Deploying FOPE Hybrid Scenario
Follow these steps to prepare your Exchange environment
and enable management of the FOPE gateway in FPE:
Register with FOPE and create an account
http://go.microsoft.com/fwlink/?LinkId=128194
Install the FOPE Gateway
Configure the FOPE settings in FPE and retrieve the FOPE
datacenter IP addresses.
Redirect your mail to the FOPE datacenter by changing your
Mail Exchange (MX) records
Configure your firewall rules and Exchange Edge receive
connector information
This will ensure that only mail that has been filtered by FOPE is
accepted into your organization.
Enterprise Class
Reliability
High availability Software as
a Service (SaaS)
Disaster recovery and e-mail
continuity
SLA-supported uptime and
performance
Active
Protection
Multiple engine antivirus and
antispam protection updated
multiple times a day
98%+ spam detection SLA
Ability to address security
concerns outside the network
Simplified
Management
In-the-cloud filtering frees up
server & network resources
Integration with Forefront
Protection Manager
Directory Synchronization
eases management
overhead
User managed quarantine
reduces administrator
burden
Windows 7
Windows Server 2008 R2
Hyper-V Server R2
Internet Information Services 7.5
Exchange Server 2010
SharePoint Server 2010
System Center
Internet Explorer 8.0
Forefront Protection Suite (Codename “Stirling”)
[email protected]
http://bit.ly/itpromomentum
Per approfondimenti
www.microsoft.com/online/exchange-hostedservices/filtering.mspx
www.microsoft.com/downloads/details.aspx?displaylang=en
&FamilyID=be5963ee-917f-4677-94c5-02985d7e077e
www.microsoft.com/downloads/details.aspx?displaylang=en
&FamilyID=f5714ed7-f14d-499e-b7d9-3365c9008113
[email protected]
http://blogs.technet.com/italy
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.