Forefront Protection for Office TechNet Presentation

1. Forefront Protection for Office: Overview Curtis Parker, Product Manager Microsoft Corporation al 1

2. Agenda Forefront Protection for Office: Overview Secure Messaging Protecting your email Secure Collaboration Protecting your collaboration portals Management Experience Improving security management (multiple servers support) Forefront Protection for Office: Licensing

3. Forefront Protection for Office: Overview

4. Forefront for Office Products Aligning protection with the workloads

6. Microsoft® Forefront® Security for Office Communications Server

7. Microsoft® Forefront® Server Security Management Console 2010

8. Microsoft® Forefront® Online Protection for Exchange

9. Microsoft® Exchange Hosted Encryption

10. Microsoft® Forefront ® Protection 2010 for Exchange Server

11. Multiple scan engines at multiple layers throughout the corporate infrastructure provide maximum protection against email and collaboration threats

13. Kaspersky

14. Authentium

15. Virus Buster

16. Norman

17. Cloudmark

18. Microsoft AV

19. Kaspersky

20. Authentium

21. Virus Buster

22. Norman

23. Symantec

24. Kaspersky

25. Authentium

26. Layered defenses against junk mail

27. IP reputation blocking

28. Connection analysis

29. Reputation analysis

30. Safe Senders Sync

31. Outlook Junk Email Plugin

32. Additional spam filtering options

33. IP-based authentication

34. Non-delivery report backscatter mitigation

35. Outbound spam filtering

36. Rules-based scoring

37. Fingerprinting

38. Integrated antispyware protection

39. Integrated antispyware protection

40. Bounce Address Tag Validation (BATV)

41. Industry-leading third-party content filtering engine

43. Transport Scanning

44. Subject line

45. Body

46. Message character sets

47. Cannot filter content inside attachments

48. Predefined rule sets

49. Filter inside attachments

50. Keyword filtering to block out-of-policy content

51. Policy Rule Syntax options support: Basic and regular expressions

52. Can add custom dictionaries

53. Determines true file type

54. Extensions

55. Format

56. Zip

57. Determines true file type

58. Extensions

59. Format

60. Zip

61. Extensions

63. Fail-safe protection through redundancy

64. Diversity of antivirus engines and heuristics** 0.00 denotes proactive detection 1 Source: AV-Test.org (http://.av-test.org) The Multiple-Engine Advantage

65. Secure Messaging Protecting your email

66. Secure Messaging Solutions

67. Gartner Magic Quadrant for Secure E-Mail Gateways -- Gartner, Inc. Magic Quadrant for Secure E-Mail Gateways, Peter Firstbrook, Erik Ouellet, April 27, 2010. The Gartner Magic Quadrant is copyrighted by Gartner, Inc., and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Microsoft.

68. Forefront Protection for Exchange Server:Industry-Leading Performance West Coast Labs: Spam catch rate above 99% Premium anti-spam certification Virus Bulletin: Continuous live spam catch rate above 99%: 99.77% (September 2009) 99.46% (November 2009) 99.32% (January 2010) 99.86% (March 2010) 99.93% (May 2010) 99.96% (July 2010)

70. Single-engine vendors provided responses in 5 days, 4 days,and 6 days,respectively. On-premises or in the cloud 99% spam detection* * With premium anti-spam services

71. July 2010

72. Forefront Protection for Exchange Server Enterprise Network Edge Transport Protection availability: Exchange 2010 Exchange 2007 SP1 Hub Transport Routing & Policy External mail Unified Messaging Voice mail & voice access Mailbox Storage of mailbox items Mobile phone Client Access Client connectivity Web services Phone system (PBX or VOIP) Web browser Outlook (remote user) Line of business applications Outlook (local user)

73. FPE Anti-Spam Functional Highlights

74. Keyword Filtering Searches the message body for matches to keywords in selected lists Can be imported from an existing file Can filter phrases Support operators: AND, OR, NOT Actions: Skip & Detect, Delete, Suspend

75. File Filtering Filter by name, type, or size: *.exe *.doc *>10 MB Filters can be combinations of size, name, and type: photo1.jpg > 10 MB *.mp3 > 5 MB *>10 MB Suggested files to block: EXE, COM, PIF, SCR, VBS, SHS, CHM, and BAT Actions: SkipDetect, Suspend (Realtime), Delete (Scheduled/OnDemand)

76. Container Behavior Forefront scans within .zip, .rar, and other compressed formats and deletes only the offending file EXE DOC TXT DOC JPG BMP JPG BMP Custom deletion text Filter Rules: Delete *.exeQuarantine Container file before scan EXE Container file after scan Quarantine

77. DEMO Forefront Protection for Exchange Server (FPE)

78. FOPE CoreProductCapabilities

79. FOPE Implementation Scenarios

80. Forefront Online Protection for Exchange Multilayer spam and virus protection and policy enforcement Corporate network External senders/ recipients Exchange Server Legitimate email Antivirus Inbound filteredemail Policy Edge Blocking Active Directory Encryption* FOPE Directory Synchronization Tool Anti-spam Outbound filtered email Junk email Automatic spooling Messaging administrator Administrator console Employees About 90% of email is junk End-user quarantine Also incorporates technology from… *Requires additional Exchange Hosted Encryption license

81. Hybrid Messaging Protection On-premises software Online Exchange Server Internet SMTP Edge role Hub role Mailbox role Antivirus and anti-spam protection for Exchange Server 2010 and Exchange Server 2007 server roles

82. DEMO Forefront Online Protection for Exchange (FOPE)

83. Secure Collaboration Protecting your collaboration portals

84. The Need for SharePoint Protection SQL back end Indexing server Management External SharePoint users Potential malware Internet Potential malware InternalSharePoint users Unified Application Gateway Web front end firewall

85. Integration with SharePoint Forefront Protection for SharePoint Antivirus scanning Antispyware scanning Keyword filtering File filtering Quarantine VSAPI Upload/ download SharePoint databases SharePoint web front-end servers

86. DEMO Forefront Protection for SharePoint (FPSP)

87. Management Experience Improving security management

88. Management Options for Forefront Protection Servers

90. Server discovery and grouping

91. Product patch and FPSMC agent deployment

92. Deploy policies to custom-defined groups of servers

93. Manage cross-domain and non-domain servers from one console

94. Firewall friendly communication channel

95. Signature redistribution for 32-bit and 64-bit engines

96. Online integration with FOPE

97. Visibility into incidents across FPE and FPSP

98. Real-time monitoring for security events

99. User friendly Dashboard view

100. Real-time and historical reports

101. Web-based interface for easier access

102. License distribution and activation

103. Centralized quarantine

104. Enterprise-ready scalability

105. Support for SQL scenarios

106. Business continuity for critical functionality

108. Hyper-V

109. WCF

110. Active Directory

111. SQL Server 2008

112. Internet Explorer 7.0 and Internet Explorer 8.0FPSMC Capabilities

114. Central console for all FPSMC tasks

116. Reporting On-demand Incident detection, spam detection, engine and definition version Report scoped based on date range and desired servers Report includes distribution of detections, trending, and raw data Scheduled Sent via email on a daily, weekly, or monthly basis

117. FPSMC Architecture Overview Remote access Replication Backup FPSMC Primary FPSMC Add FPE and FPSP servers to FPSMC and deploy agent Upload policy to FPSMC and create jobs Run jobs to deploy policy Retrieve quarantine and reporting data periodically

118. DEMO Forefront Protection Server Management Console (FPSMC)

119. Forefront Protection for Office: Licensing

120. Forefront Protection for Office Product List and Acronyms Forefront is the Microsoft brand and suite of security products: Forefront Online Protection for Exchange (FOPE) Exchange Hosted Encryption (EHE) Forefront Protection 2010 for Exchange Server (FPE) Forefront Protection 2010 for SharePoint (FPSP) Forefront Security for OCS (FSOCS) Forefront Protection Server Management Console (FPSMC) Forefront Protection Server Script Kit (FPSSK)

121. Subscription Licensed Products

122. Additional Resources and Announcements

123. Introducing Business Ready Security Demo 4.0i Microsoft Business Ready Security (BRS) 4.0i New! FPSMC RTW included New! FPSMC hands-on lab (HOL) New! FPE and FPSP update rollups End-to-end demo environment All identity and security solutions and technologies 7 GB zipped installer package Demo scripts and architecture overview documentation provided Available as download: http://go.microsoft.com/fwlink/?LinkId=190269 Distribution list: msvmtalk@microsoft.com

124. Business Ready Security Demo 4.0i (continued)

125. Business Ready Security Demo 4.0i (continued)

126. Links and Resources

127. Questions and Answers Submit text questions by using the “Ask” button Don’t forget to fill out the survey For upcoming and previously live webcasts: www.microsoft.com/webcast Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781

128. 47