Protegendo seus desktops e servidores com
o Microsoft Forefront Client Security
Visão Geral e Implementação Técnica - Parte 1
Ricardo Frois
Security Specialist
Microsoft Brasil
Agenda
• FCS Overview
• FCS Prerequisites
• Prerequisite installation and configuration
Helpful Experience
• Familiarity with Microsoft Operations
Manager
• Familiarity with Microsoft SQL Server
• Experience with network security
Level 200
A Comprehensive Security Solution
Services
Edge
Server
Applications
Content
Client and
Server OS
Identity
Management
Systems
Management
Active Directory
Federation Services
(ADFS)
Guidance
Developer
Tools
•Internet
• Distributed protection
•Gartner Magic Quadrant for
•E-Mail Security Boundary 2006 *
• Performance tuning
• Content filtering
• Central management
•Exchange Server/
Windows-based
SMTP Server
•A
•B
•C
•D
•E
•* Magic Quadrant for E-Mail Security Boundary, 2006. Peter Firstbrook, Arabella Hallawell
Publication Date: 25 September 2006/ID Number: G00142431
FOR INDIVIDUAL USERS
FOR BUSINESSES
Forefront Client
Windows
Defender
MSRT
Remove most
prevalent viruses
Remove all
known viruses
Real-time
antivirus
Remove all
known spyware
Real-time
antispyware
Central reporting
and alerting
Customization
IT Infrastructure
Integration
6
Windows Live Windows Live
Safety Center
OneCare
Security
Proteção unificada contra malware para desktops, laptops e
servidores corporativos com gerenciamento e controle unificados











Solução unificada contra virus e spyware
Construido usando como base tecnologia usada por milhões de
usuários
Resposta a ameaças eficaz
Complementa as outras soluções de segurança Microsoft
Console única para administração de segurança
Definição de uma única política para as configurações de proteção
de clientes
Distribuição de assinaturas e software de forma mais rápida
Integração com a infra estrutura existente
Um único painel de controle para visualização de ameaças e
vulnerabilidades
Visualização de relatórios mais importantes
Permite que os administradores se mantenham informados sobre o
estado de scannings, alertas de segurança
7
Proteção unificada contra malware para desktops, laptops e
servidores corporativos com gerenciamento e controle unificados
Greater confidence
Greater efficiency
Greater control
Agenda
• Reviewing FCS
• Installing Prerequisites
Hardware Prerequisites
Domain
Controller
133 Mhz
128 MB RAM
2GB available
disk space
FCS Server
Minimum
750 Mhz
512 MB RAM
80GB available
disk space
DVD-ROM
FCS Client
500 Mhz
256 MB RAM
350MB available
disk space
Software Prerequisites
SQL Server 2005 + Reporting Services
Windows Software Update Services
Group Policy Management Console
.NET Framework 2.0
MMC 3.0
IIS 6.0
Installed with FCS
Hotfixes for MOM and SQL
Microsoft Operations Manager 2005 SP1
Microsoft Operations Manager Reporting
Demo
demonstration
Installing Software Prerequisites
Review Installed Prerequisites
 Review Reporting Services
Configuration
 Install .NET Framework 2.0

Understanding Policies
Forefront Client Security Console
Administrator creates & deploys policy
Group Policy
Management Console
Clients
Install and Configure IIS
Configure your Server Wizard
Add Application Server Role (IIS)
Enable FrontPage Server Extensions
Enable ASP.NET
Install SQL Server 2005
Install new or use existing SQL Server
with Service Pack 1
Existing SQL Server cannot contain
OnePoint or SystemCenterReporting
databases
Install Database Engine and Reporting
Services
Use Windows Authentication whenever possible
on SQL Server 2005.
Install GPMC, .NET, and MMC
GPMC SP1
• Required for management server role
• Download from Microsoft
.NET Framework 2.0
• Required for management server role
• Usually already installed
MMC 3.0
• Required for management server role
• Included with Windows Server 2003 R2
Install WSUS
• Store updates locally
• Create a WSUS Web site during
installation—FCS requires WSUS
to use port 8530
• Configure automatic approval
• First synchronization can take
several hours
18
Demo
Demonstration
• Using Forefront Client Security to Protect
Client Computers
• Updating Signature Files
• Using Policies to Manage Client Computers
• Supported Platforms
– Server
• Windows 2003 Server/SP1
• Windows 2003 Server/R2
• Longhorn Server (at RTM)
– Client
• Windows 2000/SP4 + Rollup
– Requires GDI+ QFE
• Windows XP/SP2
– Requires Filter Manager QFE

One dashboard for visibility
into threats and vulnerabilities

View insightful reports

Stay informed with state
assessment scans and security
alerts
21
Viewing Reports
Reporting Details
Integração com MOM 2005
Uso SQL Reporting Services
Demonstra o status da segurança contra malware na
sua empresa
Especifica point-in-time e over time
Tipos de Relatorios
Summary Report
Malware Threat(s)
Deployment
Vulnerability Summary
Alerts
Scan Results
Computers
Historical Information
22
Respond to Alerts
Alerting Functionality
Notificação e administração dos valores de incidentes
incluindo:
Malware detected
Malware outbreak
Malware failed to remove
Malware protection disabled
Controle do tipo de nivel de alertas & volume de alertas gerados
Critical Issues Only,
Low Value Assets
Outbreak
1
2
Malware
removal failed
3
4
5
Rich Data,
High Value Assets
Signature
Malware detected Signature update
update failed
and removed
failed (per min)
23
Security Summary
Security Product Roadmap
•Current
•Dec 2006
•2007+
•Client
•Server
Microsoft®
Antigen
Messaging Security Suite
•Edge
•TBD
• Public beta available now!
– Download at
http://www.microsoft.com/clientsecurity
– Community-based support at
http://www.microsoft.com/technet/clientsecurity
• Release To Manufacture planned for
Q2 CY2007
Put your organization through a security audit
http://www.microsoft.com/forefront
Download trial versions of
http://www.microsoft.com/isaserver/2006
http://www.microsoft.com/antigen
Register for beta information about
http://www.microsoft.com/clientsecurity
Contact your Microsoft rep or reseller for information
and advice
Other Resources
Technical Chats and Webcasts
http://www.microsoft.com/communities/chats/default.mspx
http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certification
http://www.microsoft.com/learning/default.mspx
MSDN & TechNet
http://microsoft.com/msdn
http://microsoft.com/technet
Virtual Labs
http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
© 2006 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
•Magic Quadrant Disclaimer
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger
research note and should be evaluated in the context of the entire report. The
Gartner report is available upon request from Microsoft. Go to:
www.microsoft.com/forefront
•The Magic Quadrant noted on slide 10 is copyrighted September 25, 2006, by
Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical
representation of a marketplace at and for a specific time period. It depicts Gartner's
analysis of how certain vendors measure against criteria for that marketplace, as
defined by Gartner. Gartner does not endorse any vendor, product or service
depicted in the Magic Quadrant, and does not advise technology users to select
only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is
intended solely as a research tool, and is not meant to be a specific guide to action.
Gartner disclaims all warranties, express or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
Download

Deploying Forefront Client Security, Part 1