Protegendo seus desktops e servidores com o Microsoft Forefront Client Security Visão Geral e Implementação Técnica - Parte 1 Ricardo Frois Security Specialist Microsoft Brasil Agenda • FCS Overview • FCS Prerequisites • Prerequisite installation and configuration Helpful Experience • Familiarity with Microsoft Operations Manager • Familiarity with Microsoft SQL Server • Experience with network security Level 200 A Comprehensive Security Solution Services Edge Server Applications Content Client and Server OS Identity Management Systems Management Active Directory Federation Services (ADFS) Guidance Developer Tools •Internet • Distributed protection •Gartner Magic Quadrant for •E-Mail Security Boundary 2006 * • Performance tuning • Content filtering • Central management •Exchange Server/ Windows-based SMTP Server •A •B •C •D •E •* Magic Quadrant for E-Mail Security Boundary, 2006. Peter Firstbrook, Arabella Hallawell Publication Date: 25 September 2006/ID Number: G00142431 FOR INDIVIDUAL USERS FOR BUSINESSES Forefront Client Windows Defender MSRT Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware Real-time antispyware Central reporting and alerting Customization IT Infrastructure Integration 6 Windows Live Windows Live Safety Center OneCare Security Proteção unificada contra malware para desktops, laptops e servidores corporativos com gerenciamento e controle unificados Solução unificada contra virus e spyware Construido usando como base tecnologia usada por milhões de usuários Resposta a ameaças eficaz Complementa as outras soluções de segurança Microsoft Console única para administração de segurança Definição de uma única política para as configurações de proteção de clientes Distribuição de assinaturas e software de forma mais rápida Integração com a infra estrutura existente Um único painel de controle para visualização de ameaças e vulnerabilidades Visualização de relatórios mais importantes Permite que os administradores se mantenham informados sobre o estado de scannings, alertas de segurança 7 Proteção unificada contra malware para desktops, laptops e servidores corporativos com gerenciamento e controle unificados Greater confidence Greater efficiency Greater control Agenda • Reviewing FCS • Installing Prerequisites Hardware Prerequisites Domain Controller 133 Mhz 128 MB RAM 2GB available disk space FCS Server Minimum 750 Mhz 512 MB RAM 80GB available disk space DVD-ROM FCS Client 500 Mhz 256 MB RAM 350MB available disk space Software Prerequisites SQL Server 2005 + Reporting Services Windows Software Update Services Group Policy Management Console .NET Framework 2.0 MMC 3.0 IIS 6.0 Installed with FCS Hotfixes for MOM and SQL Microsoft Operations Manager 2005 SP1 Microsoft Operations Manager Reporting Demo demonstration Installing Software Prerequisites Review Installed Prerequisites Review Reporting Services Configuration Install .NET Framework 2.0 Understanding Policies Forefront Client Security Console Administrator creates & deploys policy Group Policy Management Console Clients Install and Configure IIS Configure your Server Wizard Add Application Server Role (IIS) Enable FrontPage Server Extensions Enable ASP.NET Install SQL Server 2005 Install new or use existing SQL Server with Service Pack 1 Existing SQL Server cannot contain OnePoint or SystemCenterReporting databases Install Database Engine and Reporting Services Use Windows Authentication whenever possible on SQL Server 2005. Install GPMC, .NET, and MMC GPMC SP1 • Required for management server role • Download from Microsoft .NET Framework 2.0 • Required for management server role • Usually already installed MMC 3.0 • Required for management server role • Included with Windows Server 2003 R2 Install WSUS • Store updates locally • Create a WSUS Web site during installation—FCS requires WSUS to use port 8530 • Configure automatic approval • First synchronization can take several hours 18 Demo Demonstration • Using Forefront Client Security to Protect Client Computers • Updating Signature Files • Using Policies to Manage Client Computers • Supported Platforms – Server • Windows 2003 Server/SP1 • Windows 2003 Server/R2 • Longhorn Server (at RTM) – Client • Windows 2000/SP4 + Rollup – Requires GDI+ QFE • Windows XP/SP2 – Requires Filter Manager QFE One dashboard for visibility into threats and vulnerabilities View insightful reports Stay informed with state assessment scans and security alerts 21 Viewing Reports Reporting Details Integração com MOM 2005 Uso SQL Reporting Services Demonstra o status da segurança contra malware na sua empresa Especifica point-in-time e over time Tipos de Relatorios Summary Report Malware Threat(s) Deployment Vulnerability Summary Alerts Scan Results Computers Historical Information 22 Respond to Alerts Alerting Functionality Notificação e administração dos valores de incidentes incluindo: Malware detected Malware outbreak Malware failed to remove Malware protection disabled Controle do tipo de nivel de alertas & volume de alertas gerados Critical Issues Only, Low Value Assets Outbreak 1 2 Malware removal failed 3 4 5 Rich Data, High Value Assets Signature Malware detected Signature update update failed and removed failed (per min) 23 Security Summary Security Product Roadmap •Current •Dec 2006 •2007+ •Client •Server Microsoft® Antigen Messaging Security Suite •Edge •TBD • Public beta available now! – Download at http://www.microsoft.com/clientsecurity – Community-based support at http://www.microsoft.com/technet/clientsecurity • Release To Manufacture planned for Q2 CY2007 Put your organization through a security audit http://www.microsoft.com/forefront Download trial versions of http://www.microsoft.com/isaserver/2006 http://www.microsoft.com/antigen Register for beta information about http://www.microsoft.com/clientsecurity Contact your Microsoft rep or reseller for information and advice Other Resources Technical Chats and Webcasts http://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp Microsoft Learning and Certification http://www.microsoft.com/learning/default.mspx MSDN & TechNet http://microsoft.com/msdn http://microsoft.com/technet Virtual Labs http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. •Magic Quadrant Disclaimer This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Microsoft. Go to: www.microsoft.com/forefront •The Magic Quadrant noted on slide 10 is copyrighted September 25, 2006, by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.