Archive for April, 2010

h1

Microsoft Forefront Threat Management Gateway 2010…

April 15, 2010

Comprehensive, secure Web gateway to help protect employees from Web-based threats

Forefront Threat Management Gateway 2010 (TMG) enables businesses by allowing employees to safely and productively use the Internet for business without worrying about malware and other threats. It provides multiple layers of continuously updated protections that are integrated into a unified, easy to manage gateway, reducing the cost and complexity of Web security.

The Forefront TMG solution includes two separately licensed components:

  • Forefront TMG server that provides URL filtering, antimalware inspection, intrusion prevention, application- and network-layer firewall and HTTP/HTTPS inspection in a single solution
  • Forefront TMG Web Protection Service that provides the continuous updates for malware filtering and access to cloud-based URL filtering technologies aggregated from multiple Web security vendors to protect against the latest Web-based threats.

Key Benefits

Comprehensive Protection

  • Multiple URL filtering data sources for improved blocking of malicious Web sites
  • Highly accurate antimalware engine
  • Intrusion prevention against exploitation of vulnerabilities
  • Built-in, proven network protection technologies of ISA 2006

Integrated Security

  • Multiple Web security technologies integrated into a single solution
  • Authentication, update, policy distribution and reporting infrastructure investments

Simplified Management

  • Single interface for managing Web security policy
  • Comprehensive logging and reporting
Feature Description
URL Filtering Destination URLs are examined for compliance with corporate policy and for malicious potential of destination Web site. Forefront TMG uses Microsoft Reputation Services for URL filtering, combining multiple sources to increase coverage of URLs and categorization.
Web antivirus/anti-malware protection Inbound and outbound Web traffic is inspected for viruses and malware, including archived folders. Encrypted folders can be blocked. For large files, users are trickled the file to assure them the file is being downloaded.
E-mail security Forefront TMG provides central management for Exchange and Forefront Protection 2010 for Exchange when located on the same server. Forefront TMG does not include either Exchange or Forefront Protection 2010 for Exchange. Both must be purchased and installed separately.
HTTPS inspection HTTPS-encrypted sessions can be inspected for malware or exploits. Specific groups of sites—such as banking sites—can be excluded from inspection for privacy reasons. Users of the TMG Firewall Client can be notified of the inspection.
Network Inspection System (NIS) Traffic can be inspected for exploits of Microsoft vulnerabilities. Based on protocol analysis, NIS enables blocking of classes of attacks while minimizing false positives. Protections can be updated as needed.
Enhanced Network Address Translation (NAT) Forefront TMG now enables you to specify individual e-mail servers that can be published on a 1-to-1 NAT basis.
Enhanced Voice over IP support Forefront TMG includes SIP traversal, enabling simpler deployment of Voice over IP within the network.
Windows Server 64-bit support Forefront TMG is installed on Windows Server 2008 with 64-bit support.
Feature Description
Multi-layer firewall Forefront TMG provides access control and protection on three layers: packet filtering, stateful inspection, and application layer filtering.
Application layer filtering Forefront TMG provides deep content filtering through built-in application filters.
Granular HTTP controls Forefront TMG delivers customizable, granular controls to HTTP traffic, including:

– File download controls

– Signature-based blocking

– HTTP method controls

Forefront TMG provides strong controls over Web-based threats.

DoS protections Forefront TMG provides resiliency against flood attacks and re-allocates resources to provide higher security inspection.
Extensive protocol support Forefront TMG delivers out-of-the-box support for many protocols. New protocols can be defined.
Feature Description
Highly secure e-mail access from Outlook Client Remote users can access Exchange Server using the full Outlook MAPI client over the Internet without establishing a VPN connection. The connection is encrypted for security.
Simple Outlook Web Access and Microsoft Office SharePoint Server publishing Simple wizards allow quick configuration of remote access for both Outlook Web Access and SharePoint servers. Outlook Web Access users can be authenticated at the Forefront TMG server, preventing attacks by unauthenticated users.
Highly secure publishing of Web servers, internal servers, and Terminal Services Remote users can access internal resources or Web servers more securely. Link translation is provided.
Single sign on Forefront TMG allow users to access a group of published Web sites without being required to authenticate with each Web site.
Delegation of basic authentication Forefront TMG helps protect published Web sites from unauthenticated access by requiring the Forefront TMG firewall to authenticate the user before the connection is forwarded to the published Web site. This prevents exploits from unauthenticated users from reaching the published Web server.
Link translation to internal servers Forefront TMG includes a link translation feature that you can use to create a dictionary of definitions for internal computer names that map to publicly known names.

Implements link translation automatically during Web publishing.

SSL bridging support To guard against embedded attacks in HTTP traffic, SSL bridging allows SSL protected packets to be decrypted by Forefront TMG, inspected, and re-encrypted.
Feature Description
Site-to-site VPN Forefront TMG enables quick connectivity between sites via wizard-based approach. Also can be configured for tunnel-mode IPSec for support of third party devices.
Remote access VPN Forefront TMG provides termination of L2TP/IPSec and PPTP VPN sessions, using the native Windows VPN services.
Inspection of VPN traffic VPN traffic terminated on the Forefront TMG server is inspected according to the appropriate security policy.
VPN quarantine Forefront TMG provides deep VPN client inspection and integration of your firewall policy.
SecureNAT for VPN clients Forefront TMG helps ensure remote users connected to the network can gain Internet access while maintaining a strong security policy for the corporate network.
Publish VPN servers Forefront TMG can be used to publish internal Windows Servers as VPN servers.
Feature Description
Enterprise policy Policy can be assigned to gateways, arrays, or enterprise-wide.
Easy-to-use wizards Forefront TMG simplifies configuration with multiple wizards for features such as Web publishing, Web access, and array configuration.
Real-time monitoring and reporting Logs may be viewed real-time or historically – including active sessions.
Query building With a built-in query tool, historical data can be found quickly. Complex queries can be built.
Report creation and publishing Reports can be designed for specific needs and then published locally or to a network file share.
External logging Logs may be sent to a Microsoft SQL Server located on the internal network.
Delegated permissions Admin roles can be delegated to users or groups.
Feature Description
Network load balancing Forefront TMG leverages network load balancing to provide fail over and scaling of performance.
Network-based configuration You may configure one or more networks, each with distinct relationships to other networks. Access policies are defined relative to the networks and not necessarily relative to a specific internal network. Forefront TMG extends the firewall and security features to apply to traffic between any networks or network objects.
Caching Forefront TMG provides caching to improve user experience and reduce bandwidth costs. With the centralized cache rule mechanism of Forefront TMG, you can configure how objects stored in the cache are retrieved and served from the cache.
Background Intelligent Transfer Service (BITS) caching Forefront TMG provides the caching mechanism for data received through BITS. Any cache rule that you create can be enabled to cache BITS data.
HTTP compression You can reduce file size by using algorithms to eliminate redundant data during transmission of HTTP packets.
Diffserv (Quality of Service) Forefront TMG includes packet prioritization functionality (provided by the Diffserv Web filter), which scans the URL or domain and assigns a packet priority using Diffserv bits.

Advertisements
h1

Windows Essential Business Server 2008…

April 5, 2010

Windows Essential Business Server (EBS) 2008 is a new server suite whose purpose is to provide, in one integrated installation, all the essential networking services needed to run a medium-size business. (A medium-size business is defined as one with approximately 50 to 300 computers.) These core networking services include a centralized management platform, an Active Directory domain with two domain controllers, e-mail and e-mail security, a firewall, an update infrastructure, Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), remote administration, monitoring, and many other features.

The Windows EBS suite includes the following component product technologies from Microsoft:

n Windows Server 2008 All Windows EBS servers run on Windows Server 2008

Standard Edition.

n Exchange Server 2007 Microsoft Exchange Server 2007 Standard Edition provides advanced e-mail and calendar functionality to Windows EBS networks.

n Forefront Security for Exchange Microsoft Forefront Security for Exchange Server helps protect the Windows EBS environment from viruses, worms, and spam. Forefront Security for Exchange uses multiple antivirus engines to provide layered protection against e-mail–based threats.

n Forefront Threat Management Gateway (Formerly Internet Security and Acceleration [ISA] Server), Medium Business Edition Forefront Threat Management Gateway (TMG) is an integrated edge security gateway that helps protect the Windows EBS network against Internet-based threats. In addition, through Web caching functionality, this product also provides users fast and secure remote access to applications and data.

n System Center Essentials 2007 System Center Essentials is a management product designed to help IT professionals manage their networks with greatly increased ease and efficiency.

n SQL Server 2008 (Windows EBS Premium Edition only), Standard Edition Microsoft SQL Server 2008 is a robust database server as well as a comprehensive data management and analysis software solution.

Windows EBS Standard Edition is installed on three physical servers. Each of these three EBS servers is named after its primary role in the network:

n Management Server Centralizes the management of your Windows Essential Business Server network. Enables and manages key network services.

n Security Server Helps manage security, Internet access, and remote access. This server includes two network cards and typically is connected directly to the Internet.

n Messaging Server Provides messaging capabilities and manages additional network services.

Minimum Hardware Requirements

Windows EBS has a fairly strict set of hardware requirements. To begin with, Windows EBS is only available as a 64-bit operating system; your server hardware must have a 64-bit processor to install and use Windows EBS. In addition, all server hardware should meet the requirements established for the Windows Server 2008 Logo Program for Systems. (You can learn more about these requirements by visiting http://www.microsoft.com/whdc/winlogo/hwrequirements.mspx.) The following sections provide specific information about the CPU, memory, and hard disk requirements for the Windows EBS servers.

Processor Requirements

Note the following minimum CPU requirements for Windows EBS:

n Systems with a single-core CPU x64 processor with a 2.5-GHz minimum clock speed

n Systems with a multi-core CPU x64 processor with a 1.5-GHz minimum clock speed

n Systems with multiple physical CPUs x64 processor with a 1.5-GHz minimum clock speed

RAM Requirements

The following figures represent the minimum RAM requirements for the Windows EBS servers:

n Management Server 4 GB of RAM

n Security Server 2 GB of RAM

n Messaging Server 4 GB of RAM

Volume and Hard Disk Configuration

Note the following volume requirements for each of the three Windows EBS servers:

n Management Server

• System volume: Minimum of 50 GB of free disk space

• Data volume: Minimum of 30 GB of free disk space

n Security Server

• System volume: Minimum of 50 GB of free disk space

• Data volume: Minimum of 10 GB of free disk space

n Messaging Server

• System volume: Minimum of 50 GB of free disk space

• Data volume: Minimum of 20 GB of free disk space