Interesting article by Steve Riley that discusses issues of client side security in a distributed environment. Steve tackles the problem of domain joined computers in untrusted environments. Is the access anywhere scenario a security panacea, or just a new collection of security problems that will make our jobs even more difficult?
Read the article and you decide.
http://technet.microsoft.com/en-us/library/dd164389.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
After completing this lab, you will be better able to set-up a trust relationship among business partners. You will walk-through creating, populating, and transforming “claims” about users that are shared between security contexts. Additionally, you will turn federation claims into authorization decisions in a federated application and finally, you will integrate a claims-aware application.
Register for this lab at http://msevents.microsoft.com/CUI/WebCastEventDeta...ode=US
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
The Microsoft Forefront Client Security (FCS) agent can be installed on Windows Server 2008 host and virtualized operating systems to protect against malicious threats. In addition, you can install the FCS Management Server on Hyper-V virtualized machines to consolidate management server roles. Join this TechNet webcast to learn more about deploying FCS in a virtualized environment.
Register for this Webcast at http://msevents.microsoft.com/CUI/EventDetail.aspx...=en-US
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Great Webcast with Steve Riley on virtualization security.
Check it out at http://www.microsoft.com/emea/spotlight/sessionh.a...id=991
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
From the Web site:
“Lingan Satkunanathan, program manager on the Essential Business Server team, tells us about a number of different things around security in EBS. More specifically, some of the things he covers are:
- How EBS locks down security out of the box
- What security settings you might need to change after setup
- IPSec, NAP, and group policy security settings
At 10:00, we get a demo of the EBS security management tab/console which includes:
- Firewall tasks and settings
- Forefront Client Security / Client AV story
- Email Anti-Malware / Anti-Spam
At the end we finish with a peek into the future of EBS with things like Forefront Stirling integration”
Check out the Webcast at http://edge.technet.com/Media/EBS-Security-demo-an...rview/
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
From the Web site:
“Nic Sagez gives us a brief into to Stirling and then gives a screencast demo of a security compromise within an organization which has a Forefront Stirling infrastructure. The breakdown of the scenario is as follows:
- User “Don” browses to a phishing site and installs a program
- Hacker gains control of the client machine, disables Forefront Client Security (FCS) and User Account Control, sends a piece of malware using Don’s email account
- We (an administrator) access the main Stirling Console and view the Security Assessment summary report. We can see TMG detected the port scan and the automatic action and alert was taken.
- We refresh the console again and see Stirling has reported the user has been compromised and another action happens automatically.
- 08:36 - We go back to the main console and then to the client to show how NAP remediated the client by turning back on FCS.
- 09:30 - We go back to the main console and see the security checks summary report and drill down into granular information about the client’s vulnerability. Directly from the console, we are able to turn back on UAC.
After the scenario-relevant part of the screencast is complete, we also see:
- Create a security policy in the Stirling management console using things such as NAP, Internet Explorer, and Exchange.
- Bind this policy with target groups
- Show an enterprise security report generated by Stirling
=======================
This is a great demonstration of Forefront “Stirling” and how it will be able to provided integrated protection of your Microsoft client/server environment using a centralized management and configuration console. No other security product suite on the market today provide the features that Forefront Stirling will provide.
Check out the Webcast at http://edge.technet.com/Media/Forefront-Stirling-s...rview/
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Scott Culp’s 10 Immutable Laws of Security are now 8 years old. How have they stood up to the test of time? Jesper Johansson reviews the first three of these laws and makes a trenchant assessment of how they apply in 2008.
Check out this article at:
http://technet.microsoft.com/en-us/magazine/cc8956...0.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Is is a common misconception that the deperimeterization of networks means that you need to throw out your current edge security devices, assign public addresses to all your machines, and throw away all your router ACLs and allow all inbound and outbound traffic to and from your corpnet to go uninspected and unchallenged.
Instead, deperimeterization is all about recognizing that there are now multiple perimeters; you need to identify your multiple perimeters and assign network security resources to each of those perimeters as appropriate. The “internal” versus “external” characterization of network security zones is no longer considered a viable framework on which to base network security decisions.
It should be well understood by all in our industry that you cannot trust the corpnet any more than you can trust the Internet. True, there is a much larger “attacker surface” on the Internet. However, while the “attacker surface” on the corpnet is much smaller compared to the Internet, the potency and potential for damage of insider attacks negates the relatively smaller attacker surface area.
In his article The “De-perimeterization” of Networks, Ido Dubrawsky does an excellent job at explaining with deperimeterization isn’t and what it is, and how you should take advantage of new technologies, such as the Microsoft Intelligent Application Gateway 2007 (IAG 2007), to meet the challenges of securing an increasingly deperimeterized network environment.
You can find Ido’s article at:
http://technet.microsoft.com/en-us/library/cc512604.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
The Forefront Client Security Management Pack provides enterprise-wide monitoring for your Client Security environment. In addition to real-time event monitoring, the Forefront Client Security Management Pack provides automated and customizable response capabilities to allow you to immediately respond to critical performance, health, or capacity-related issues.
This management pack includes event rules for:
- Microsoft Client Security Update Assistant service (FcsDs.exe)
- Microsoft Forefront Client Security Management Service (FcsMs.exe)
- Definition import failures
Download the FCS Management Pack for MOM 2005 SP1 at http://www.microsoft.com/downloads/details.aspx?Fa...ang=en
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
The Client Security Enterprise Manager tool allows you to aggregate reporting and management of up to 10 Client Security down-level deployments. Each down-level deployment can manage up to 10,000 client, thus allowing you to manage up to 100,000 client computers from a single Forefront Client Security console.
There are two components to the Enterprise Manager installation:
- The Enterprise Manager server component
- The Enterprise Manager down-level component
These components are installed on top of Client Security installations. Before installing Enterprise Manager, you must read the Enterprise Manager documentation.
You can download the Client Security Enterprise Manager installer from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkID=98850).
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
