Академический Документы
Профессиональный Документы
Культура Документы
Technologies
(not Dr.) Fred Baumhardt
Security Technology Architect
Microsoft Incubation
fred@microsoft.com
Server Security
•How not to do it
This is not
the way to
protect
your front
perimeter
or edge
Infrastructure Security
Architecture Security
Root Causes
•Infrastructure Architecture
Internet Systems
Project 1…n System
Branch Offices
Departments
This will
Save
Security Rules
•The Biology of Security
Pathogens Break
Enforce Protocol protocol
Rules at therules – you
Network
wrote a buffer for 72 characters –
Device – things that
attacker sent you 182
break are dropped
P
Mobile SS L DA
LT ), DC/GC
UN e r os
NE Ker b
L ,
HT
TP PC
B AS (R
I C, er os
C er rb
t if ic
ate , Ke
s, L LM
im it
ed NT )
VPN
N T L M , Ker beros
col, (
al l C l ie nt Pr ot o Internal Clients
s), Sec ID Firew
ul l F orm s , B AS IC, VPN(all ty pe RA
F DI
US
s
ll Form (U1
81
Fu 2-1
ic ates , 3D
if
Cert e fa
ul t
)
Firewall
Redundant Routers
Redundant Firewalls
NIC teams/switches
Control Zone
Control Zone Control Zone Control Zone
Application Servers
Data Network – SQL Infrastructure Network Messaging Network – Exchange Messaging Network – Exchange
Server Clusters – Internal Active Directory FE BE
X
X
Infrastructure Security
ForeFront Security
Capabilities
•Understand The Risks
•Define the Strategy
Client
Server
Edge TBD
TBD
Its about securing the workload
IM and
Documents
Live
Communications
Server
Antigen
EHS
SharePoint
Server
E- ISA
Server
mail
Exchange Hosted Antigen
Services Antigen