Identity & Security in Challenging Economic Times
Today's IT Security challenges
Rising Internal Attacks• 75% of companies report insiders responsible
for breaches
• Growing headcount reductions increase risk of intentional theft of intellectual property
New Threats & Increased Sophistication• New forms of malware up 750% in 2008
• Profit-based cybercrime $276M in 2008
Costly Data Breaches• Average cost of data breach is $202/record or $6.6M per
breach
Increased Regulatory Pressure • Requirements for automated controls & new privacy regulations
(SOX, HIPAA, SB1386, etc.)
Shrinking IT Budgets• 2009 IT spending flat-to-negative
• More than 2M US jobs to be shed in 2009
Need for Increased Access & Sharing
•70% of workforce will connect to corporate networks via mobile devices within 4 years
Reduce
Costs
Increase
Productivity
Retain
Customers
Grow Sales
Adapt to
Change
Mitigate
Risks
Sources: Various
Microsoft's Strategy for Identity & Security
Comprehensive suite of
products
Integrated with infrastructure,
applications, heterogeneous and
third party products
Simplified management,
deployment, reporting and
compliance
Industry Leadership
•Trustworthy Computing
• Award Winning Protection Technologies
World Class Research & Support
• Microsoft Malware Protection Center
• Security Response Center
•TechNet Security Center
Broad Partner Ecosystem
•3,000+ Security Competency Partners
• 23,000+ Security Software Advisor Program
Partners
•$75M invested in partner ecosystem
Identity & AccessManagement
SecurityManagement
Identity Based Access
Layered Security
3rd Party Solutions
Identity & Security Platform
Core Windows Platform
Product/Technology AreasStrategy
Identity & Security Solutions
Secure
Messaging &
Collaboration
Secure Client
&
Infrastructure
Information
Protection
Identity
Management
Integrated
Security
Rights Management Services
ADDS, ADLDS, ADCS, ADFS
BitLockerTM, Encrypting File System, Windows Defender
Network Access Protection
Secure Messaging & CollaborationHelp secure IT infrastructure and information with a family of easy-to-manage technologies that provide integrated content and email protection, access control,information protection, and identity management
PROTECTION
PUBLISHING
PREVENTION
POLICY
PROVISION
Rights Management Services
Secure Messaging & Collaboration
Comprehensive Protection
Integrated Infrastructure
Simplified Management
Multiple scan engines for faster threat response
Policy-based persistent protection of emails and documents and instant messages
Internet-based filtering protection from spam, viruses, phishing scams and email policy violations
Secure access from remote locations
Increased ROI of existing infrastructure (e.g. Active Directory)
Lower deployment costs
Simplified acquisition, support, servicing through vendor consolidation
Optimized performance through deep integration with Exchange and SharePoint
Reduced IT burden with centralized management
Lower IT training costs with familiar tools & interfaces
Better compliance with centralized reporting and notifications
Automatic downloads of signature updates
An AV-Test of consumer antivirus products revealed:
On average, Forefront engine sets provided a response in 3.1 hours or less
Single-engine vendors provided responses in 5 days, 4 days, and 6 days respectively
Solution Benefits Evidence
Sources: avtest.org, West Coast Labs, ICSA, Virus Bulletin
“With Forefront Security for Exchange Server,
our comfort level is higher because the mail
server and the security product are tightly
integrated, and they’re both offered by the
same vendor.”
Secure Client & InfrastructureHelp secure IT infrastructure and information with a family of easy-to-manage
technologies that provide integrated security, access control, and information
protection
PREVENTION
PROTECTION Network Access Protection
Rights Management Services
BitLockerTM, Encrypting File System, Windows Defender
Secure Client & Infrastructure
Comprehensive Protection
Integrated Infrastructure
Simplified Management
Increased ROI with integration with existing infrastructure
Lower deployment costs
Consolidated policy management
Simplified acquisition, support, servicing through vendor consolidation
Solution Benefits Evidence
Advanced detection technologies for comprehensive virus and spyware protection
Rapid and effective responses to threats (backed by MMPC)
Protection against theft or loss with drive encryption
Policy-based secure access from remote locations & devices
Lower IT training costs with familiar interfaces & tools
Better compliance with increased visibility and control
Reduced IT burden with centralized management
Automatic downloads of signature updates
AVComparatives(Feb 2008)
Received AVComparatives
Advanced Certification
Kaspersky 98.3%
Symantec 97.7%
McAfee 94.9%
Microsoft 93.9%
VBA32 87.7%
AVTest.org(March 2008)
AVK (G Data) 99.9%
Trend Micro 98.7%
Sophos 98.1%
Microsoft 97.8%
Kaspersky 97.2%
F-Secure 96.8%
Norton (Symantec) 95.7%
McAfee 95.6%
eTrust / VET (CA) 72.1%
In recent tests, Microsoft was rated among the
leaders in antivirus protection
TCO Highlights:• 85% average reduction in security issues
• 75% average security issue response time reduction
• $24 average annual TCO savings per desktop
• BitLockerTM Drive Encryption ships free with
Windows
• Network Access Protection (NAP) ships as part of
Windows Server
Source: Microsoft Forefront Client Security TCO Analysis
Information ProtectionProtect information no matter where it is stored or where it goes, both within and outside
organizational boundaries with a family of easy-to-manage technologies that provide
integrated security, access control, and information protection
PROTECTION
PREVENTION
Rights Management Services
Federation Services
BitLockerTM, Encrypting File System
Information Protection
Comprehensive Protection
Integrated Infrastructure
Simplified Management
Increased ROI with integration with existing Microsoft infrastructure
Elimination of costs associated loss of IP
Seamless integration with common messaging and collaboration interfaces like Office and SharePoint
Solution Benefits Evidence
Lower IT training costs with familiar interfaces & tools
Simplified acquisition, support, servicing through vendor consolidation
Improved compliance by limiting access and distribution of data
Persistent, policy-based protection of information through rights management, even across organizational boundaries
Strong disk & file system encryption for better data protection
Broad range of partner solutions for broad platform & application support
Frost & Sullivan’s Enterprise Rights Management
Market: Competitive Landscape:
“Active Directory Rights Management Services,
Windows BitLocker Drive Encryption, Network
Access Protection and Group Policy reduce the
risk of intellectual property and customer data
loss. Caja Madrid’s use of these technologies
saved it $100K annually.”
Source: Frost & Sullivan
Identity ManagementEnable integrated identity management across heterogeneous systems and
audiences through the delivery of powerful self-service capabilities for Office end-
users, rich administrative tools and enhanced automation for IT professionals and
extensibility for developers.
PROTECTION
POLICY
PROVISIONMicrosoft Code Name “Geneva”
Certificate Services
Identity Management
Comprehensive Protection
Integrated Infrastructure
Simplified Management
Improved ROI of existing investments with integration of enterprises’ heterogeneous identity infrastructure
Increased end user productivity with powerful self-service capabilities
Integration with common messaging and collaboration interfaces like Office and SharePoint
Solution Benefits Evidence
Automation of processes previously complex and manual
Lower IT training costs with familiar interfaces & tools
Stronger compliance with policy management and audit features
Policy-based provisioning and deprovisioning of users
Strong multifactor smart card based authentication
Management of heterogeneous strong authentication systems
Estimated Identity Management Cost
Savings:• Automated password reset saves $30/PC/yr
• Simplified sign-on via directory synchronization
saves $20/PC/yr
• Automated user provisioning reduces IT labor
by $50/PC/yr
Estimated Smart Card Cost Savings:• 40 hours per week in IT labor saved by
replacing ID credentials with smart cards
“Administrative costs will be reduced by
automating employee provisioning methods.
Moving to the Microsoft platform is really going to
drive down IT costs.”
Sources: IDC, Datamonitor
Integrated SecurityEnable comprehensive, coordinated protection across endpoints, messaging and
collaboration servers, and the network edge with a solution that is easier to manage and
control.
PROTECTION
PREVENTION
POLICY
Integrated Security
Comprehensive Protection
Integrated Infrastructure
Simplified Management
Multi-layered defense-in-depth protection that optimized performance and resource efficiency
Deep integration with existing Microsoft infrastructure for greater security and operational efficiency
Improved real-time visibility and security risk assessment via integration with technology partners
Solution Benefits Evidence
Single console for management of endpoint, collaboration, on-premise and cloud messaging server security
Enterprise-wide visibility and reporting into threats and vulnerabilities to enable compliance
Prioritized view of threats for easy investigation and auditing
Advanced protection against evolving threats through integration of industry-leading detection technologies
Vulnerability detection and intrusion prevention across network infrastructure
Industry-leading support via malware research and response “With Forefront, we have the luxury of being
proactive, rather than reactive, about security
threats.”
“Installing and configuring the software was a
no brainer. Forefront Security for SharePoint is
very easy to set up. The administrative console
gives you a complete view of your environment
at all times.”
Solutions that add value
Secure Messaging &
Collaboration
• Reduced threat-response times
• Greater ROI from existing investments in Microsoft infrastructure
• Faster time-to-deployment
Secure Client &
Infrastructure
• Average savings of $24 per PC/year in labor costs based on reduced IT
security response time
• Value-added features in platform at no additional cost (e.g. BitLockerTM)
• Lower IT training costs with familiar interfaces & tools
• Elimination of costs associated with data breaches and noncompliance
• Greater ROI from existing investments in Microsoft infrastructure
• Lower IT administration and maintenance costsInformation Protection
Identity Management
• Automated password reset saves $30/PC/year
• Simplified sign-on via directory synchronization saves $20/PC/year
• Automated user provisioning saves $50/PC/year
• Replacement of ID credentials with smart cards saves 40 hours/week
Integrated Security
• Greater ROI with deep integration with Microsoft infrastructure
• Faster response times to threats
• Increased productivity of IT administrators
Identity & Security Roadmap
Microsoft code name "Geneva"
Rights Management Services
ADDS, ADLDS, ADCS, ADFS
Rights Management Services
ADDS, ADLDS, ADCS, ADFS
Summary
Evolving threat landscape in a constrained operating environment is threatening business continuity
Enterprises must be focused on increasing security while managing costs and increasing business agility
Microsoft is best positioned to help achieve these benefits with:
The right product vision, strategy and roadmap
A product portfolio that is integrated across the entire stack, backed by best-in-class research and broadest partner ecosystem
Products and solutions that enable key security scenarios that deliver value to businesses
“Threats are not going on holiday during this time, compliance
requirements will probably grow, and businesses will be looking for
security to enable technologies that can reduce costs.” – IDC
Worldwide Security 2009 Top 10 Predictions: Security Trends
More Information
Forefront
http://www.microsoft.com/forefront
Forefront Security for Exchange Server
http://www.microsoft.com/forefront/serversecurity/exc
hange/en/us/default.aspx
Forefront Security for SharePoint
http://www.microsoft.com/forefront/sharepoint/en/us/d
efault.aspx
Forefront Client Security
http://www.microsoft.com/forefront/serversecurity/exc
hange/en/us/default.aspx
Exchange Hosted Filtering Services
http://www.microsoft.com/online/exchange-hosted-
services/filtering.mspx
Identity & Access
http://www.microsoft.com/ida
Active Directory Rights Management Services
http://technet.microsoft.com/en-
us/library/cc771627.aspx
Identity Lifecycle Manager 2007
https://www.microsoft.com/windowsserver2008/en/us/
ida-identity-lifecycle-management.aspx
Intelligent Application Gateway 2007
https://www.microsoft.com/Forefront/edgesecurity/iag/
en/us/default.aspx
Internet Security and Acceleration Server 2006
http://www.microsoft.com/forefront/edgesecurity/isase
rver/en/us/default.aspx
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Appendix
Simplified Licensing
Key ECAL Scenarios: Regulatory and legal
compliance
Cost reduction on travel/training/audio conferencing
Increased productivity and business insight
Secure, well managed and naturally familiar desktop
Increased productivity and risk mitigation from theft/loss/breach
Identity & Security locks up the ECAL and
reduces TCO
324
135
50
27
20
15
12
12
68
58
WebEx Web Conferencing
Cisco Unity Unified Messaging
Enterprise IM
Email Anti-MalWare Protection
Client Monitoring
Intranet-Portal Protection
Client Security Low Price
Hosted Filtering
ECAL Suite step-up (Standard EA)
ECAL Suite step-up (Platform EA)
0 75 150 225 300
Annual Per User New Acquisition Costs for 3 year Term
Summary Costs
for ECAL Suite
Each of these
Individual products
> ECAL Suite
Combined point
security solutions
>ECAL Suite
“With Forefront Security for Exchange Server, our comfort level is higher because the mail
server and the security product are tightly integrated, and they’re both offered by the same
vendor.”
Akihiro Shiotani | Section Chief of the Infrastructure Group | Astellas Pharma Information Systems
Department
CUSTOMER
BUSINESS CHALLENGE
• Protecting its enterprise
messaging system from
spam, viruses, and other
threats.
• Ensuring high availability
of mailing system while
scanning it for protection
from viruses
CUSTOMER
SOLUTION
• Upgraded its enterprise
messaging system to
Microsoft Exchange
Server 2007 and also
deployed Microsoft
Forefront Security for
Exchange Server
CUSTOMER
RESULTS/BENEFITS
• Strengthened security
• Simplified IT
management
• Achieved higher
performance with fewer
servers
• Gained more flexible
options for future
enhancements
Case StudyAstellas Pharma
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“I’ve used many security products over the years, and the reporting in Forefront products is light-
years ahead of anything else I’ve seen.”
Will Wilson | Director of Information Systems | Guardian Management LLC
Case StudyGuardian Management LLC
CUSTOMER
BUSINESS CHALLENGE
• Managing existing
security solutions from
multiple vendors more
effectively
• Allowing employees to
exchange e-mail from
outside the office more
easily
• Improving monitoring
and reporting
capabilities of the
security infrastructure
CUSTOMER
SOLUTION
• Simplified and integrated
its IT environment by
deploying the Microsoft
Forefront line of
business security
products and the
Microsoft System Center
family of IT management
solutions
CUSTOMER
RESULTS/BENEFITS
• Improved security and
reliability
• Simplified deployment,
monitoring, and
reporting
• Increased user and IT
productivity
• Simplified publishing and
pre-authenticated
access to the servers
that run Outlook Web
Access
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“With multiple scan engines in Forefront Security for Exchange Server, even when one engine is
being updated, others continue to scan. As a result, we don’t have e-mail messages queuing up.”
Salah Elewa | Director of Technology Development & Decision Support Center | Egyptian Ministry of Education
Case StudyEgyptian Ministry of Education
CUSTOMER
BUSINESS CHALLENGE
• Protecting information
as per company policies
• Making encryption and
other security-related
technologies easier to
use
• Protecting content while
sharing information with
partners
CUSTOMER
SOLUTION
• Deployed several
Microsoft Forefront
business security
products to gain
integrated protection
against a variety of
Internet-based threats
CUSTOMER
RESULTS/BENEFITS
• Increased efficiency of
security management
• Gained comprehensive,
layered protection
• Achieved higher
performance
• Improved support and
increased frequency of
updates
• Built strong foundation
for future enhancements
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“Forefront Security for SharePoint is very easy to set up. The administrative console
gives you a complete view of your environment at all times. You just choose the scan
engines and a few other parameters, and you’re ready to rock and roll.”
Jonathan Wynn | Business Lead for Strategic and Capacity Planning | Del Monte
• Protecting SharePoint
document libraries from
viruses
• Guarding against
viruses entering from
outside the network as
partners are allowed to
access SharePoint
• Deployed Microsoft
Forefront Security for
SharePoint, which helps
protect SharePoint
Server 2007 and
Windows® SharePoint®
Services environments
against the latest
viruses, worms, and
inappropriate content
• Improved content
protection from viruses
• Simple, straightforward
deployment
• Easy management with
centralized management
console
• Integration with existing
Microsoft environment
Case StudyDel Monte Foods
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“Before we installed IAG 2007, we would regularly receive close to 60 help-desk calls a
day from remote users. I only receive a few calls each day now. This solution has made
my job much easier.”
Shahab Davoudi | Head of IT | Amsta
Case StudyAmsta Zorginstelling
CUSTOMER
BUSINESS CHALLENGE
• Improving the security of
the primary healthcare
application
• Protecting patient
information to follow
compliance policies
• Providing remote access
to employees while
protecting sensitive
information
CUSTOMER
SOLUTION
• Adopted Microsoft
Intelligent Application
Gateway 2007 to simplify
remote access while
optimizing application
security and policy
control
• Deployed Integrated
Security and Acceleration
Server 2006 as an
integrated network edge
security and access
gateway
CUSTOMER
RESULTS/BENEFITS
• Seamless integration
with applications
• Strong security
• Time and cost savings
• Easy access for remote
workers
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“Through integration with Microsoft Office programs that people already know and use,
Active Directory Rights Management Services will put compliance with IP-protection
policies at employees’ fingertips.“
Mark Gandy | Enterprise Architect | Dow Corning
Case StudyDow Corning
CUSTOMER
BUSINESS CHALLENGE
• Protecting information
as per company policies
• Making encryption and
other security-related
technologies more user
friendly
• Protecting content while
sharing information with
partners
CUSTOMER
SOLUTION
• Met all requirements
with Active Directory®
Rights Management
Services in the Windows
Server® 2008 operating
system, which provides
identity-based
information protection to
help safeguard
information from
unauthorized access
and use
CUSTOMER
RESULTS/BENEFITS
• Ease of use
• Minimal added
infrastructure and
complexity
• Extensibility to business
partners
• Full corporate control
and auditability
• Ease of management
• Low total cost of
ownership
CUSTOMER
BUSINESS CHALLENGECUSTOMER
SOLUTION
CUSTOMER
RESULTS/BENEFITS
“When we first deployed Forefront Client Security, we discovered that we had at least four times as
many infections as we thought. Since then, we have seen a downward trend in the number of
computers infected.” Andrew Julian | Lead Operating Systems Programmer | Allina Hospitals & Clinics
• Improving protection of
its critical electronic
medical record system
• Integrating a security
solution more effectively
with the IT environment
• Improving reporting
capabilities
• Deployed Forefront
Client Security to protect
computers and server
operating systems
against spyware,
viruses, and other
malware
• Deployed Forefront
Client Security
Enterprise Manager to
centrally manage
multiple Forefront Client
Security deployments
• Simplified and
centralized management
• Improved integration
with the existing
Windows-based IT
environment
• Increased IT visibility
• Improved and unified
protection
Case StudyAllina Hospitals & Clinics
CUSTOMER
BUSINESS CHALLENGECUSTOMER SOLUTION
CUSTOMER
RESULTS/BENEFITS
“Our IT environment is based primarily on Microsoft software, and Forefront Client Security works
seamlessly with our core infrastructure components, as a result, we have reduced the cost of
administering our security infrastructure by 60 percent.” Thomas Thiew | IT Manager | PhillipCapital
Case StudyPhillip Capital
• Effectively managing
existing security
products from many
vendors
• Improving product
integration with other
products and with the
overall IT environment
• Ensuring that
employees’ computers
are always up and
running
• Deployed Microsoft
Forefront Client
Security, which guards
individual computers and
server operating
systems against a
variety of threats
• Integrated Forefront
Client Security with
Internet Security and
Acceleration Server,
Active Directory, and
other Microsoft
infrastructure
• Improved integration
and simplified IT
management
• Reduced IT security
administration costs by
60 percent
• Gained rich reporting
and high visibility into IT
systems
• Improved efficiency of
time and labor, and
expects lower costs
CUSTOMER
BUSINESS CHALLENGECUSTOMER SOLUTION
CUSTOMER
RESULTS/BENEFITS
Top Related