Microsoft Forefront Security Administration Guide (eBook)
800 Seiten
Elsevier Science (Verlag)
978-0-08-055872-1 (ISBN)
* First book to address securing an entire Microsoft network from Web servers all the way back to the desktop.
* Companion Web site provides best practices checklists for securing Microsoft operating systems, applications, servers, and databases.
* Companion Web site provides special chapter on designing and implementing a disaster recover plan for a Microsoft network.
Microsoft Forefront is a comprehensive suite of security products that will provide companies with multiple layers of defense against threats. Computer and Network Security is a paramount issue for companies in the global marketplace. Businesses can no longer afford for their systems to go down because of viruses, malware, bugs, trojans, or other attacks. Running a Microsoft Forefront Suite within your environment brings many different benefits. Forefront allows you to achieve comprehensive, integrated, and simplified infrastructure security. This comprehensive suite of tools provides end-to-end security stretching from Web servers back to the desktop. This book will provide system administrators familiar with Syngress' existing Microsoft networking and security titles with a complete reference to Microsoft's flagship security products. First book to address securing an entire Microsoft network from Web servers all the way back to the desktop Companion Web site provides best practices checklists for securing Microsoft operating systems, applications, servers, and databases Companion Web site provides special chapter on designing and implementing a disaster recover plan for a Microsoft network
Front Cover 1
Microsoft Forefront Security Administration Guide 2
Copyright Page 4
Technical Editor 6
Contributing Authors 7
Contents 12
Chapter 1: Introduction to Microsoft Forefront Security Suite 24
Introduction 25
Components of the Microsoft Forefront Security Suite 25
Forefront Security for Clients 27
Client Security Features 29
Forefront Security for Exchange Server 33
Forefront Security for SharePoint Server 40
ISA Server 2006 44
Intelligent Application Gateway (IAG) 2007 47
Benefits of Using the Microsoft Forefront Suite 50
Solutions Fast Track 52
Frequently Asked Questions 53
Chapter 2: Forefront Security for Microsoft Windows Clients 54
Introduction 55
How to Use Microsoft Forefront Client Security 56
Configuring and Installing 57
Management Server 63
Collection Server 63
Reporting Server 63
Distribution Server 63
Installing FCS Server Software 63
Forefront Client Security Console 74
Creating and Deploying Policies 80
Creating a Policy 81
Deploying a Policy 85
Installing Client Software Agent 87
Home 89
Checking for Updates 90
Scan 91
Quick Scan 92
Full Scan 92
Custom Scan 93
FCS Kernel Mode Minifilter 93
History 93
Tools 93
Options 94
Microsoft SpyNet 95
Software Explorer 96
Quarantined Items 97
Microsoft Forefront Security Client Web Site 97
Help 97
Checking for Client Version, Engine Version, Antivirus and Antispyware Definitions 97
Forefront Client Security Agent in Action 98
Troubleshooting Microsoft Forefront Client Security 101
Backup Folder 102
Event Viewer, System Log 102
Summary 105
Solutions Fast Track 105
Frequently Asked Questions 107
Chapter 3: Deploying Windows Server Update Services to Forefront Clients 109
Introduction 110
Using Windows Software Update Services 110
WSUS 3.0 Deployment Topologies 111
Configuring and Installing WSUS 114
Quiet and Unattended Installations 116
WSUS 3.0 Interactive Setup 118
Configuring Group Policy for WSUS Updates 135
TCP Port 8530 139
Client Requirements for WSUS: 2000 Service Pack 3, XP Service Pack 1 140
Checking for Updates (Check for Updates Now) 140
Navigating the WSUS Console 141
Update Services 142
Server Node 142
Updates 143
Updates Subnodes 144
Approve 145
Decline 147
Change an Approval or Decline 149
Revision History 149
Reports 149
Update Reports 150
Computer Reports 155
Synchronization Reports 157
Computers 160
Computer Groups 161
Options 164
Update Source and Proxy Server 166
Products and Classifications 168
Update Files and Languages 169
Synchronization Schedule 172
Automatic Approvals 173
Computers 175
Server Cleanup Wizard 175
Reporting Rollup 176
E-mail Notifications 176
Microsoft Update Improvement Program 179
Personalization 179
WSUS Server Configuration Wizard 180
Troubleshooting WSUS 181
WSUS Health Checks 181
Group Policy 182
Computer Groups 184
Summary 186
Solutions Fast Track 187
Frequently Asked Questions 189
Chapter 4: Observing and Maintaining Microsoft Forefront Clients 191
Introduction 192
Using the Microsoft Forefront Client Security Management Console 192
Dashboard 192
Reporting Critical Issues 194
Reporting No Issues 194
Not Reporting 195
Computers per Issue 195
Summary Reports 196
Policy Management 197
Creating a New Policy 198
Protection Tab 198
Advanced Tab 199
Overrides Tab 201
Reporting Tab 202
Deploying a Policy 203
Editing a Policy 203
Copying a Policy 203
Undeploying a Policy 203
Deleting Policies 204
Viewing Reports 204
Viewing Extra Registry Settings in Group Policy Management Console 204
FCSLocalPolicyTool 204
Configuring Microsoft Operations Management 204
Common Rules 206
Distribution Alerts 206
Host Alerts 206
Host Behaviors 206
Management Alerts 207
Reporting Alerts 207
Server Alerts 207
Server Behavior 207
Configuring Notifications 207
SQL Reporting Services 207
Summary 208
Solutions Fast Track 208
Chapter 5: Using Forefront to Guard Microsoft Exchange Server 211
Introduction 212
Implementing Microsoft Forefront Server for Exchange 212
Planning a FSE Deployment 213
Antivirus Scanning 213
Message Filtering 215
Installing Forefront Server for Exchange 217
Configuring Microsoft Forefront Server for Exchange 223
Settings 224
Scan Job 224
Transport Scan Job 225
Real Time and Manual Scan Jobs 226
Antivirus 227
Scanner Updates 229
Redistribution Server 231
Templates 232
General Options 234
Diagnostics 234
Logging 236
Scanning 237
Background Scanning 240
Filtering 240
Content 241
Keyword 242
File 244
Allowed Senders 246
Filter Lists 247
Operate 248
Run Job 248
Schedule Job 250
Quick Scan 251
Report 251
Notification 251
Incidents 253
Quarantine 254
Summary 256
Solutions Fast Track 256
Frequently Asked Questions 258
Chapter 6: Managing Microsoft SharePoint Portal Securely Using Forefront 259
Introduction 260
Implementing Microsoft Forefront Server for SharePoint 260
Installing and Configuring Forefront Security for SharePoint 261
ForeFront Security for SharePoint Requirements 261
Installation 261
Configuring the Forefront Server Security Administrator for SharePoint 267
Settings 269
Real-Time Scan Job 269
Manual Scan Job 270
Antivirus 271
Scanner Updates 272
Templates 273
General Options 273
Filtering 276
Keyword 276
File 276
Filter List 276
Operate 277
Run Job 278
Schedule job 279
Quick Scan 279
Report 279
Notification 279
Incidents 280
Quarantine 282
Summary 283
Solutions Fast Track 284
Frequently Asked Questions 286
Chapter 7: Managing and Maintaining Microsoft Forefront Servers 289
Introduction 290
Implementing a Backup Strategy 290
Utilizing the Microsoft FSSMC 293
Main Console Page 294
Traffic Summary 297
Virus Statistics 297
Spam Statistics 298
Filter Statistics 298
Top 5 Viruses 299
Most Active Servers 299
Administration 300
Users 300
Adding/Removing Users 300
Servers 301
Adding/Removing Servers 301
Server Groups 303
Global Configuration 304
Job Management 304
Packages 304
Jobs 308
Quarantine Manager 309
Reports 310
Detections 311
SMTP Traffic 313
Engine Versions 313
Alert Management 315
Alerts 315
Event Logs 317
Alert Logs 317
Notification Logs 318
Summary 319
Solutions Fast Track 319
Frequently Asked Questions 320
Chapter 8: Using Intelligent Application Gateway 2007 323
Introduction 324
The History of SSL VPNs 324
Implementing an Intelligent Application Gateway 2007 326
Configuring the Whale Intelligent Communication Application Gateway 2007 327
Configuration Page 328
Application Access Portal 329
External Web Site 330
Initial Internal Application 330
Security and Networking 331
Attachment Wiper 333
Applications 334
Limiting Applications on Subnets 337
Creating a Trunk 338
Basic Trunk 339
Portal Trunk 339
Webmail Trunk 340
Redirect HTTP to HTTPS Truck 340
Activating an IAG Configuration 340
Passphrase 342
Internet Information Services Manager 342
Viewing Remote Computer Certificate 343
Configuring ISA Server to Allow Communication Between the Two Servers 344
IAG Firewall Rules (13) 344
Portal Trunk Configuration Rules (2) 345
Utilizing the Whale Communication Intelligent Application Gateway Tools 345
Whale Communication Intelligent Application Gateway 2007 Web Portal 346
Defined Applications 346
Credentials Management 346
System Information 347
Activity 348
Email System Administrator 348
Whale Communication Intelligent Application Gateway Editor 349
Whale Communication Intelligent Application Gateway Service Policy Manager 350
Whale Communication Intelligent Application Web Monitor 351
Creating and Managing Intelligent Application Gateway Endpoint Policies 352
Summary 354
Solutions Fast Track 354
Frequently Asked Questions 356
Chapter 9: Using Outlook Web Access through the Intelligent Application Gateway 357
Introduction 358
The Importance of Securing Outlook Web Access 358
The Security Problem 359
The Security Solution 361
Securing Your OWA Connection 362
Publishing Outlook Web Access in the Internet Application Gateway 362
Adding OWA to the IAG (Portal) 364
IAG 2007 364
Server Roles 365
Activating the Configuration 370
Client to Connect to the IAG 370
IAG Portal Web 371
Redirect the Trunk on SRV1 372
"Client" to Connect to the IAG 373
Examining the Rules Added to the ISA Configuration 374
ISA Rules 374
Securing the Outlook Web Access Interface 375
IAG Server 375
Summary 381
Solutions Fast Track 381
Frequently Asked Questions 382
Chapter 10: Configuring Virtual Private Network Traffic Through the Intelligent Application Gateway 383
Introduction 384
Setting Up the Network Connection Server 386
Network Segment 387
IP Provisioning 388
Access Control 389
Advanced Tab 391
Adding the Application 392
Connecting Through the Virtual Private Network 392
Summary 397
Solutions Fast Track 397
Frequently Asked Questions 398
Chapter 11: Configuring Microsoft Internet Security and Acceleration Server 2006 401
Introduction 402
Configuring ISA Server 2006 415
Configuration 416
Networks 416
Network Sets 417
Network Rules 418
Web Chaining 418
Cache 419
Add-ins 419
General 420
Specify RADIUS and LDAP Servers 420
Enabling Intrusion Detection and DNS Attack Detection 422
Configuring IP Protection 423
Configuring Flood Mitigation Services 424
Firewall Policy 425
Virtual Private Networks 430
Monitoring ISA Server 2006 431
Dashboard 431
Alerts 432
Sessions 432
Services 433
Reports 434
Connectivity Verifiers 436
Logging 439
Summary 441
Solutions Fast Track 441
Frequently Asked Questions 443
Chapter 12: Microsoft Internet Security and Acceleration 2006 Server Publishing 447
Introduction 448
Publishing Servers behind a Microsoft Internet Security and Acceleration 2006 Server Firewall 448
Basics of Publishing 449
Server Publishing Rule 450
Web Publishing Rule 451
Network Configuration and Name Resolution for Publishing 452
Configuring the Web Listener 455
Exercise: Creating a Web Listener 460
Configuring Publishing 467
HTTP Filtering 474
Maximum Header Length 474
Maximum Payload Length 475
Maximum URL Length 475
Maximum Query Length 475
Verify Normalization 475
Block High-Bit Characters 475
Block Request Containing a Windows Executable 476
HTTP Method 477
File Extension 477
Block Requests Containing Ambiguous Extensions 477
HTTP Header 478
Server Header Rewrite 478
Via Header Rewrite 479
Specific HTTP Header Value in Request or Response 479
Path Mapping 480
Link Translation 481
Exercise: Configure Web Publishing Rule 483
Publishing Exchange Web Client Access 494
Publishing SharePoint Sites 497
Publishing a Web Farm 497
Publishing Non-Web Server Protocols 498
Exercise: Publishing Terminal Services 499
Publishing Mail Servers 503
Troubleshooting Publishing Servers behind a Microsoft Internet Security and Acceleration 2006 Server Firewall 503
Summary 505
Solutions Fast Track 505
Frequently Asked Questions 507
Chapter 13: Managing ISA 2006 Server Connections between Sites 509
Introduction 510
VPN Protocols: Advantages and Disadvantages 513
Advantages of IPSec Tunneling Mode 513
Disadvantages of IPSec Tunneling Mode 513
Advantages of L2TP/IPSec 514
Disadvantages of L2TP/IPSec 514
Advantages of PPTP 514
Disadvantages of PPTP 515
Connecting Two ISA 2006 Servers on Different Physical Sites 515
Firewall Policy 522
Creating an Access Rule 523
Dynamic Host Configuration Protocol (DHCP) Configuration 526
Static Address Pool 526
VPN Dial-in Account at the Main Office 527
Branch Configuration 529
VPN Dial-in Account at the Branch Office 529
Troubleshooting Connections between Sites 531
Verifying Connectivity 531
Summary 532
Solutions Fast Track 532
Frequently Asked Questions 534
Chapter 14: Proxy Functions of Microsoft Internet Security and Acceleration Server 2006 535
Introduction 536
Using Microsoft Internet Security and Acceleration 2006 as a Proxy Server 536
Configuring Internet Security and Acceleration 2006 as a Proxy Server 541
Exercise: Creating a Cache Rule 550
Scheduled Content Download 556
Exercise: Create Content Download Rule 557
Caching in Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition 562
Configuring Microsoft Internet Security and Acceleration 2006 to Cache BITS Content 563
Microsoft Update Cache Rule 563
Using the Differentiated Services on Microsoft Internet Security and Acceleration 2006 to Regulate Traffic 563
Summary 568
Solutions Fast Track 568
Frequently Asked Questions 570
Appendix A: Conducting Penetration Testing on an Enterprise Using the Microsoft Forefront Security Suite 571
Introduction 572
Understanding Penetrating Testing Methodologies 572
Phases of Penetration Testing 573
Planning 574
Information Gathering 575
Attack 576
Penetration Testing Techniques 576
Network Scanning 577
Virus Detection 578
Identifying Test Types For Forefront Systems 579
Client Security 580
Exchange 581
SharePoint 582
ISA 582
Summary 584
Solutions Fast Track 584
Frequently Asked Questions 587
Index 589
| Erscheint lt. Verlag | 7.2.2009 |
|---|---|
| Sprache | englisch |
| Themenwelt | Sachbuch/Ratgeber |
| Mathematik / Informatik ► Informatik ► Betriebssysteme / Server | |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| ISBN-10 | 0-08-055872-0 / 0080558720 |
| ISBN-13 | 978-0-08-055872-1 / 9780080558721 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
