Hey folks – we’ve got an exciting line up of sessions about FCS and Stirling that you will want to add to your TechEd schedule – come see the product group talk about our new exciting features!

I’ve listed all the sessions available for all Forefront products below. Come visit us at the product booths for more details, and to speak with the product group members!

We’ve also got Hands on Labs (HOL) available for you to work with the Forefront products while you are at TechEd:

Hope to see you there!

Hello everyone,

I am happy to announce the availability of evaluation HyperV-based virtual machines for Stirling B2. We’ve set up a VHD environment for you to download and test in your lab environments. Complete instructions on how to download the virtual machines is available here (http://technet.microsoft.com/en-us/evalcenter/cc339029.aspx).

Stirling B2 provides:

Comprehensive Protection: Stirling integrates leading protection technologies to better guard against viruses, spyware, and spam across clients, application servers, messaging servers, collaboration servers and edge protection.

Simplified Management: Stirling provides a central management console for configuring security policies for all Stirling-protected technologies, and provides enterprise-wide visibility and reporting on threats, vulnerabilities and configuration risks.

Integrated Security: Stirling integrates with existing Microsoft infrastructure for integrated security and operational efficiency.

You can read more about Stirling on the Forefront blog (http://blogs.technet.com/forefront/), our TechNet TechCenter (http://technet.microsoft.com/en-us/forefront/stirling/default.aspx), and the documentation for Stirling Beta 2 available on TechNet (http://technet.microsoft.com/en-us/library/cc483122.aspx).

Download the VHDs and give it a whirl! And come visit us at TechEd – we’d love to hear your feedback in person!

Thanks!

Hello IT experts! You know who you are - you've figured out tips and tricks for every situation, have found the most interesting and relevant TechNet or MSDN info, and I'd wager that your favorites list tops at least the 25 mark (and I'll bet you even have a folder or two organizing that list).

The TechNet team wants to make it easier for experts like you to share their favorite TechNet articles and links, so they’ve release their v1 of social bookmarking - and you can use it to share your best or favorite links on TechNet or MSDN with others.

Available in two flavors – TechNet (social.technet.microsoft.com) and MSDN (social.msdn.microsoft.com). Chris Slemp has a bunch of info on how to use this great new tool on his blog (http://blogs.msdn.com/cslemp/archive/2008/09/09/launched-social-bookmarking-v1-on-msdn-and-technet-video.aspx).

A tip: use the tags! It makes the relevant content easier to for others to find based on category…

Enjoy!

Greetings from Redmond!

Now that Stirling's been out for a while, it's time to make sure you know the resources available to you when testing Stirling in your lab environment.

TechNet: Stirling information can be accessed from the Stirling TechNet Web site.

Deployment: The Stirling Deployment Guide steps you through installing Stirling and deploying the Stirling client software to the client computers in your lab environment.

Operations: The Stirling Operations Guide has documentation on day-to-day management tasks, as well as feature walkthroughs that you can use in your lab to explore the Stirling features. 

Stirling and PowerShell: Stirling utilizes PowerShell for its features, and the cmdlets available with Beta 1 are documented in the PowerShell console and on TechNet. Also - a brief introduction on how Stirling uses PowerShell is included in the Operations guide.

Newsgroups: You can post questions and get more information about Stirling on the Stirling TechNet Community Forums.

Can't emphasize this last one enough - let us know your questions, and what you think!

Thanks!

Today we are shipping a new security suite from Microsoft, to help Enterprise customers protect and manage their IT security. One of the questions we know we are going to be asked is: “So what new does Microsoft have to bring to the table?”

I have been in and near the security business for almost two decades now, and I remember once how in the early 90’s when I was proud of the code I wrote… a colleague came to me and told me how security is about ‘Assessing, Detecting, Protecting, and re-evaluating policy’ in a typical circular arrows graph. Of course, at the time it had no clear meaning to me. I did recognize that the process in which our customers deal with security at the enterprise level is such that goes over these steps in an everlasting battle against malicious software with various intents, and new technologies that are adopted at the enterprise.

Do we really expect customers to work with  dozens of security technologies with very little in common? It was quite clear to the industry, even back then, that no single protection technology in the world exists to address all security risks. It was then that I realized that for a security solution to be effective and adopted, the overall approach must be more of a suite that manages a life-cycle and allows administrators to interact with different protection technologies from one console and in very similar way.

Well, that was a worthy goal, but the reality was that each domain in enterprise-IT brought a set of challenges and vocabulary that was not easy to simply glue together in one console. Clearly, the thought and consideration of administrators in the enterprise that deal with security for desktops, servers, applications, and network protection needs to be part of the design of the solution from the ground up. Such a solution should have the right balance that allows aggregating data, policy, and configuration from all sources, while keeping the roles of people with their own set of authorities and administration capabilities segregated correctly. Stirling is offering exactly that.

But then again, you might be asking yourself: “Well, all protection technologies can now be managed from one location and allow the different IT teams to work, but is that enough of a value? Do we get more than just one console?” The answer to that is that Stirling is actually taking a much more comprehensive approach for connecting different protection technologies than just a management console.  So, we came up with a concept to connect all protection technologies in a way that one technology can benefit from the findings of the other, or the findings of one technology can cause an action (blocking, isolation, or increased logging) to be taken elsewhere. The beauty of assessment sharing is the fact we can abstract the findings from each protection technology in such a way that hides the details of each technology.  All the protection technologies that connect would be able to understand each other, with no need for special domain knowledge about the other participating technologies. Let’s look at the following scenario:

Forefront Security for Exchange Server, an Exchange protection service, determines that a mail sent to or from a corporate client computer has malicious content. Forefront Security for Exchange Server issues an assessment about the client computer, and through Stirling policy it triggers a malware scan on the client computer that detects malware on that computer. Not only that, but the edge protection (Forefront “TMG”) that also subscribes to the assessment sharing channel of Stirling notices this assessment about the computer and increases internal thresholds for detecting port scans from this computer - and detects port scans from the client computer. The security administrator is notified with this chain of events, and the relationship between them in one single console. Sounds like a tale? Well, this is actually a real life scenario with Stirling.

Zakie Mashiah,

Principal Product Unit Manager, SAS

In June of 2007 we announced a new project, Forefront codenamed “Stirling”, to the world.  Now the moment you’ve been waiting for: our first public beta of the product!   Today we release Beta 1 of Stirling to give everyone a small taste of what an integrated security system can really be.  We hope you enjoy taking a first look and walking through some of the scenarios enabled by this release. 

Why Stirling you may ask?  In many organizations, the IT environment is protected by standalone, often incompatible solutions that only show part of the security picture at any one time. To minimize threats to endpoints, messaging and collaboration servers, and the network edge, security administrators are forced to navigate through multiple management consoles and vendor-specific processes as they define policies, configure technologies, and manage security throughout the network.

The lack of a single, integrated, and comprehensive security solution continually undermines the security state, resulting in costly hours in which IT organizations struggle to safeguard the business from threats, outbreaks, and debilitating attacks.

In contrast, Stirling’s comprehensive, built-in protection technologies span the entire IT environment — from endpoints to messaging and collaboration servers to the network edge — collectively sharing information, assessing vulnerability, and responding automatically based on pre-defined policies. Simplified configuration and management tasks are handled through a single, centralized console, whose dashboard opens to a real-time, network-wide snapshot of your security state.

In this release you get a taste for some of this technology.  As we go forward with future beta releases you will see more and more protection technologies come online.  All driving toward our vision of an Integrated Enterprise Security System that provides:

·         Comprehensive, Coordinated Protection

o        Automatically identify and dynamically respond to threats

o        Deploy integrated protection technologies

o        Benefit from global malware research and response

·         Simplified Management

o        Manage from a single role-based console

o        Optimize your security policy

o        Integrate with existing infrastructure

·         Critical Visibility

o        Know your security state

o        View insightful reports

o        Investigate and remediate

I look forward to seeing everyone’s feedback on the product thus far.  Only through engagement with our customers and partners such as you can we make the vision a reality.

Regards,

Brad Wright