Integrating Management and Security at Microsoft – Forefront ...

itcs.umich.edu
  • No tags were found...

Integrating Management and Security at Microsoft – Forefront ...

Integrating Management and Securityat MicrosoftForefront EndpointProtection 2010 Deployment CaseStudy at Microsoft


Session Objectives and Takeaways


!!!!!!!!!!


Phase 1Implementation Planning:Infrastructure & FEP PoliciesPhase 2FEP Server and ClientDeploymentPlanningDeploymentReportingManagementPhase 4Monitoring Alerting andReportingPhase 3Ongoing Policy andUpdate Management


1. FEP Service ExtensionsManagement PointConfigMgr 2007Site ServerConfigMgrConsole2. DatabasesFEP DBFEP Reporting Data warehouse DBDistribution PointsSoftware UpdatePointSQL ServerSQL Reporting ServerConfigMgrClients3. FEP Reporting4. FEP Console Extensions5. FEP 2010 Clients


PlanningMicrosoft IT ConfigMgr 07 Central Site220,000 Clients ManagedRedmond Campus~80k Clients6 SUP | 6 MP | 16 DPNorth & South America~35k Clients10 SS | 2 SUP | 2 MP | 89 DPLimited Services~4k Clients1 SUP | 1 MP | 2 DPEurope, Middle east & Africa~35k Clients14 SS | 2 SUP | 2 MP | 62 DPFareast & South Pacific~65k Clients7 SS | 2 SUP | 3 MP | 25 DP


Planning


Planning


PlanningFEP Server + ConsoleExtensionsConfigMgr 07 Central Site220,000 Clients ManagedFEP SQLDBFEP SQL DataWarehouse & ReportingRedmond Campus~80k ClientsNorth & South America~35k ClientsLimited Services~4k ClientsEurope, Middle east & Africa~35k ClientsFareast & South Pacific~65k Clients


Deployment


Deployment


DeploymentSource Delta FullWSUS ~150KB – 1 MB ~13 MBUNC ~3MB ~55MB


http://technet.microsoft.com/en-us/library/ff823842.aspxDeployment


Deployment


Deployment


Reporting


Management PointDistribution PointsSoftware UpdatePointConfigMgr 2007Site ServerSQL ServerSQL Reporting ServerConfigMgrConsoleConfigMgrClients1. Malware Infects Client2. FEP Client CleansmalwareSecurity Event RaisedDCM Evaluation Triggered3. DCM State Message Sent4. Infection Data replicatedto Data Warehouse Server5. Infection Data available inReports


Manage


ManageFEP/ConfigMgr Event Type No. Size (KB) Total Size(KB) FEP 2010 Client Installation Status Message ~6 1 6 Delta Hardware Inventory Inventory File 1 11 11 FEP Default Policy Applied Status Message ~6 1 6 4 DCM Baseline Policies & Results State Message 1 78 78 Total 101 KBMalware Detected Event Type No. Size (KB) Total Size(KB) 2 DCM Baseline Evaluation & Results State Message 1 49 49Total49 KB


ManageKey Tables Changed Rows Added Size Growth FEP related Status Messages 121 35.05 KB Compliance Detail 4 16 KB Total 121 51.05 KBProjected Growth for 220k clients10.71 GBMalware Incident Key Tables Changed Rows Added Size Growth Compliance Status, Compliance Details,Compliance History 4 17 KB Total 4 17 KB Projected Growth for 220k clients 3.56 GB


Less than 25% spikeGreater than 25% and less than 50% spikeGreater than 50% spikeManagePrimary Site 1: 94,000 ConfigMgr Clients and 53,000 FEP ClientsRoleProcessor % VarianceMemory AvailableVarianceNetwork – Kilobytes/secVarianceSite Server -24% 0% 21%MP’s 20% 0% -29%SUP -2% 0.5% -71


ManageConfigMgr Performance Counter (Processed/Min)RoleState Message Files ProcessingVarianceState Message Records ProcessingVarianceCentral Site 3% -5%Primary Site -10% 3


! Implementation! Security! Monitoring and Reporting


centralized administration! Faster response! Improved SLAexisting infrastructure


Summary and Key Takeaways


More Informationhttp://www.microsoft.com/fep/http://technet.microsoft.com/en-us/library/gg543127.aspxhttp://technet.microsoft.com/en-us/library/ff684073.aspxhttp://go.microsoft.com/fwlink/?LinkId=207730http://blogs.technet.com/b/clientsecurity/archive/2011/01/19/fep-capacity-planning-worksheet.aspxhttp://technet.microsoft.com/en-us/configmgr/default.aspxhttp://blogs.technet.com/b/systemcenter/http://blogs.technet.com/configurationmgr/default.aspxhttp://technet.microsoft.com/en-us/systemcenter/ee942121.aspxhttp://blogs.msdn.com/shitanshu/default.aspxhttp://twitter.com/ConfigMgr_MSIT


Your feedback is important!www.mms-2011.com


shverma@microsoft.comPartha Chandran- partha.chandran@microsoft.com

More magazines by this user
Similar magazines