From the Web site:
“Nic Sagez gives us a brief into to Stirling and then gives a screencast demo of a security compromise within an organization which has a Forefront Stirling infrastructure. The breakdown of the scenario is as follows:
- User “Don” browses to a phishing site and installs a program
- Hacker gains control of the client machine, disables Forefront Client Security (FCS) and User Account Control, sends a piece of malware using Don’s email account
- We (an administrator) access the main Stirling Console and view the Security Assessment summary report. We can see TMG detected the port scan and the automatic action and alert was taken.
- We refresh the console again and see Stirling has reported the user has been compromised and another action happens automatically.
- 08:36 – We go back to the main console and then to the client to show how NAP remediated the client by turning back on FCS.
- 09:30 – We go back to the main console and see the security checks summary report and drill down into granular information about the client’s vulnerability. Directly from the console, we are able to turn back on UAC.
After the scenario-relevant part of the screencast is complete, we also see:
- Create a security policy in the Stirling management console using things such as NAP, Internet Explorer, and Exchange.
- Bind this policy with target groups
- Show an enterprise security report generated by Stirling
This is a great demonstration of Forefront “Stirling” and how it will be able to provided integrated protection of your Microsoft client/server environment using a centralized management and configuration console. No other security product suite on the market today provide the features that Forefront Stirling will provide.
Check out the Webcast at http://edge.technet.com/Media/Forefront-Stirling-screencast-and-interview/
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)