Five Advantages of Cloud-Based SIEM for Security Intelligence and Operations REGISTER >
Microsoft has launched two enhancements to its security offerings and revealed a strategy shift that could further shake up the competition in the antivirus sector.
The company made the second beta of its Forefront Threat Management Gateway (TMG) available for download. This follows its release yesterday of Forefront Security for Exchange Server Service Pack 1 (SP1).
Microsoft (NASDAQ; MSFT) announced Beta 2 of TMG in a blog by Bill Jensen, senior product manager for TMG.
The product will focus on Web security and Microsoft is positioning TMG to possibly replace antivirus packages from other vendors in the enterprise.
"With TMG customers can continue working with existing antivirus vendors, but they can consolidate their AV products by replacing them with TMG if they want," Jensen said.
But TMG's threat goes beyond that -- together with Forefront Security for Exchange Server SP1, it provides a large security blanket. "Threat Management Gateway protects virtual private networks and traffic coming into the company, while Forefront Security for Exchange Server protects e-mails," Don Retallack, research vice president at Directions on Microsoft, which focuses solely on Microsoft, told InternetNews.com.
TMG Beta 2 will include Web anti-malware, HTTPS inspection, and a network inspection system. HTTPS is used to encrypt Web traffic. Experts expect Web-based threats will increase this year.
"More and more people are allowing employees to access the Web, which improves productivity, but is a security curse," Jensen told InternetNews.com. "Even legitimate Web sites have become a threat vector, so you need a way to control these Web-based threats."
Inspecting encrypted traffic
TMG Beta 2's Web anti-malware feature is designed to inspect HTTP (define) traffic for malware and viruses, unencrypting HTTPS (define) traffic, inspecting it for malware and then re-encrypting it. "HTTPS is a big black hole for firewalls, and something needs to be done to address the situation," Jensen said.
However, system administrators set TMG so they do not decrypt and scan private traffic to avoid privacy and confidentiality issues, Retallack noted.
TMG Beta 2 replaces Microsoft's Internet Security and Acceleration Server (ISA), which has been in the market since 2000, Jensen said. Retallack of Directions on Microsoft said TMG supports Windows Server 2008 and 64-bit versions of Microsoft's products. "ISA Server 2006 will not be ported to Windows Server 2008 or 64-bit, so people who have it and want to go to either of those will have to upgrade to TMG. That's a fair step."
Retallack said TMG has been updated with configuration wizards to simplify its use. "If you don't configure a firewall properly you leave yourself open to security problems or can prevent legitimate users from getting through, so configuration wizards are very helpful for system administrators," he explained.
Meanwhile, Forefront Security for Exchange Server SP1 integrates multiple scan engines from leading security firms into a layered solution to protect messages on Microsoft Exchange Server. These engines are from AhnLab, Authentium, CA (NASDAQ: CA), Kaspersky Labs, Norman Data Defense, Microsoft itself, Sophos and VirusBuster. "This gives you defense in depth," Microsoft's Jensen said.
Partner companies, which could become competition as well, understand the need to partner. After all, security experts advocate that enterprises take a layered approach to defense, especially as hackers deploy a combination of techniques to launch attacks and assure they get past any single layer of protection.
This article was first published on InternetNews.com.