微软产品为信息安全等级保护 保驾护航SEC213主主题题题题Sources: World Bank and IMF行行业业安全解决方案研安全解决方案研讨讨BRS - MicrosoftBRS - Microsoft安全解决方案框架安全解决方案框架服服务务与支持与支持安全等安全等级级保保护护促促进进企企业业安全建安全建设设4 4 4 42 2 2 25 5 5 5微微软软技技术术支持企支持企业业提高安全等提高安全等级级3 3 3 31 1 1 1MicrosoftMicrosoft安全愿景安全愿景ITIT系系统统统统面面临临临临的威的威胁胁胁胁不断增加不断增加Local Area Networks First PC virus Boot sector viruses Create notoriety or cause havoc Slow propagation 16-bit DOS1986199519861995Internet Era Macro viruses Script viruses Key loggers Create notoriety or cause havoc Faster propagation 32-bit Windows1995200019952000Broadband prevalent Spyware, Spam Phishing Botnets & Rootkits War Driving Financial motivation Internet wide impact 32-bit Windows2000200720002007Hyper jacking Peer to Peer Social engineering Application attacks Financial motivation Targeted attacks Network device attacks 64-bit Windows2007+2007+MicrosoftMicrosoft Security Intelligence ReportSecurity Intelligence ReportMajor sections cover Software Vulnerability Disclosures Software Vulnerability Exploits Malicious Software and Potentially Unwanted Software Privacy and Security Breach Notifications www.microsoft.com/sir 威威胁胁胁胁演演变趋势变趋势变趋势变趋势HardwareO/SDriversApplicationsGUIUserPhysicalExamplesExamples Spyware Rootkits Application attacks Phishing/Social engineeringAttacks Getting More SophisticatedAttacks Getting More Sophisticated Traditional defenses are inadequateTraditional defenses are inadequateNational InterestNational InterestPersonal GainPersonal GainPersonal FamePersonal FameCuriosityCuriosityAmateurAmateurExpertExpertSpecialistSpecialistLargest Largest area by area by volumevolumeLargest areaLargest area byby$ lost $ lostScript-KiddyScript-KiddyLargest segment by Largest segment by $ spent on defense$ spent on defenseFastest Fastest growing growing segmentsegmentAuthorVandalThiefSpyTrespasserCrime On The RiseCrime On The Risemainframemainframeclient/serverclient/serverInternetInternetmobilitymobilityB2EB2EB2CB2CB2BB2BPre-1980sPre-1980s1980s1980s1990s1990s2000s2000sNumber of Digital IDsNumber of Digital IDsExponential Growth of IDsExponential Growth of IDs Identity and access management challenging Identity and access management challenging Increasingly Sophisticated MalwareIncreasingly Sophisticated Malware Anti-malware alone is not sufficient Anti-malware alone is not sufficient Number of variants from over Number of variants from over 7,000 malware families (1H07)7,000 malware families (1H07)Source: Source: Microsoft Security Intelligence Report (January June 2007)Microsoft Security Intelligence Report (January June 2007)安全分析安全分析报报报报告告 Data sourceslMalicious Software and Potentially Unwanted Software l Data from several hundred million computers l MSRT has a user base of 450+ million unique computers l During 2H07 MSRT executed 2.5 billion times l Since January 2005 total MSRT executions surpass 10 billionProduct NameProduct NameMain Customer SegmentMain Customer SegmentMalicious SoftwareMalicious SoftwareSpyware and Potentially Spyware and Potentially Unwanted SoftwareUnwanted SoftwareAvailable at Available at No No Additional Additional ChargeChargeMainMain Distribution Distribution MethodsMethods ConsumersConsumersBusinessBusinessScan and Scan and RemoveRemoveReal-timeReal-time ProtectionProtectionScan and Scan and RemoveRemoveReal-time Real-time ProtectionProtectionWindows Malicious Software Removal ToolPrevalent Malware FamiliesWU/AU Download CenterWindows DefenderDownload Center Windows VistaWindows Live OneCare safety scannerWebWindows Live OneCareWeb/Store PurchaseMicrosoft Exchange Hosted FilteringWebForefront Client SecurityVolume LicensingAnti-Virus Security Software PatchSecurity ApplianceSecurity ApplianceSystem IntegratorSystem IntegratorNetwork DeviceNetwork Device复复杂杂杂杂的安全技的安全技术环术环术环术环 境境安全治理无法与企业需求以及新生机会同步发展现现现现今企今企业业务业业务业业务业业务 面面临临临临的的难题难题难题难题种类和数量 同时增加复杂程度增 加利益所驱使法规遵从和一致性带来的压力逐日增大无处不在、更加频繁的互通与协作保护和访问需求日益急迫明智IT选择；降低预算业务愿景 新产品不断 问世集成性松散总体成本过高威胁当前应对方 案More advanced Application-oriented More frequent Profit motivatedToo many point products Poor interoperability Lack of integrationMultiple consoles Uncoordinated event reporting & analysis Cost and complexityThreats moreThreats more dangerousdangerousFragmentation ofFragmentation of security technologysecurity technologyDifficult to use,Difficult to use, deploy and managedeploy and manage安全管安全管理的需求理的需求INTEGRATEDSIMPLIFIEDCOMPREHENSIVEMicrosoftMicrosoft安全安全战战战战略略Perspective GuidancePerspective GuidanceSecurity Tools & PapersMicrosoft Security Assessment ToolkitInfrastructure OptimizationMicrosoft IT ShowcaseMicrosoft Windows Vista Security WhitepapersMicrosoft Security Intelligence ReportSecurity ReadinessEducation and TrainingLearning Paths for Security Professionals构建信任构建信任栈栈栈栈Trusted StackTrusted StackSecure FoundationSecure FoundationCore Security ComponentsCore Security ComponentsIntegrated ProtectionIntegrated ProtectionSDL andSDL andSD3 SD3Defens