Helmers Blog

 

Official Name for Forefront Stirling Today at the World Partner Conference Microsoft announced the official names and pricing for Forefront ‘Stirling’. The suite with codename ‘Stirling’ will be officialy named : Forefront Protection Suite (FPS).

The Forefront Protection Suite will include all the products from the former Forefront Security Suite and the Forefront Protection Manager and the Forefront Threat Management Gateway Web Security Service.

Pricing The Forefront Protection Suite will be available for the same pricing range as the current versions. All the component solutions will continue to be licensed on a subscription basis. They will be available independently (incl. Forefront Protection Manager). Forefront Threat Management Gateway will be sold on a per processor basis.

Old vs. New names

Current Name New Name Forefront Client Security Forefront Endpoint Protection 2010 Forefront Security for Exchange Server Forefront Protection 2010 for Exchange Server Forefront Security for Sharepoint Forefront Protection 2010 for Sharepoint Forefront Online Security for Exchange Forefront Online Protection for Exchange ISA Server 2006 Forefront Threat Management Gateway Web Security Service

Right now all the Forefront Protecion Suite Solutions are in beta, but the final products will become available somewhere between the last half of 2009 and the first half of 2010!

Yesterday I passed the 70-557 : TS – Microsoft Forefront Client and Server, Configuration. So now it’s just waiting for the scores of the three beta exams I attended in December and January, but that can take a while (specially if it takes as long as the results of the 649)

On the James.Random() blog I saw the following today and thought it might be useful to help understand and demonstrate the capabilities in our Edge security offering.  In particular Intelligent Application Gateway (IAG) which provides secure access to company applications and resources wherever you are connected to the internet. Here’s what you get:

Secure Remote Access with IAG 2007 This scenario shows Intelligent Application Gateway 2007 working with Exchange Server 2007 and Windows SharePoint Services 3.0, and optionally Dynamics CRM 3.0 (see Additional Information), being accessed via both a managed and an unmanaged client. The following features of IAG 2007 will be highlighted: • SSL VPN • Policy-based Secure Access • End-point Security Management Secure Remote Access with ISA Server 2006 This scenario shows ISA Server 2006 working with Antigen for Exchange, Antigen for SharePoint and Windows Rights Management Services to provide comprehensive protection for Exchange Server and Windows SharePoint Services. The following features of ISA Server 2006 highlighted: • HTML Form Authentication • Single Sign-On • SSL Bridging Branch Office Security with ISA Server 2006 This scenario shows ISA Server 2006 working with Windows Server 2003 R2 to connect, secure and optimize bandwidth between branch offices. The following features of ISA Server 2006 and Windows Server 2003 R2 will be highlighted: • HTTP Compression (ISA) • BITS Caching (ISA) • DiffServ Tagging (ISA) • Distributed File System Replication (R2) • Remote Differential Compression (R2) Internet Access Protection with ISA Server 2006 This scenario shows ISA Server 2006 being used for network edge protection against internal and externally originating threats. The following features of ISA Server 2006 will be highlighted: • Application-Layer Inspection • Flood Resiliency

There is also a Forefront and System Center VPC that helps demonstrate the following:

1. System Center Configuration Manager pushing Forefront Client Security signatures to keep a client machine updated
2. Forefront Security for Exchange Server blocking viruses in emails received in Outlook 2007
3. System Center Operations Manager monitoring the health of servers and clients in the environment
4. Intelligent Application Gateway adapting user access to SharePoint 2007 based on end-point policy detection
5. Forefront Client Security performing Real-time Protection against malware.

Download the Forefront Edge VPC Download the Forefront System Center VPC

Last week I’ve been on a Forefront Training at Microsoft. For the guys/girls that don’t know Forefront : Check out the ForeFront Website or the ForeFront Team Blog, there’s a lot of information available there!One of the good things about Forefront is that it runs several Scan Engines at once so there’s always an engine running that detects the virus/mallware/etc.

At the Forefront blog an updated comparison of the Single-AV engines vs. the multi-engine approach by Forefront Security for Exchange Server and Forefront Security for SharePoint is shown. The tests were run over the summer, by AV-Test.org, and show the considerable difference in performance.

Today I read the following on the Forefront Client Security weblog :

While you’ve always had the ability to use MOM 2005 to monitor things like IIS and SQL for your Client Security servers, this management pack gives you the additional ability to monitor some key FCS services:

• Definition Import Failure
• Microsoft Client Security Update Assistant service—That’s the service that allows WSUS 2.0 to be configured to receive updates every hour rather than just once a day. For those of you running WSUS 2.0, you’ll be glad to have the ability to monitor this!
• Forefront Client Security Management service—This service is important because it parses antimalware definitions and adds the information to the collection database table fcs_Threat_Metadata_tbl. And that table is not only read by the management console when you set overrides based on threat, it’s also used by FCS reporting for information about specific threats.

I should clarify; the management pack is installed in your MOM 2005 environment to extend existing MOM functionality, not on your FCS servers.

Of course, loading the management pack doesn’t impact how you’ll be monitoring your client computers. In other words, you won’t need to redeploy your implementation in order to add this additional monitoring functionality. You’ll continue to use the Client Security consoles you’re familiar with for your client monitoring. The Health Management pack is just for monitoring your FCS servers, not client computers. And just for environments that choose to implement a MOM 2005 monitoring solution.

(notice, it’s a MOM 2005 management pack, not a SCOM management pack, just in case you were wondering “Hey, will this work with SCOM?”)

Download the MOM 2005 Management Pack