Forefront – Jack's server blog

Important Changes to Forefront Product Roadmaps

Microsoft is announcing changes to the roadmaps of some of the security solutions made available under the Forefront brand.

As part of this effort, the next release of Forefront Online Protection for Exchange, which has long been part of the Office 365 solution, will be named Exchange Online Protection.
In response to customer demand, we are adding basic antimalware protection to Exchange Server 2013. This protection can be easily turned off, replaced, or paired with other services (like Exchange Online Protection) to provide a layered defense.
We are discontinuing any further releases of the following Forefront-branded solutions: Continue reading “Important Changes to Forefront Product Roadmaps”

ForeFront protection for SharePoint 2010 whitepaper

Hi guys,

I came across this whitepaper today (through @Joe_Elway) about ForeFront protection for SharePoint 2010. I wanted to share this whitepaper with you.

Here’s some more info:

Forefront Protection 2010 for SharePoint (FPSP) is designed to protect Microsoft Office SharePoint Services (MOSS) 2010 and SharePoint Server 2007 environments from malware and inappropriate content. This is accomplished through tight integration with SharePoint through SharePoint’s VSAPI (Virus Scanning API). The VSAPI provides realtime protection for malware and content scanning. SharePoint database scanning is accomplished through FPSP’s scheduled and on-demand scans. These scans use the SharePoint object model to navigate and retrieve content for scanning. Each of these integrations requires specific permissions and access requirements. This document explains FPSP’s integration with SharePoint as well as details around each of the integration points.

You can download the whitepaper from the Microsoft website here.

Forefront Endpoint Protection 2010 Update Rollup 1 :more info

Hi guys,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here.

In addition to hotfixes, this Update also includes some important changes to note:

Support for Windows Embedded 7 platforms: With this update, the FEP client software is supported on certain Windows Embedded 7 platforms and Windows Server 2008 Server Core. For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint
Protection on a Client Computer.
Signature Update Automation Tool used with Configuration Manager Software
Update: This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates. This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule. The automation of the tool is done through the Windows task scheduler. To download the tool: Go here.
Two new preconfigured policy templates for the following server
workloads:

a. Microsoft Forefront Threat Management Gateway

b. Microsoft Lync 2010

You can find more details in the “What’s New” document on the TechNet site. Please check out this KB article for a full list of fixes included in this Update Rollup.

Forefront EndPoint Protection Update rollup 1

Today Microsoft announced Update Rollup 1 for Microsoft Forefront Endpoint Protection 2010. This update introduces some new features and updates. Continue reading “Forefront EndPoint Protection Update rollup 1”

Use SMSMap tool to document FEP components

Visio is one of the most popular tools for creating diagrams that describe effective systems and processes. In every project in which I participate, when it comes to documenting what you did I always have to create a diagram where I defined architecture, server configuration, network, etc. A picture is worth a thousand words and Visio is the tool of choice in these documentation tasks. Continue reading “Use SMSMap tool to document FEP components”

ForeFront Endpoint Protection – Manage your FPE client with GPO

If you are planning or have already deployed ForeFront Endpoint Protection, this may interest you.

As you know FPE is designed to be managed throught System Center Configuration Manager BUT… you may not have SCCM deployed or need more granularity. Continue reading “ForeFront Endpoint Protection – Manage your FPE client with GPO”

FEP Capacity planner

Attached to this blog post is the FEP Datawarehouse Space Capacity Planning worksheet. You can use this worksheet to help estimate the amount of disk space needed based on the following values: Continue reading “FEP Capacity planner”