In association with heise online

23 August 2007, 13:21

Thomas Joos

In the Front Line

Microsoft Forefront Security Overview

With its Forefront Security product range, Microsoft intends to provide protection for corporate networks and now challenges established vendors like Symantec and McAfee also in the corporate security market. An overview of Forefront’s features gives a first impression.

Microsoft's security products are divided into three main lines: Forefront Client Security aims to protect Windows client PCs and Windows Server operating systems against network viruses. In addition, there are dedicated solutions for keeping malware out of server-based applications like Exchange Server 2007 or the document management system SharePoint. Finally, the proxy and firewall product Internet Security and Acceleration (ISA) Server 2006 and its expansion Intelligent Application Gateway (IAG) 2007 provide additional security for the network edge. ISA Server 2006 has been available separately for a while and will now be integrated into the Forefront product range.

Client Protection

Forefront Client Security offers centrally managed virus protection for client PCs and network servers. It is in direct competition with Symantec AntiVirus Corporate Edition, Trend Micro OfficeScan, and McAfee Total Protection. Although a final version of Forefront Client Security can already be downloaded for testing, Microsoft has not yet announced an official release date. According to Microsoft, Forefront Client Security is based on the same technology as Windows Live OneCare, the antivirus product for home PCs. Its protection against viruses and trojans is mainly based on technology developed by GeCAD, which was taken over by Microsoft in 2003. Its spyware protection is based on GIANT Company software technology, which Microsoft took over in December 2004.

Forefront Management Console
Zoom The Forefront summary status report

Windows Live OneCare has so far yielded notoriously bad test results. In a c't test (volume 05/07), response times after reports of new malware were longer than average: 36 to 38 hours. The scanning results were among the worst in this test: For backdoors, bots and trojans Microsoft still managed to beat CA Antivirus and ClamWin with 74.6 per cent. But its heuristics came last in the retrospective test with 7 per cent for up to two month old signatures. If Forefront Client Security is indeed based on this concept, this does not bode well.

Forefront console navigation
Zoom In the management console you can define which servers are included in reports

Forefront Client Security supports Windows 2000, Windows XP, Windows Vista, and Windows Server 2003. For the central distribution of new virus signatures it co-operates with Microsoft's free patch management product Windows Server Update Services (WSUS), which has been available in its new version 3.0 since May 2007. In addition, corporate security policies for client PCs can be deployed this way, for example secure browser configurations based on the group policies in Active Directory.

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit