Forefront Client Security – What it is and isn’t gonna do

Forefront Client Security (FCS), is gonna be the

antivirus, anti-malware, anti-spyware

solution to protecting all the

IT managed infrastructure

in a corporate network. To be specific, FCS will be protecting the following range of x86 and x64 clients:

  • Windows 2000 SP4+
  • Windows XP SP2+
  • Windows Vista Business, Enterprise and Ultimate
  • Windows Server 2003 SP1 & R2

FCS at this point of time (with version 1.0) will not
be able to protect the following clients:

  • Windows NT
  • Windows XP Tablet PC
  • Windows XP Media Center
  • Windows XP Embedded
  • Windows Vista Home Basic/Premium
  • Any edition of Windows that’s not domain joined

FCS is basically an anti-malware solution for corporate, IT managed environments that requires a few services to be managing all the clients running the FCS Client Agent.

So where’s the FCS Server going to be?

The FCS services are installed on a Windows Server 2003 SP1 and R2 standard or enterprise Server x86. (Longhorn is expected to be supported from the next version release).

Also, x64 is not there at this time cause of some feature dependency on x86 version. To be specific, the FCS Server makes extensive use of

GPMC (Group Policy management Console)

which is not supported on x64 platform at this point of time. But it is quite assured that the product group is working in this direction of development, and will soon be able to provide an x64 bit support to GPMC and hence to FCS server also.

For monitoring the FCS client agents, the FCS uses

MOM Server 2005

SP1

at its backend. Although MOM 2007 is planned to be released in pretty much the same timeline as FCS, the product managers, plan to bring out the 1.0 version of the product that is ready to be deployed in existing infrastructures.

SQL Server Reporting services of SQL Server will be leveraged for the FCS reporting feature.

FCS embeds its own version of MOM 2005 SP1 for deployment and cannot use an existing installation of MOM 2005, reason being the number of modifications that FCS makes to MOM and SQL server in terms of patches, schema changes and more.
Moreover all the involved servers (FCS, MOM 2005 SP1 and SQL Server) will run only on

x86

architecture at present.

How it Works

1. Policy Update – Policies that specify how and which clients need to be installed with the FCS client agents, how the scanning will happen, schedules etc., are all managed using Active Directory Group Policy. The policies can also be exported into a file for applying locally.

2. Signature Distribution – The signature distribution has been optimized to happen through WSUS. Nevertheless, signatures would also be downloadable from Microsoft.com and can be distributed thru other mechanisms like SMS etc.

3. Event Collection and Reporting – The FCS embeds a modified version of MOM 2005 and the client is installed with the FCS agent and can generate events once it is connected to the domain. The events continue occurring even when client is not connected, but are reported back to the server only when client establishes back its domain connection.

9 thoughts on “Forefront Client Security – What it is and isn’t gonna do”

  1. Hi,Do you need advertising displays, digital signages, ad players, advertisement player and LCD advertisings? Please go Here:www.amberdigital.com.hk(Amberdigital).we have explored and developed the international market with professionalism. We have built a widespread marketing network, and set up a capable management team dedicated to provide beyond-expectation services to our customers.
    amberdigital Contact Us
    website:www.amberdigital.com.hk
    alibaba:amberdigital.en.alibaba.com[chhadfchabibghh]

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s