Monday, October 25, 2010

What is its deployment of Microsoft Forefront



What is Microsoft Forefront? Is it what Microsoft products? Very fortunate, I was invited lecturer at the Guangzhou station Microsoft Security Elite training teachers in more than courage under the leadership of a senior lecturer with more than 20 Microsoft, together with three days time a comprehensive understanding of what is Microsoft Forefront.

Information systems security is the broad enterprise IT departments very difficult thing, from the past blind attack (denial of service, etc.), and now a purpose and a plan for implementation of the attacks (phishing, social engineering, botnets), gave We have brought huge losses. Among them, the network virus is most especially headache, Take the most recent Panda Virus for burning incense, to the huge losses caused by Chinese enterprises.

Let's look at a set of data, as of February 2006, Microsoft Windows XP SP2 have been distributed 277 million copies, which accounted for enterprise deployment, 61%; Microsoft Windows 2003 SP1 4.7 million copies have been downloaded; release of Windows Defender as soon the most frequently downloaded Microsoft history, to help protect more than 2800 million customers, and Microsoft Windows Malicious Software Removal Tool out 28 billion, 270 million times the average monthly implementation. From this set of data that Microsoft continues to strengthen safety management and help our clients achieve secure trusted computing.

Many people may be more familiar Microsoft Antigen security products, the products include:

Antigen for Exchange: Exchange 2003 to protect enterprises and Exchange 2000;

Antigen for Instant Massaging: Microsoft Live Communications Server 2005 to protect the security;

Advanced Spam Manager: Help Exchange server, to prevent spam;

Antigen for SMTP Gateways: the edge of the network based on enterprise protection;

Antigen for SharePoint: Windows SharePoint Services and the protection of SharePoint Portal Server 2003 security.

Today, Microsoft Forefront release Antigen products will be effectively integrated, we can see that under the plan can detail the development process.

We believe this plan can be clearly recognized, Microsoft Forefront is not just a product, it should be a security product series, the series includes Microsoft Internet Security and Acceleration Server 2006 (ISA Server 2006), Microsoft Forefront Security for Exchange Server, Microsoft Forefront Security for SharePoint, Microsoft Forefront Security for Office Communication Server and Microsoft Forefront Client Security. The family enterprise from the edge of the network, the application server to the client security management fully integrated to form a set of Microsoft security solutions.

So, in Microsoft's overall security system framework, Forefront in what location? We can clearly see the following figure.

The blue in the figure is the Microsoft Forefront family of the region, its existing infrastructure and business integration platform, with the formation of Microsoft's complete security architecture for the protection of client devices, servers and core applications series and the network edge.

We can simply look at the following diagram Forefront products deployed in the enterprise architecture.

Simple understanding of the Microsoft Forefront family of products, let us look at what surprised Forefront gives us somewhere.

1, ISA Server 2006's new features

1, for the protection of the application released

ISA Server 2006 increases the release of SharePoint sites, Exchange sites previously published simplified the complexity and increase the support of authentication methods;

2, supports SSO (Single Sign-On)

Support the same domain name suffix of single sign-on;

3, enhanced security access

Enhanced security access restrictions, can limit the maximum per minute per IP TCP connection requests, maximum number of TCP concurrent connections, maximum number of TCP half-open connections and the maximum HTTP connections per minute and the maximum number of requests and number of concurrent connections UDP;

4, increasing branch network to support

Second, a number of anti-virus engines, to provide effective protection

Forefront family of products throughout the nine well-known anti-virus vendors to provide the scanning engine, these engines include Microsoft Antivirus, Sophos, CA VET, CA InoculateIT, Norman, Kaspersky Lab, AhnLab, Authentium Command, Virus Buster, the nine anti-virus scanning engines in the Forefront for both server and client security products available, including Microsoft Antivirus, Sophos, CA VET, CA InoculateIT, Norman these five engine provided with the product.

Some may ask, are there so many anti-virus engines What are the benefits? Let us look at a set of data, which is well-known anti-virus software testing laboratory AV-Test.org more than nine engines on the five engine through five combination with a single engine, 82 Virus global test data obtained by the authority.

The above data, we clearly see the Forefront multi-engine scanning capabilities of the virus protection is much higher than a single anti-virus protection role played by the engine.

In addition, in the face with the complicated network environment, multi-engine scanning can also solve a single engine can not complete the work:

1, an engine failure to protect: to prevent anti-virus engine due to a failure, and loss prevention capabilities;

2, back protection: The protection can ensure that if the engine fails to accept updates, you can roll back to a normal version and activate, and then issue a warning message;

3, updated protection: in one engine is being updated, other engines continue to insist on scanning, to ensure the normal protection;

4, the latest virus code: to suffer to protect the client or the server through a number of international renowned anti-virus vendors virus code scanning, from the known, up to nine;

Note: When the server provides multiple scan engines, will definitely affect server performance, so every time the combination of multiple engine, up to five.

5, dynamic performance tuning: the Forefront, we can choose how Forefront server engine combination, and can choose according to the performance of the server, for example, our virus protection to ensure high performance, multi-performance engine will automatically adjust , using 25% of available engines work; and multi-engine management, anti-virus engine used by all dynamically allocated from the available engines.

Scanning through different combinations to maximize the reduction of the threat, effective protection for enterprise networks.

Third, the power

Forefront addition to providing a powerful multi-engine scanning, it also aimed to remove the worm, file filtering to provide strong protection.

4, close integration of simple management

Forefront family of products based on a good platform architecture and enterprise integration, and with the related server products, such as AD, WUSU, MOM, SQL, etc. to provide efficient work together. In addition, Forefront Group Policy AD combined with centralized management and centralized distribution, will generate the deployment template, set the strategy, software distribution and other unified arrangements.

Fifth, a strong warning and reporting

Forefront console combined with SQL Server 2005, Reporting Services and MOM 2005 for report generation and event collection;







Recommended links:



Good Browsers



Ulead SmartSaver Pro 3.0 Cheats bit of communication (17)



Raiders experience Demon slayer Painkiller



SWF to MOV



Premier Graphic Viewers



Comparison Network And Internet



To work without selection, the problem you thought about it?



how To select a best ps3 game copying software



Free patterns Subversive



Automatically change the control once and for all so that the size of VB



MINISTRY of Industry and the financial allocation in 2010 was 11.3 billion



How can I let people believe IN?



Gallery And Cataloging Tools Brief



FLV to iPhone



QT To WMV



No comments:

Post a Comment