cl-nz logo
Story image

Integrated security solutions

01 Jul 2007

Microsoft forefront security for exchange serverServer security and management are converging.  This is driven by a customer need to better manage the complexities of modern day business and protect systems against a fast-evolving threat landscape.  To address these concerns, customers are using many different approaches and technologies to secure and manage their environments.  Unfortunately, this also means they have way too many point solutions and not enough common infrastructure. The move towards convergence is about building a greater level of common infrastructure across security and management, and providing tools that help meet the needs of both the security and management IT staff.  The Channel chats to Tovia Va’aelua, server and tools marketing manager at Microsoft New Zealand about one of these tools, Microsoft Forefront for Exchange Server.What is Microsoft Forefront?Forefront is a complete suite of security products.  They provide greater protection and control by integrating with your existing IT infrastructure.  They’re also simple to deploy and offer easier management and analysis. The Forefront security products protect client machines, server applications and the network edge.So what is Microsoft Forefront Security for Exchange Server?Forefront Security for Exchange Server helps businesses protect their Exchange messaging environments from viruses, worms and spam.  It uses multiple scan engines from leading security providers, so you have a single solution which emphasises layered defences.  This, and other scanning innovations and performance controls, helps to protect customers’ email infrastructure from infection and downtime while optimising server performance too.  It’s designed to make it easy for administrators to configure and operate, automatically update scan engine signatures and simplify reporting.Forefront Security for Exchange Server is the first product launched under the new Microsoft Forefront brand.  In June last year, we unveiled plans for a comprehensive security product portfolio and roadmap to help customers protect information and control access and that has taken shape.  When Microsoft acquired Sybari in 2005, it gained Sybari Software’s Antigen for Exchange Server.  We’ve now done some work on this product and Forefront Security for Exchange is the new, updated version.What are the customer pain points that this solution helps to address?Customers are looking to simplify their lives but still practice top-notch security.  To do that, they need solutions that are easy to manage and more tightly integrated with each other and the underlying infrastructure.  Basically, why have lots of different solutions from different providers which all need to be installed, managed, connected and maintained, when you can have one solution that does the job and does it well?For resellers, this is an opportunity to sell customers a robust security product when they next sell Exchange Server.How does Forefront Security for Exchange Server protect Exchange Server?It provides server-level protection in real time by examining messages as they are being transported through the system (at the edge and hub servers) and when they have been stored (in the mailbox and public folder servers).  Forefront works even when messages come from mobile devices. The multiple scan engines mean that mail is constantly being scanned and even if one engine fails or goes offline for updates, the others still continue to scan.What antivirus scan engines are included with Forefront Security for Exchange Server?Forefront Security for Exchange Server comes with scan engines from many industry leaders.  That currently includes Computer Associates, Kaspersky Labs, Norman Data Defense, Microsoft, Sophos, and VirusBuster.What’s new in Forefront Security for Exchange Server?Forefront Security for Exchange Server supports Exchange Server 2007 and lets IT groups apply comprehensive multiple-engine protection to edge, hub, and store servers.  Mail that has been scanned for viruses at the edge or hub server won’t be scanned again, reducing the load on your mailbox servers.  It comes with a license to enable the premium antispam services of Exchange 2007.  These include an IP block list service, content filter updates and spam signatures to identify the latest spam campaigns.  These are all updated multiple times a day.  Extra virus scanning engines, including the Microsoft Antimalware engine, have been included as part of the product.What versions of Exchange Server does Forefront for Exchange Server support?Forefront Security for Exchange Server will support Exchange Server 2007. Customers who buy a license for Forefront Security for Exchange Server will receive downgrade rights to Antigen for Exchange, which supports Exchange Server 2003 and Exchange Server 2000.How will Forefront Security for Exchange Server be licensed?Microsoft Forefront Security for Exchange Server will be licensed through the Microsoft Online Services programme on a per-user subscription model.  The license includes all antivirus and antispam engine updates, signatures and product upgrades during the license period. So what’s next from Microsoft around the integration of security and management?In the short term, we are rolling out new security and management products.  We’ll continue working with customers to help them realise benefits around integration, ease of use and improved productivity. And we are already executing on our technology roadmap for the next generation of products that will be even more deeply integrated.   

Microsoft Forefront Security for Exchange Server

Comprehensive Protection: Forefront Security for Exchange Server provides multiple antivirus scan engines at multiple layers throughout the email infrastructure to deliver maximum threat protection.   * Protection against the latest viruses.  Multiple scan engines provide better protection against threats. If one engine fails or goes offline to update, other engines continue to scan without interrupting mail delivery. IT administrators can apply up to five scan engines at once at Transport and Store servers.   * Protection against spam. Forefront Security for Exchange Server provides the rights to enable the premium antispam services of Exchange 2007, including the Microsoft IP Reputation Service, IMF (content filter) signatures, and antispam signatures and keeps them updated multiple times each day.   * Protection against new and hidden threats. Forefront Security for Exchange Server includes heuristics technologies that detect malicious code based on behavioural characteristics.  It also has configurable file filtering rules that help businesses block file types that are known for carrying viruses (for example, .exe).

Optimised Performance: Through deep integration with Exchange Server, scanning innovations and performance controls, Forefront Security for Exchange Server helps protect messaging environments while maintaining uptime and optimising server performance.   * Elimination of redundant scanning.  Exchange Server 2007 provides a secure antivirus header stamp that Forefront Security for Exchange Server attaches to each email as it is first scanned at the Edge or Hub. The mail never needs to be scanned again, saving processing load at the Hub and Store.   * Incremental background scanning.  IT can protect the mail Store with less server overhead by scanning only messages that are most likely to be infected, such as those that are a few days old or that carry attachments.   * Performance controls.  IT groups can use in-memory and multi-threaded scanning and can leverage how many engines are used for a given scan job for greater flexibility and control over security and server performance.

Simplified Management: Forefront Security for Exchange Server enables administrators to easily manage product configuration and operation, automated scan engine signature updates and reporting at the server and enterprise level.   * Forefront Server Security Administrator. This built-in management console enables administrators to fully configure Forefront Security for Exchange Server locally or remotely.   * Centralised web-based console.  Forefront Security for Exchange Server works with Microsoft Forefront Server Security Management Console, which provides central configuration, deployment and updating for all Forefront server security products.   * One-stop, automated updates.  Microsoft monitors its antivirus vendors for new signatures and engine updates, tests them against a virus database and then confirms and posts them for automatic download by Forefront Security for SharePoint or Forefront Server Security Management Console.   * Integrated monitoring.  The solution supports a management pack for Microsoft Operations Manager (MOM), so IT can include Forefront Security for Exchange Server system information in broader corporate management practices.