Information Filled Under ‘Teched 2010’ Category
Analysts at the Microsoft Malware Protection Center ( MMPC ) apply objective criteria to software to determine if it should be classified as malicious or potentially unwanted. When software is classified as malicious or potentially unwanted, Microsoft adds it to a definition library used by Client Security during scans
Original post:
Understanding how Forefront Client Security responds to potentially unwanted software
By Alon Rosental Forefront Endpoint Protection 2010 Beta is available for Public download ! So now that you’ve downloaded Forefront Endpoint Protection Beta 2010, the next step would be to plan your deployment and get the Forefront Client in your Configuration Manager environment. This post will focus on how to deploy Forefront Endpoint Protection client to a collection of computers using your existing Configuration Manager infrastructure, how to switch to Forefront Endpoint Protection from an existing deployed antimalware product and how to validate client deployment. Before deploying Forefront Endpoint Protection in your environment, it is recommended that you review the planning and architecture guide
See the rest here:
How to deploy Forefront Endpoint Protection Beta 2010 Clients using Configuration Manager
Our support folks have created a tool that enables you to remove permanently offline computers from your FCS database. Client computers go offline for many reasons, including decommission, re-tasking, and re-imaging. After a day, these computers are shown in the “Not Reporting” section of the Client Security console
See the article here:
Forefront Client Security Offline Asset Removal Tool available
Hello folks, Just as an FYI – we’re renaming this blog to more closely align with the general endpoint security environment here at Microsoft. Client Security information will continue to be posted on this blog, but we’re also broadening the content to include posts about other forms of endpoint security
Continued here:
Excuse our dust a bit more…
At the end of last week we published additions to the FCS BPA. The revisions are again described in KB976986 . The new checks are focused on database related issues including: Database sizing DTS job failures Last backup times Threat metadata problems As promised in our last BPA announcement , it also contains usability improvements like a start menu shortcut and status bars during scanning
Originally posted here:
Recent updates to the Client Security Best Practice Analyzer
As Windows 2000 nears the end of it’s support cycle, we wanted to make sure you had the most up to date info on running FCS on computers running Windows 2000: Customers using Forefront Client Security (FCS) who are unable to migrate to OS versions beyond Windows 2000 before July 13, 2010 will continue to receive support for the FCS product as follows: FCS on computers running Windows 2000 will continue to receive antimalware definition updates.
View original post here:
Support Clarification
FCS antimalware updates are classified in WSUS as critical updates. Therefore, if you want to automatically approve these updates you must create a rule for the Forefront Client Security product and the Critical Updates category in WSUS
Read the rest here:
Keeping FCS up to date
In viewing a website, the first thing that we notice is, of course, the header . It is actually the portion that catches the viewer’s notice first before the content most especially for random searches or viewing. In one of our previous post, we have showcased several cool and interesting footers for websites.
See the rest here:
A Showcase of Effective Headers in Web Design
There are many creative faces in the design community who are waiting to be seen. If you’re a beginner to designing for the web then this will be a great tutorial for you. In this tutorial we will be creating a creative web layout for a business type website using adobe Photoshop cs , and various design tips and techniques
View original post here:
Create a Creative Web Layout for your Business using Photoshop
Enterprise Manager is a great way for Client Security customers to do centralized management and reporting across two or more down-level deployments. Enterprise Manager is a separate FCS server installation that does not support client connectivity and is used for management of down-level deployments. Typically this is done when the down-level deployments would exceed the 10,000 client supportability limit, but on occasion it is done for network bandwidth or division of responsibility reasons
Go here to read the rest:
Thoughts on Enterprise Manager
The final installment in our series on registry keys for FCS is a big one – there are a lot of registry keys that can be used to control the behavior of the FCS real-time protection agent. The following tables describe the keys (these are in addition to the ones described here and here , in the FCS Technical Reference).
See original here:
Miscellaneous Real Time agent keys
Continuing in the registry key series, let’s talk about DisableEmailScanning. By default, the antimalware engine included with FCS will not scan email archives (email archives are file-based containers that contain email messages). FCS is an enterprise-level product – and in an enterprise (business) environment, it’s expected that you are protecting email at the mail server level (using, for example, Forefront Protection 2010 for Exchange Server )
Read more:
Scanning email archives
Next up in our registry key series: setting definition update keys via policy. On the FCS TechNet library, the following registry key is described: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftMicrosoft ForefrontClient Security1.0 Description Registry Key New value when deployed in policy Default value when no policy deployed Scan types effected Specifies the day and time that Client Security will update definitions AMSignature UpdatesScheduleDay Never (0×8) Every day (0×0) Real-time scan, Scheduled scan There are additional settings that you can use to change the day and time at which definition updates are performed. In addition to the values in the above table, ScheduleDay can be configured to use the following values: Sunday (0×1) Monday (0×2) Tuesday (0×3) Wednesday (0×4) Thursday (0×5) Friday (0×6) Saturday (0×7) You can control the value for the time at which definition updates are performed by adding the ScheduleTime registry key to the same location as ScheduleDay.
Read the rest here:
Setting definition update keys via policy
The Client Security BPA was posted to the download center shortly after FCS released. The initial release included five basic checks of an FCS server installation which are described in the TechNet documentation here
Read more:
Additions to the Client Security Best Practice Analyzer
Last month in the Client Security blog the Forefront Client Security team announced the availability of a revised installation package, which is available via WSUS. More information about the new installation package is found in Microsoft Knowledge Base article 976669 . In that article I wrote a section called WSUS Applicability Logic, which briefly discusses how and when the new package is installed
See the article here:
Setting the Collection server during WSUS deployment
Hey folks – we’ve got an exciting line up of sessions about FCS and Stirling that you will want to add to your TechEd schedule – come see the product group talk about our new exciting features! I’ve listed all the sessions available for all Forefront products below. Come visit us at the product booths for more details, and to speak with the product group members! Session number Session title Scheduled speakers SIA204 Security Management and Protection: What’s in Microsoft Forefront Client Security Version 2 Bashar Kachachi and Neha Sharma SIA318 Protection: Next Generation of Messaging and Collaboration Protection Mitch Hall and Mike Chan SIA319 Protection: Targeting Spam with Forefront John Gargiulo and Terry Zink SIA321 Security Management: Integrated Enterprise Security with Microsoft Forefront Code Name “Stirling” Chris Sfanos and Eric Fitzgerald SIA01-TLC Next Generation Messaging and Collaboration Protection Drilldown Mike Chan/Mitch Hall/Terry Zink/John Gargiulo SIA02-TLC Advanced Deployment of Microsoft Forefront Code Name “Stirling” Chris Sfanos and Neha Sharma