How Microsoft Forefront secures messaging and collaboration servers

Contact Us Contact a Microsoft Representative Your satisfaction Matters!Let us know your thoughts about your Microsoft experience. Home Products Microsoft Dynamics Microsoft Dynamics AX Microsoft Dynamics CRM Microsoft Dynamics GP Microsoft Dynamics NAV Microsoft Dynamics SL Microsoft Office Microsoft Office Professional Plus 2007 Microsoft Office Enterprise 2007 Microsoft Office Small Business 2007 Microsoft Project Microsoft Visio Windows Phone Windows Server Windows Essential Business Server Windows Server 2008 Microsoft SQL 2008 Microsoft Exchange Server 2007 Microsoft Forefront Microsoft System Center Essentials 2007 Microsoft Exchange Hosted Services Microsoft Office PerformancePoint Server 2007 Windows 7 Windows 7 Professional Windows 7 Enterprise Windows Vista Online Services How to Buy How to Buy: Overview Licensing Licensing Options More On Licensing Financing Software Management Software Asset Management (SAM) Support Information for IT Professionals Learning and Training Tools Microsoft Support Services Self-support & Assisted Support Industries Overview Professional Services Financial Services Manufacturing Government Retail Resources Business Resource Center Member Services IT Managers Business Leaders Security Business Goals Security Develop Relationships Drive Innovation Improve Operations Build Connections Regional Sales Teams East Region West Region Central Region Events and Webcasts Newsletter Worldwide Related Links • The next step in client security • Microsoft Forefront Overview • Microsoft Forefront Security for Exchange Server • Microsoft Forefront Security for SharePoint • Microsoft Forefront Server Security Management Console

Use these server security tools to protect the hub servers that manage communication capabilities across your company.

In summary:

There's nothing more aggravating for IT than dealing with an outbreak of malware on desktops. That's why developers have strived in recent years to strengthen the security capabilities of devices that are closer to the edge of the network or that act as hubs on the network itself. Doing so makes the IT department more efficient in two ways: They can focus their efforts on servers rather than desktops, and they can significantly reduce the amount of time spent fixing individual desktop devices. (This doesn't mean IT should ignore desktop protection, but the number of incidents should decrease if server security tools are employed as well.)

Among Microsoft's current offerings in the server security arena are three tools targeting messaging and collaboration environments: Forefront Security for Exchange Server, Forefront Security for SharePoint, and Forefront Server Security Management Console, which helps IT manage the first two.

Forefront Security for Exchange Server. In tackling viruses, spam, and other malware, this product offers two different but important benefits for Microsoft Exchange Server 2007. The first is Microsoft's licensing of seven global antivirus engines in addition to its own (competing products generally only use their own antivirus engines). The second is that IT can use it to perform three kinds of scanning: in real time on the desktop, in real time on the server, and manually for newly reported outbreaks.

Forefront Security for Exchange Server is designed to let IT run up to five of the antivirus engines at a time for any given scanning task. Each of the engines has different and complementary strengths based on its technology, lab, and even geography, according to Mike Chan, senior product manager. For instance, one engine may provide more powerful heuristics for the detection of new malware, while another provides more frequent signature updates each day.

Another advantage to using multiple engines: If one virus engine is busy updating its roster of virus signatures, another one automatically takes its place. "When you only have one engine and it stops to update new signatures, your incoming mail will queue up," says Chan. Users do not see a performance hit, even though the application uses multiple engines. "The software is deeply integrated with Exchange, so we run at the same speed or faster than competitors while not burdening the performance of Exchange," he adds.

Forefront Security for SharePoint. Like Forefront Security for Exchange Server, this product incorporates malware protection to ensure that infected files are not accidentally posted to a Microsoft Office SharePoint Server 2007 database. According to Noelle Méndez-Villamil, Microsoft's senior product manager for the security application, Forefront Security for Exchange Server includes file and keyword filtering capabilities, which help ensure that neither inappropriate content nor confidential information ends up in documents posted to a SharePoint site.

For example, if employees are misusing SharePoint by posting MP3 music files, IT can search for the file headers, identify all MP3 files, and remove them from the SharePoint library. But because many lectures and presentations are now available in MP3 format, it's possible that some files may be for legitimate business use. For that reason, IT can use Forefront Security for SharePoint to identify who posted the files and ask them to confirm their legitimacy.

The content filtering capability also helps enforce compliance and prevent the leakage of confidential information, notes Méndez-Villamil. In law firms, for example, it's important to keep case files organized. "You can ensure that files relating to one client aren't accidentally posted on the SharePoint server for another client," she says. Forefront Security for SharePoint Service Pack 2 will include pre-populated keyword lists in 11 languages.

Forefront Server Security Management Console. To efficiently monitor and manage both the aforementioned tools, Microsoft has developed the Forefront Server Security Management Console. It gives administrators a Web-based console to centralize configuration and operation, automate the download and distribution of signature and scan engine updates, and generate comprehensive reports through its integration with Microsoft SQL Server 2005.

The Forefront Server Security Management Console acts as a hub for the other servers, receiving virus signature updates and then routing those appropriately, according to Kelli Cook, product manager for the Forefront Server Security Management Console. That saves bandwidth because the servers do not need to be configured separately to connect to the Microsoft site to download updated signatures, and each update can be incremental.

For better reliability, IT can also create a backup management console. "If the primary console goes down, the backup server retrieves the latest virus updates," Cook explains. When the primary console comes back online, the two machines synchronize to ensure that only the latest virus signatures are propagated among the Exchange and SharePoint servers.

Top of page

Hosting options

Microsoft also offers these security capabilities on a hosted basis using Microsoft Exchange Hosted Services Filtering—an option that may appeal to midsize companies that are hesitant to devote significant IT resources to security. "Your mail comes to Microsoft first, and you get a clean stream of mail," Chan says. In addition, some small and midsize companies can get these security capabilities for both Exchange and SharePoint on a hosted basis through their Internet service providers.

Your Exchange and SharePoint servers are the most likely servers to be connected to the outside world and to collect crucial business data, so it makes sense to ensure that they are as safe and protected as possible.

Silicon Valley-based freelancer Howard Baldwin writes regularly for the Microsoft Midsize Business Center. His work has also appeared on AllBusiness.com and in CIO.

Top of page