Security to the Forefront

Microsoft Forefront is a suite of security products that can be deployed to protect the whole of a network, from the edge, via servers to individual desktops.

The effort by IT security managers to keep computer-related crime at bay has to be a mixture of staff education and best-defence technological protection.

Computer crime can affect IT systems at any point in the chain between the Internet, servers, and users’ desktops. So protecting your network requires an integrated end-to-end strategy; which is what Microsoft Forefront offers.

Integrated, all-in-one protection

Forefront is a suite of security products, designed to protect your entire network from the perimeter, via servers, to clients. The components are integrated, in order to work seamlessly together.

There’s a single management console, for example, which saves your IT team having to learn their way around multiple vendors’ interfaces. Managing updates and licences is also simple, because everything comes from a single supplier.

“All-in-one solutions often provide a much more cost effective solution for organisations, reducing the need for multiple skill sets and capability”, says Spencer Land, architecture services lead at systems integrators Keane UK.

That means a lower requirement for retraining, and a faster return on investment. There are other advantages to an all-in-one solution. Being a single product from a single supplier avoids the worry of a "who to blame" problem if something goes wrong.

Using best-of-breed components

Yet Forefront also offers the benefits of "best-of-breed" cover, since many of its components actually started life outside Microsoft. Forefront Security for Exchange Server, for example, originally appeared on the market as Sybari Antigen.

"If you want to slot in one or more third-party malware detection engines in addition to Microsoft’s own, you can do so."

Forefront in depth

So what do you get? For client PCs, Forefront Client Security is a stronger, centrally-manageable version of Microsoft Defender. It protects laptops and desktops from viruses, spyware, spam, Trojans, botnets, malware, phishing attacks and many more threats besides (see glossary).

For servers, Forefront Server Security is available for Exchange Server, SharePoint, and Office Communications Server. It integrates with client-side components to provide continuing protection against all major threats, and complements existing Windows infrastructure investment, such as Active Directory.

Finally, Forefront Security for Internet Security and Acceleration (ISA) Server 2006, and Forefront Security for Intelligent Application Gateway (IAG) 2007, deliver edge and perimeter security.

It includes SSL for secure web-based applications, as well as IPSec VPN for private external networks. It also includes Intrusion detection/prevention facilities, to proactively alert you if any suspicious activity is detected.

Testing the water

If you want to slot in one or more third-party malware detection engines in addition to Microsoft’s own, you can do so. And if you’re not quite ready to buy the entire end-to-end product from day one, you can install only the components that you want, in any order, and upgrade as the need arises.

"Forefront is a great weapon in your arsenal, but you also need to create a culture of security awareness across the whole organisation that doesn’t begin and end with the IT team."

The human factor

The NHS Code of Practice for Information Security Management points out that “effective information security involves more than simply installing a security product, implementing anti-malware software, providing a security policy or signing a contract with a support service provider.”

Forefront is a great weapon in your arsenal, but you also need to create a culture of security awareness across the whole organisation that doesn’t begin and end with the IT team.

A dab of alcohol gel is starting to become second nature to healthcare staff as they enter a ward. Remaining constantly aware of the threats to confidential data needs to be second nature too.

A well-managed combination of staff awareness, plus a comprehensive software suite such as Forefront, will provide the necessary degree of infection control for your IT systems.

A bot is a piece of malware (malicious software) that allows an attacker to take control of a computer and use it for phishing, or to send viruses or spam email. A computer infected by a bot is known as a ‘zombie’.

Identity theft occurs when somebody steals your personal details and uses them to impersonate you – usually to commit fraud.

Phishing is a generic term for several methods that are used to gather personal and confidential details. Common scams include creating false websites, web pages and emails to gather names, passwords and other information that customers need to access secure websites, such as online banks.

A Trojan horse is a program that pretends to have a set of useful or desirable features, but actually hides a damaging piece of software. Unlike viruses, Trojan horses do not replicate.

A virus is a computer program written by a malicious author, which spreads by copying itself and transferring to other computers. There are around 53,000 computer viruses in existence, with a new one detected every 18 seconds.

A worm is a type of virus that spreads by replicating itself on linked drives, networks and systems – such as email or instant messaging.

Related Links

• Review further information about the Microsoft Forefront suite of security products.