Microsoft Forefront Endpoint Protection 2010 Update Rollup 1 verfügbar

Hi,

nach dem Update der Antimalware Lösung für Privatanwender, Microsoft Security Essentials, wurde jetzt auch die Antimalware Lösung für Firmen, Forefront Endpoint Protection 2010 aktualisiert mit dem Update Rollup 1, welches seit heute verfügbar ist.

Microsoft erweitert mit dem Update Rollup 1 für die Forefront Endpoint Protection (FEP) 2010 nicht nur die unterstützten Plattformen, sondern liefert auch neue, vordefinierte Richtlinien für die Server Produkte Microsoft Lync 2010 und die Enterprise Firewall Microsoft Forefront Threat Management Gateway (TMG).

Der Download von FEP 2010 Update Rollup 1 ist hier verfügbar: http://www.microsoft.com/download/en/details.aspx?id=26583 
Die Technet Dokumentation des FEP 2010 Update Rollup 1 ist hier verfügbar: http://technet.microsoft.com/en-us/library/hh211541.aspx

Das Update ist völlig unproblematisch. man muss allerdings zuerst den Hotfix KB2554364, für das FEP 2010 Reporting installieren.

KB2554364

Das entpackte FEP 2010 RU1 enthält 3 Setups, für das Update.
Nacheinander müssen

  • Update Rollup 1 for Forefront Endpoint Protection 2010 Server
    FepExt   
    The System Center Configuration Manager site server
  • Update Rollup 1 for Forefront Endpoint Protection 2010 Server#1 Update Rollup 1 for Forefront Endpoint Protection 2010 Server#2 Update Rollup 1 for Forefront Endpoint Protection 2010 Server#3
    Update Rollup 1 for Forefront Endpoint Protection 2010 Server#4

  • Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting   
    FepReport   
    The computer on which the FEP reporting feature is installed
  • Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #1 Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #2 Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #3
    Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #4 Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #5 Update Rollup 1 for Forefront Endpoint Protection 2010 Reporting #6

  • Update Rollup 1 for Forefront Endpoint Protection 2010 Console   
    FepUx   
    Computers on which the FEP console extension is installed
  • Update Rollup 1 for Forefront Endpoint Protection 2010 Console#1 Update Rollup 1 for Forefront Endpoint Protection 2010 Console Update Rollup 1 for Forefront Endpoint Protection 2010 Console#3
    Update Rollup 1 for Forefront Endpoint Protection 2010 Console#4 Update Rollup 1 for Forefront Endpoint Protection 2010 Console#5 

    installiert werden.

Dann muss nur noch das bestehende FEP Client Deplomyent Advertisment bearbeitet werden und auf “Re-Run” umgestellt werden und das Advertisment per “Re-Run Advertisment” neu an die Clients verteilt werden. Die Clients bekommen davon nichts mit.

Fep-Advertisment

Fep-AdvertismentReRun

Na dann, Viel Spass beim selber Testen.
CU

Advertisements

Microsoft Security Essentials ab Oktober auch für SMB Kunden frei

Hi,

eine interessant Entwicklung im Antimalware Bereich bei Microsoft.

Da ja das kommende Antimalware Produkt Forefront Endpoint Protection auf Enterprise Kunden abzielt und für kleine Kunden zu teuer ist, hat Microsoft sich entschlossen nun Microsoft Security Essentials auch für SMB Kunden freizugeben, wie im SMB Security Blog nachzulesen ist: http://blogs.msdn.com/b/mssmallbiz/archive/2010/09/22/announcing-microsoft-security-essentials-available-free-to-small-businesses-in-october.aspx

Here is some great news for all of the small businesses out there from Microsoft that I am very happy to be able to tell you about!

As we all know, small businesses are under incredible pressure to:

  1. Reduce operating costs
  2. Improve productivity
  3. Grow their business
  4. Do all of this in a very challenging economic climate

It’s also no secret that most small businesses today do not have a dedicated IT professional on staff to manage their IT resources (which you may recall is why we originally launched the Small Business Specialist Community of partners worldwide). Small business owners and employees are focused on running their business, not managing complicated IT infrastructure.

For those reasons, we are extremely excited today to let you know that Microsoft is making its Microsoft Security Essentials available to small businesses on up to 10 PCs for FREE, beginning in early October!  By providing Microsoft Security Essentials to small businesses free of charge, Microsoft extends its commitment to help these companies save money and grow their business by offering no-cost protection from viruses, spyware and other malicious threats.

Not familiar with Microsoft Security Essentials?  In many ways, Microsoft Security Essentials is an excellent solution for your small business. It is very easy to get and very simple to use. The software requires no registration, trials or renewals and is available for download directly from Microsoft. There is also no need to have other cumbersome security programs installed on your PCs since Microsoft Security Essentials provides real-time protection to address the ongoing security needs of a genuine Windows PC, helping to protect it from viruses, spyware and other malicious threats. Perhaps best of all; however, is that Microsoft Security Essentials is designed to run quietly in the background, enabling you to continue using your PC – and running your small business – without constant interruptions.

Take a look at this video by Theresa Burch, director of product management, who gives a look at the details of Microsoft Security Essentials for a little more about what Microsoft Security Essentials can do for your business.

 

Now, some of you may ask whether Microsoft Forefront Client Security is a better security solution for your business. Well, that depends… If you want virus and malware protection to be centrally administered and integrated with group policy settings, then Forefront is a better option for you. But if you are comfortable with more of a set it and forget it solution, and are looking for an easy way to save money, Microsoft Security Essentials is definitely worth a look. (You can also find a Microsoft partner located near you that can help with determining the right Microsoft security solution for you)

Here is a glimpse of why you can trust Microsoft Security Essentials to protect your business:

  • Microsoft Security Essentials is powered by the same core malware protection engine that drives Microsoft’s enterprise solutions.
  • The antimalware engine used in Microsoft Security Essentials – and in all of Microsoft’s security products – is regularly tested by numerous organizations around the world and has consistently been certified by the industry’s leading independent certification authorities: International Computer Security Association Labs (ICSA) and West Coast Labs, VB100, and AV-Test.
  • Microsoft Security Essentials uses advanced system scanning and removal technologies that employ a definitions database that details the characteristics and behaviors of known malware. Threats are collected every month from more than 600 million PCs around the world and are assessed by the Microsoft Malware Protection Center, and new signatures are written and deployed daily.

Small business owners consistently tell us that their business information is critical and that any downtime caused by security threats or data loss can greatly impact their business. Because of this, we do advise small business owners to consider upgrading to Windows 7 Professional for their business computers. Why? Simple: With Windows 7 Professional, we prioritized speed, reliability, compatibility, and connectivity to keep their systems up and running. Plus, now with Microsoft Security Essentials in the mix to provide no-cost protection from viruses, spyware and other malicious threats, small businesses can focus on what really matters, running their business. (NOTE: Windows 7 is not a system requirement for Microsoft Security Essentials, which is available separately as a no-cost download from Microsoft.)

If you are a Microsoft partner, did you know you can participate in the free Microsoft Security Essentials distribution as well? The Microsoft Link Logo Program allows financial institutions, academic institutions, or any other company or business that has consumer-facing Web-based services to offer Microsoft Security Essentials to their customers easily and at no cost.  (Logo examples to the right)

OEMs and System Builders can pre-install Microsoft Security Essentials on their consumer-bound PCs to provide quality malware protection to their customers out of the box and at no cost. For more information related to opportunities for Microsoft partners, please visit the

Microsoft Security Essentials partner page. This is one more tool you can use in your services offerings to provide a complete solution for your small business clients.


 

So, if you are a small business with 10 or fewer PCs, take a look at Microsoft Security Essentials today as a no-cost, antivirus and antimalware option for you!

For more information on this news, check out the feature story up on Microsoft.com.

Na dann, Viel Spass beim selber Testen!
CU

Microsoft Security Essentials und Forefront Client Security bekommen neue Antimalware Engine

Hi,

das Antimalware Team von Microsoft plant den Release einer neuen Antimalware Engine für Microsoft Security Essentials (MSE) und Forefront Client Security (FCS) am 16. August.

As part of regular update of our antimalware technology to address the latest in the threat landscape, MMPC is planning to release a new antimalware engine on 16 Aug 2010 

Affected products: Microsoft Security Essentials (MSE), Forefront Client Security (FCS)

Engine Version will be in the range of 1.1.610X.0

http://blogs.technet.com/b/enginenotifications/archive/2010/08/09/new-antimalware-engine-is-planned-for-release-on-16-aug-2010.aspx

Na dann, Viel Spass beim selber Testen!
CU

Forefront Endpoint Protection 2010 Beta

Hi,

das Forefront Teamblog schreibt heute “Say hello to Forefront Endpoint Protection” und hat die Forefront Endpoint Protection (FEP) 2010 als öffentliche Beta zur Verfügung gestellt.

FEP 2010 als Nachfolger von Forefront Client Security (FCS), bau im Unterschied auf System Center Configuration Manager (SCCM) 2007 R2 auf, statt auf eine separate Verwaltungsinfrastruktur auf Basis einer integrierten Microsoft Operation Manager (MOM) 2005 Installation. FEP 2010 erlaubt somit die Nutzung einer schon vorhandenen SCCM-Infrastruktur zur Verwaltung und Verteilung auf Desktops, Notebooks und Servern. Genau hier liegt für mich auch die Hürde die FEP 2010 haben wird, denn Kunden müssen vor Installation von FEP 2010 ja erstmal eine SCCM Infrastruktur einführen und aufbauen.

 

FEP unterstützt Windows XP, Windows Server 2003 und alle kommenden Windows Client- und Serverversionen. Neue Funktionen sind:

  • Neue Antivirus Engine
  • Behavioral Threat Detection
  • Windows Firewall Management
  • Dynamic Cloud Updates 

Forefront Endpoint Protection System Requirements

Forefront Endpoint Protection 2010 Server (installed on System Center Configuration Manager)

Minimum Requirements
Memory 2GB of RAM
Available Disk Space
Forefront Endpoint Protection Server: 1 GB
Forefront Endpoint Protection Database: 6GB
Forefront Endpoint Protection Reporting Database: 6GB
 
Operating System
Microsoft Windows 2003 SP2 or later (English)
 
Additional Requirements
No earlier version of Forefront Endpoint Protection Server can be installed
No other antimalware protection can be installed
Microsoft Windows Installer version 3.1 or later
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft SQL Server 2005 SP2 or 2008 Enterprise, including:
        – Analysis Services
        – Integration Services
        – Reporting Services
        – SQL Server Agent
Microsoft System Center Configuration Manager 2007 Service Pack 2 Release 2 site installed with default roles, configured to use the SQL Server Reporting Services, and the following installed and configured:
        – Hardware Inventory
        – Software Distribution
        – Desired Configuration Management

Forefront Endpoint Protection 2010 Client
Minimum Requirements

CPU
Windows XP: 500 MHz or higher
Windows Vista or Windows 7: 1.0 GHz or higher
Memory
Windows XP: 256 MB RAM or higher
Windows Vista or Windows 7:  1 GB RAM or higher
 Available Disk Space 300 MB
 
Operating System
Windows XP SP3 and later x86
Windows Vista RTM and later, x64 and x86
Windows 7 RTM x64, x86
Windows 7 XP mode
Windows Server 2003 SP2 and later, x64 and x86
Windows Server 2008 RTM and later, x64 and x86 (not server core)
 
Additional Requirements
Configuration Manager agent
Windows Installer 3.1
Filter manager rollup (KB914882)
WFP rollup package (KB981889). Redistributed by client
Windows Update

Marc Grote hat auch schonmal ein Installationsbilderbuch erstellt 😉

Na dann, Viel Spass beim selber Testen!
CU

Forefront Client Security: Update Check der Definitionen beim Start

Hi,

Forefront Client Security führt einen Update Check der Definitionen standartmäßig nur aus:

  • Vor dem Start eines Scan´s
  • zu einem konfigurierten Zeitpunkt
  • manuell

Wenn man nun beim Start einen einen Update Check der Definitionen von Forefront Client Security wünscht, muss man dies nach KB Artikel 971026 oder Blogartikel “Checking for definition updates when starting” manuell einrichten per GPO oder Verteilung per Registry.

Es muss eine ADM (z.B. FCSUpdateOnStartup.adm) Datei, z.B. mit Notepad, erstellt und folgender Text eingefügt werden:

CLASS MACHINE
CATEGORY !!FCSCategory
              POLICY !!UpdateOnStartup_Name
                     KEYNAME "SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Signature Updates"
                     EXPLAIN !!UpdateOnStartup_Explain              
                     VALUENAME UpdateOnStartup
                       VALUEON NUMERIC 1
                       VALUEOFF NUMERIC 0
              END POLICY

END CATEGORY
[strings]
FCSCategory="Microsoft Forefront Client Security"
UpdateOnStartup_Name="Enable definition update on startup"
UpdateOnStartup_Explain="This setting instructs the FCS antimalware client to update definitions on startup."

Diese dann in die GPO importieren und die Settings aktivieren.

Sonst muss z.B. eine FCSUpdateOnStartup.reg Datei mit Notepad erstellt werden mit folgendem Inhalt:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Signature Updates]
"UpdateOnStartup"=dword:1

Die Regdatei dann per GPP auf die Clients verteilen oder fcslocalpolicytool.exe /i ‌policyname.reg auf den Clients ausführen.

Na dann, Viel Spass beim selber Testen!
CU

Forefront Client Security: Full Scan von Removable Drives

Hi,

Forefront Client Security führt einen Scan von Removable Drives, also z.B. USB Sticks und Festplatten aus, wenn diese angesteckt werden und auf Dateien zugegriffen wird. Leider werd bei einem Full Scan angeschlossene Geräte leider nicht mit gescannt.

Wenn man diesen Scan mit Forefront Client Security wünscht, muss man dies nach KB Artikel 971026 oder Blogartikel “Scanning removable drives” manuell einrichten per GPO oder Verteilung per Registry.

Es muss eine ADM (z.B. FCSScanRemovableDrives.adm) Datei, z.B. mit Notepad, erstellt und folgender Text eingefügt werden:

CLASS MACHINE
CATEGORY !!FCSCategory
              POLICY !!RemovableDriveScanning_Name
                     KEYNAME "SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Scan"
                     EXPLAIN !!RemovableDriveScanning_Explain
                     ;; Note that instead of disabling a disable we flip-flop the logic to make it proactive
                     VALUENAME DisableRemovableDriveScanning
                       VALUEON NUMERIC 0
                       VALUEOFF NUMERIC 1
               END POLICY
END CATEGORY

[strings]
FCSCategory="Microsoft Forefront Client Security"
RemovableDriveScanning_Name="Enabling removable drive scanning"
RemovableDriveScanning_Explain="This setting instructs the FCS antimalware client to scan removable drives during full scans" 

Diese dann in die GPO importieren und die Settings aktivieren.

Sonst muss z.B. eine FCSScanRemovableDrives.reg Datei mit Notepad erstellt werden mit folgendem Inhalt:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Scan]

"DisableRemovableDriveScanning"=dword:0

Die Regdatei dann per GPP auf die Clients verteilen oder fcslocalpolicytool.exe /i ‌policyname.reg auf den Clients ausführen.

Na dann, Viel Spass beim selber Testen!
CU

Forefront Client Security: Update und Support Windows Server 2008 R2 Server Core

Hi,

ein kleines Update KB976668 & KB976669 für Forefront Client Security bringt endlich die Unterstützung für den Windows Server 2008 R2 Core Server mit! Weiter folgende Neuerungen:

  • Adds support for running the FCS client on Windows Server 2008 R2 Core
  • Addresses a few issues you may have experienced with Forefront Client Security when running FCS on Windows Server 2008 R2 or Windows 7
  • Addresses issues found on other operating systems supported by FCS

KB976668 – Forefront Client Security anti-malware client update: December 2009

KB976669 – Forefront Client Security deployment package (1.0.1725.0): December 2009

Na dann, Viel Spass beim selber Testen!
CU