View
215
Download
1
Category
Tags:
Preview:
Citation preview
• Forefront Client Security (FCS) in the enterprise
• Deploying FCS policy
• FCS monitoring features
What Will We Cover?
Level 200
• Familiarity with Microsoft Operations Manager (MOM)
• Experience with network security
Helpful Experience
Guidance
Developer Tools
SystemsManagementActive Directory Active Directory
Federation Services Federation Services (ADFS)(ADFS)
Identity
Management
Content
Services
Client and Server OS
Server Applicatio
ns
Edge
Network Access Protection (NAP)
A Comprehensive Security Solution
Unified malware protection for business
desktop computers, mobile computers, and
server operating systems that is easier to
manage and control
One solution for spyware and virus protection
Built on protection technology used by millions worldwide
Effective threat response
Complements other Microsoft security products
One console for simplified security administration
Define policy to manage client protection agent settings
Deploy signatures and software faster
Integrates with your existing infrastructure
One dashboard for visibility into threats and vulnerabilities
View insightful reports
Stay informed with state assessment scans and security alerts
What FCS Does
Architectural Components and Flow
Desktop Computers, Mobile Computers and Server Operating Systems Running Microsoft Forefront Client Security
FCS Prerequisites
SQL Server 2005
SQL Server 2005 Reporting
Windows Software Update Services
Group Policy Management Console
.NET Framework 2.0
MMC 3.0
IIS 6.0
Clients running Windows 2000, Windows XP, Windows Server 2003, Windows Vista
Installed with FCS
Microsoft Operations Manager 2005 SP1
Microsoft Operations Manager Reporting
Understanding Policies
Forefront Client Security Management Console
Administrator creates & deploys policy
Group Policy Management Console
Clients
• Frequency of updates• Frequency of scans• Real time protection configuration
Configure Updates
and Scans
Customize FCS
Specify Threat
Response
• Local paths to skip when scanning• Level of local user control
• Response to specific spyware threats • Alerting settings
What Can a Policy Do?
Client (Host)
Alerting and Reporting Architecture
MOM Server SQL Server ReportingServices
System Log
MOM Agent
•Event Table
•Alerts Table
•State Table
FCS Reporting Design
Security SummaryAlert
Summary
Computer Summary
Threat Summary
State Assessment
Deployment Summary
• Apply FCS policies to organization units
• Configure appropriate alert levels
• Use reports to stay on top of threats
Session Summary
Recommended