EUT on Tour

The team will be attending the Microsoft Management Summit 2010



We also have updates from Lotusphere 09, Microsoft Management Summit 08, TechEd Europe 08 and the Lotus Leadership Alliance 08


Thursday, April 22, 2010

Forefront Endpoint Protection 2010

As is becoming very routine now in these sessions, the speakers started off by extolling the virtues of the 'single pane of glass' approach to SCCM and it's components, and Forefront is no exception. Again with this product, we would be able to manage a major portion of our infrastructure seamlessly from a single user interface.

Forefront, for those not familiar, is Microsoft's answer to antivirus, malware, spyware and firewall for enterprise customers. I had my reservations, previous consumer products have been eh....not great, only offering basic protection at best. Forefront however, has been designed from the ground up to be industry class, and my first impressions are that it may well become best of breed.

Of course, being an SCCM component, deployment of policy, updates and signature files are simple and managed in the same way as any other deployment.

In terms of provisioning Forefront to an environment, Microsoft have pushed the boat out somewhat to make it an admins dream. All that is required is for the installation to be completed on a root site, and it's automatically provisioned across the hierarchy, automatically creating additionally required components such as distribution packages. Another good feature is that when deployed to clients, Forefront will (again!) automatically remove/uninstall and other protection software you have installed, although I'm guessing our heavily scripted installations may cause it some issues.

Some of the other benefits mentioned were:

• Protects clients without complexity
• Admin control of protection level
• Protects apps, file systems and network layers
• Template driven policy creation
• SCCM distribution
• Option to control via legacy group policy if required
• Ability to limit the clients apps CPU utilisation of the PC, so as not to slow down the users during mandatory scans
• By leveraging SCCM and WOL (Wake up on LAN), updating and scans can be scheduled out of hours
• Centralised monitoring, alerting and reporting on protection levels, signature and update compliance across the environment via SCCM
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)