Microsoft Front line Customer Security Vital Sending.

Uploaded on:
Category: Food / Beverages
Microsoft Cutting edge Customer Security Vital Sending Displayed by: Sway Phillips Jeff Coyne What is Front line? Microsoft's Against Infection, Hostile to Malware Arrangement Acquired by Microsoft from Sybari Programming Inc. in June 2005 Why Cutting edge? Fetched – McAfee Permit versus Microsoft Endeavor Cal
Slide 1

Microsoft Forefront Client Security Strategic Deployment Presented by: Bob Phillips Jeff Coyne

Slide 2

What is Forefront? Microsoft’s Anti-Virus, Anti-Malware Solution Purchased by Microsoft from Sybari Software Inc. in June 2005

Slide 3

Why Forefront? Taken a toll – McAfee License versus Microsoft Enterprise Cal Also incorporates Office Communications Services, SharePoint, and other programming Performance Caught more malware and infections than McAfee, including the Conflicker/DownAndUp issue Integration with Active Directory Controlled by Group Policy Objects (GPOs) and WSUS

Slide 4

Project Goals and Details Lower Cost of Virus Scanning Software Improved Detection of Malware Project Completion inside of 30 Days Project Scope 9700 Desktops and 400 Servers

Slide 5

Our Environment Physically Separate Campuses Academic and Hospital College Computing Structure Server Operating Systems Desktop Operating Systems

Slide 6

Topology Server parts Management Collection Reporting Distribution (WSUS) Database

Slide 7

Management Server Central Point to Access Reporting and Configuration Publish GPOs for Client Configuration Control Configuration and Integration Settings for the Pod

Slide 8

Collection Server MOM 2005 Collection Server Collects Events from All Machines Controls MOM Agent Configuration Database Pruning and Cleanup

Slide 9

Reporting Server SQL Reporting Services Out of Box Reports for: Malware Computer Alerts Deployment Stats Security Stats

Slide 10

Distribution Server (WSUS) Windows Server Update Services (WSUS) 3.0 SP1 Configured to Synchronize and Automatically Approve Forefront Updates Scheduled to Synchronize 24 Times per Day Microsoft apparatus accessible to synchronize just Forefront Updates

Slide 11

Database Server SQL 2005 Enterprise Clustered for Redundancy Split Databases between Clustered Virtuals

Slide 12

Preparing for Forefront Group Policy Object(s) Published from the Management Server Recommended to just distribute Forefront GPOs from Management Server During introduce, customer must have legitimate Collections Server data in the registry WSUS Server(s) with Forefront Client Security Synchronized and WSUS Groups Created Allows definition and redesign quick establishment SMS Groups and Packages Created

Slide 13

Server Considerations Exchange Server 2007, SharePoint Server, and Office Communications Server Separate Forefront items Pre-Requisites Windows Server 2000 Service Pack 4 with Rollup 1 Windows Server 2003 Service Pack 1 Supports Clustering

Slide 14

Exclusions Script to Enumerate Exclusions from McAfee Data from EPO Forefront GPOs Unable to include forms Forefront Interface Reg Hacks

Slide 15

Exclusions (Example)

Slide 16

Exclusions (Example)

Slide 17

Client Deployment Strategies SMS Preferred answer for servers Manual Script GPO WSUS Preferred answers for desktops Manually Home Use

Slide 18

Client Deployment Strategies SMS Advantages Disadvantages No client mediation obliged Reporting of fizzled PCs Controlled mass organizations Combined evacuation of McAfee Significant time speculation All customers must have SMS operators introduced Permissions based disappointment issues

Slide 19

Client Deployment Strategies WSUS Advantages Disadvantages No client intercession Controlled mass arrangements Simple to set up and utilization Reporting of fizzled PCs Client pull rather than a push Multiple issues with machines not reaching the WSUS server Does not uninstall McAfee

Slide 20

Client Deployment Strategies Manual Script Advantages detriments Immediate achievement or disappointment known Combined evacuation of McAfee Significant time venture obliged Slow Inefficient

Slide 21

Client Deployment Strategies Non-Domain Machines Created Registry Hack to Mimic Group Policy Settings All Forefront settings are situated at HKLM/Software/Policies/Microsoft/Microsoft Forefront Ran Manual Script or Manually Installed

Slide 22

Client Deployment Strategies Home Use Computer Must be Pointed to Microsoft Update Instead of Windows Update Setup with/nomom Switch Prevents requirement for Collections Server Created Package with a .hta document

Slide 23

Issues Encountered WSUS SusID Duplication Caused by non-sysprep’ed Ghosted machines Solved by uprooting registry section GPO and manual techniques McAfee Removal Stubborn or “hidden” machines Solved with EPO or option McAfee evacuation routines

Slide 24

Issues Encountered (Cont.) Non-Domain Machines Registry hack to imitate impact of GPOs Tricked machines into deduction a GPO was connected Need for Targeted WSUS Deployment Create new WSUS gathering and GPO Allowed Desktop Support Staff to dole out Forefront arrangements to a solitary OU

Slide 25

Issues Encountered (Cont.) SMS Deployment Failures for Servers Solved by pre-populating programming on machines Special discoveries for 64-bit Use of completely qualified names for source Vendor Machines and Novell Servers Unable to introduce Forefront, kept McAfee on until merchant affirms or machines are resigned

Slide 26

Issues Encountered (Cont.) Too Many Resources Used During Scans Created various Forefront GPOs Allowed us to set separate output plans Dual Core machines have all the earmarks of being unaffected Still scrutinizing and deciding precise reason

Slide 27

Benefits of Solution System State Assessment Monitoring Uncovered Dormant Problems with SMS and WSUS Duplicate SSID, degenerate establishments, irregular system issues Uncovered Rogue GPOs Machines indicating excess or obsolete WSUS servers

Slide 28

Benefits of Solution (Cont.) Reporting Console Missing patches GPO sending issues Malware and Virus issues Connectivity Information per PC/bunch/endeavor Integrated Computer Management Control through GPOs Deployment through WSUS

Slide 29

Forefront Reports

Slide 30

Forefront Reports Deployment Summary Computers History Connectivity Summary

Slide 31

What We Would Have Done Differently More Time Solution actualized inside of one month Better Enumeration of Exclusions in McAfee Script out an answer for specify registry passages Build Customized Reports Before Deployment Physical versus Virtual Servers Force WSUS as Main Deployment Method Most effective system for desktop machines

Slide 32

Plans for the Future Separate Pods for Campuses Microsoft “Stirling” Macintosh Clients

Slide 33

Thank You For Your Time Q & A .:tsli

View more...