Today we announce Microsoft Forefront Endpoint Protection (FEP) 2010 release candidate (RC) to the public. For us, the FEP team, it is an exciting date which takes us closer to the Release to Manufacture date. For every product team in MS the RTM date marks the ends of a very long path of product development. Please, go ahead and download the release candidate. We are looking for your feedback!
The release candidate has several improvements over the beta we release in July. In this blog post and the several posts that would be published in the next few days, we will describe these improvements in detail.
One of the exciting new features in FEP is FEP support for the data center. We are proud to introduce 3 new features: (i) a set of predefined policies for common server workloads (ii) FEP Security Management Pack, and (ii) group policy support for the FEP client.
One of the major pains we heard from administrators over the years is the difficulty of configuring servers such that they are both secured and highly available. To address this pain, FEP 2010 includes a set of pre-defined security policies for 15 server workloads. For each workload, the policy contains unique settings customized for the workload. For example, the predefined policy for SQL Server contains a list of SQL processes that should be excluded from real time protection, otherwise SQL performance could be significantly degraded.
The predefined policies are built based on the knowledge of security experts across Microsoft and performance experts from the various workload teams. For example, the SQL pre-defined policy was reviewed by the SQL team, and even run on the SQL performance lab to ensure that the recommended policy does not impose significant performance overhead. Using these predefined policies, administrators can easily deploy endpoint security to the organization’s servers, using the FEP console within the Configuration Manager console (Figure 1). Please, go ahead and deploy the policies and send us suggestions for improvement (via the FEP forum).
Figure 1: The FEP New Policy Wizard. The administrator can easily choose a pre-defined policy for more than 15 server workloads.
Many server administrators told us that their preferred monitoring tool is System Center Operations Manager. Hence, the FEP 2010 RC also includes the FEP 2010 Security Management Pack. This is standard management pack that can be imported to Operations Manager 2007 R2 and to be used for real time monitoring, alerting, and remediation of security incidents generated by the FEP client.
The FEP 2010 Security Management Pack serves two goals. First, organizations that use Operations Manager to monitor servers can now use their preferred tool also for security monitoring. Second, for organizations that require guaranteed real time monitoring for their critical systems, like servers, the management pack uses Operations Manager real-time capabilities to ensure real-time reporting.
Besides real-time monitoring and alerting, the FEP 2010 Security Management Pack includes a cool reporting feature. If you install Operations Manager Reporting Services, you can install also the FEP 2010 Security Reporting MP (included with the FEP Security Management Pack download). Once installed, you can use Excel to connect to the Operations Manager DB and generate your own custom reports. Really cool, try it ('fep2010 security mp.msi' on the download page) !
From the early days of Forefront Client Security, we’ve heard customers asking to manage endpoint protection using Group Policy. In FEP 2010 RC, we enable this feature.
The FEP 2010 RC provides the following support for group policy management
Figure 2: The Forefront Endpoint Protection 2010 Group Policy tool enables administrators to translate FEP policies to group policies.
So, it is time for you to try the FEP RC version, and it is time for us to get back to work and to release the RTM version.
Senior Program Manager
Will the RC release be upgradable to RTM on release?
Thanks for your question. The answer is that we don’t support full upgrade from RC (Eval) to RTM (Licensed), but we will provide guidance/process for how to move from one to the other.
It would appear the policies exported from the Beta don't import in to the RC version?
Error Root Element is missing.
Would that be expected behavior going from rc to rtm?