Here’s a FCS Best Practice from the Engineering team for those of you that have deployed or will deploy multiple FCS deployments across an enterprise.
Best Practice: As indicated in the FCS v1.0 Release Notes, each FCS deployment should be given a unique Management Group name during FCS Server setup.
We would like to hear from customers who have multiple FCS deployments with identical Management Group names by emailing email@example.com
To find the FCS Management Group name:
1. At the Management Role machine for a given deployment:
a. Click StartàAll ProgramsàMicrosoft Operations Manager 2005àAdministrator Console.
b. In the MOM Administrator Console, click on Console RootàMicrosoft Operations Manager(<servername>) and record the name of the Management Group in the main window.
c. Repeat for the next FCS deployment.
2. If you find any identical names, let us know!
Forefront Client Security
My name is Adrienne Wu, and I’m a Program Manager on the Forefront Client Security (FCS) team. When I first started here at Microsoft, I was an intern and I worked on the early planning for what would eventually become Security State Assessment, or SSA. When I returned as a full-time employee, I continued this work, only instead of a plan, it had become a reality!
Today is an interesting day for me; it is the day our original goal for SSA will truly be realized.
With SSA, we wanted to provide visibility into critical vulnerabilities and configuration exposures on managed computers, enabling our customers to focus critical IT resources on the right security issues. Our solution was to include an SSA agent to scan and report on the security state of a computer, with security checks driving evaluations.
We achieved this goal, and Forefront Client Security 1.0 shipped with some great checks out of the box.
But we also wanted to be able to provide new checks, so that we could continue to extend, over time, the vulnerability coverage provided by SSA. We decided to implement our checks using a definitions file, which could be published to Microsoft Update, and downloaded much like antimalware signatures.
Today, we’ve published our first new check using this channel.
The Unapproved Updates check determines whether there are any missing Microsoft security updates that have not yet been approved. The Security Updates check, which is already included in SSA, scans for missing updates available through the default service registered with Automatic Update. For example, updates approved on WSUS.
The Unapproved Updates check scans against Microsoft Update, and determines if there are any missing updates that are available, but not approved for download. The score from this check doesn’t contribute to the number of computers reporting critical issues in the FCS console, but the results will show up in reports, and administrators can see how many computers are vulnerable while a required security update undergoes their company’s approval process.
So if you’re using Forefront Client Security, take a look at your Deployment Summary. You should see your managed clients updating to vulnerability definition version 1.0.1709.0. The definition download should also be appearing on your WSUS server. In your Security State Assessment Summary report, you should start to see results from the Unapproved Updates check.
You can learn more about the check in our Technical Reference on the Forefront Client Security TechCenter.
We’ll have more checks to come, and I hope you’ll be as excited as we are to see new checks coming down from MU!
Microsoft Forefront Client Security
And I am fully recovered. In case you have never been to TechEd, it is one of the premiere learning events in the technical world. And an exercise in:
TechEd 2007 was in Orlando, Florida this year, at the Orange County Convention Center. The OCCC is one of the largest convention centers in the world, and if you attended TechEd this year, you felt every foot of it. J We were lucky to have wonderful weather this year as well, punctuated with some typical afternoon Florida rainfall.
Our product team had a WONDERFUL debut at our first TechEd. Sessions were full, and the Technical Learning Centre (TLC) area sessions were standing room only. Our Hands on Labs got great satisfaction scores – we’re really glad you liked them.
Thanks to everyone for stopping by and asking very thoughtful and interesting questions. One of the best things about TechEd is the personal interaction we get to have with customers. We love to hear from you, and TechEd is a great arena for one on one interaction with product teams. We loved the excitement and interest you showed when stopping by the booth.
Some frequently occurring quick questions:
Those are some of the most frequent questions we fielded. If you have any other questions, please visit our newsgroups (http://forums.microsoft.com/ForeFront/default.aspx?ForumGroupID=309&SiteID=41) – we read and answer the questions here on a regular basis.
I have been to many, many TechEds, but this was my first as a Microsoft employee. I have to say – this was the best TechEd for me, because this time, when I spoke to fellow attendees, the feedback I received had more meaning!
Hello Folks – well it’s been a while since there has been a post to this blog. The past few months have been pretty busy for the team as we’ve been heads down with shipping the product.
As you may have heard, we officially announced the release of Forefront Client Security (FCS) on May 2nd at the Forefront + System Center launch in Beverly Hills. This was a great event and an exciting day for the team. After a lot of hard work and effort, we’re very happy to be releasing the product to the world.
I was fortunate to be able to attend the launch event– hopefully there are some readers who were also able to be there. It was great to be able to meet with so many folks, talk about the product, answer questions and hear feedback. For those who are interested, you can view the keynote as well as the drill-down presentations (including the one on Forefront Client Security I did with Brendan and Josue) at http://www.microsoft.com/infrastructure/virtualevent.mspx.
I’d encourage anyone who is interested in learning more about the product to visit http://www.microsoft.com/forefront/clientsecurity/default.mspx. From this site you can find a lot more information as well as download the evaluation edition, which will let you try out the product for 120 days.
I do want to take a moment to publicly thank all of the folks who participated in the beta and early adopter programs for FCS. You provided a lot of valuable feedback and we could not have shipped the product without your input. Moving forward I’d like to encourage everyone to continue to provide that feedback to us – tell us what you like, what you don’t like, and suggestions for how we can make the product even better moving forward. You can post comments directly to the blog or check out the FCS web forums at http://forums.microsoft.com/ForeFront/default.aspx?ForumGroupID=309&SiteID=41 – this is also a great place to ask questions and find answers.
Product Unit Manager
My name is Kim and I’m a Technical Writer here at Microsoft for Forefront Client Security. I’m a recent hire to the team – before I came here I was an independent consultant in the ITPro arena and a Microsoft Certified Trainer. My recent firsthand experiences of installing and configuring various items (including many varieties of AV software) made me acutely aware that troubleshooting guides are a must have. Troubleshooting can be one of the most frustrating experiences when installing, configuring, and using software, and a good troubleshooting guide is invaluable when there is a need to fix something.
Working with the product team and support personnel, I’ve written a brief Troubleshooting Guide for the Client Security public beta. This is a first run at this topic, and content in it will evolve and grow as Client Security nears launch, and beyond.It is my goal to maintain this document with the most up to date information possible.
We welcome your feedback on all our documentation – tell us how we’re doing! Please send feedback for the Troubleshooting Guide or any of the Client Security documentation to firstname.lastname@example.org with the subject of “Microsoft Forefront Client Security Feedback: “ and the title of the guide.