Microsoft is providing an update on release timing for Forefront code name “Stirling,” an integrated security suite that combines the next-generation Forefront solutions for endpoint, messaging & collaboration, and network protection with a central management console.
Previously, we communicated that “Stirling” was targeted for release in the first half of this year.
So, why the delay?
We have been working closely with customers in our Technology Adoption Program to gather their feedback about how we can deliver the best experience and value with “Stirling.” One of the top customer requests was adding interoperability with third party security solutions. In response, we plan to increase our focus on one of the unique features of “Stirling”, Security Assessment Sharing (SAS.) SAS correlates security events from different Forefront products and third party solutions, enabling administrators to quickly investigate and remediate security events. We will provide information about interoperability partners in the near future.
Additionally, we are investing significantly in a behavior-based technology called Dynamic Signature Service to help deliver more comprehensive endpoint protection for zero day attacks. This will complement the "Stirling" suite's advanced heuristics, dynamic translation and real time application scanning for kernel level malware with a sophisticated approach to on-demand threat mitigation.
Stay tuned for more information about how to evaluate “Stirling” and to learn more about the benefits of an integrated security suite with third-party interoperability. Customers investing in Forefront solutions today will have an easy migration path to “Stirling.”
The Microsoft Identity and Security Team
From the Forefront Server Security blog:
Forefront Security for Office Communications Server integrates multiple antimalware engines from Microsoft and industry-leading partners to provide comprehensive protection against the latest threats. People often ask us what the big deal is about using multiple engines in our Forefront products. Well, multiple engines provide many advantages, which include:
- Increasing the chance that any single threat to your instant messaging environment will be caught.
- Providing redundancy against scan failures or defects in individual engines.
- Eliminating downtime during engines updates – if an engine goes offline for updates, the remaining engines continue to scan IM traffic.
We continually monitor antimalware engine quality and detection rates using internal and 3rd party independent testing organizations to ensure we are providing comprehensive protection for customers. Recently, we’ve worked with AVTest.org, an independent third-party testing lab, to provide insight into how different response times are between the engine set in Forefront Security for Office Communications Server and leading single-engine products.
AVTest.org tested lab response times for 244 “in the wild” viruses and variants that appeared from October-December 2008. Results were provided for the Forefront Security for Office Communications Server engine set, as well as three leading single-engine vendors. Results showed that while 169 of the viruses were proactively detected by all labs, 75 showed significant variation in detection times. For these, the Forefront Security for Office Communications Server engine set had an average detection time of less than one hour. The three competitive single-engine solutions had average detection times of 34 hours, 32 hours and 124 hours respectively. The results show that Forefront Security for Office Communications Server multi-engine solution provides much faster, more effective protection against the latest threats than single-engine vendors. Detailed data about the test is shown in the chart below:
Brita Jenquin
Sr. Product Manager
Forefront Security Products
Last week, as part of introducing the Business Ready Security strategy, we publicly released beta 2 of Forefront codename "Stirling.".
“Stirling” is an integrated security suite that delivers comprehensive protection across endpoint, application servers, and the edge. It also integrates with existing infrastructure software, such as Active Directory, System Center, and Network Access Protection, for better protection and reduced complexity.
Go here to download and evaluate with trial software or pre-configured virtual machines. Below is a video demo worth watching, too. Stay tuned for more info on "Stirling," such as the Security Assessment Sharing capabilities that enable interoperability with partner solutions.
Hi all – Doug Leland here, general manager of the Identity and Security Business Group. Today at the Microsoft Management Summit vice president Bob Kelly spoke about cloud computing. He outlined Microsoft’s investments and provided guidance to help customers understand their options as they incorporate the cloud into their future plans, whether it is through “private clouds,” “public clouds,” or a combination. You can read an article about this and view the keynote or a related webcast on-demand.
I wanted to provide some additional information about our efforts to help customers maintain security with cloud infrastructure.
As part of our Business Ready Security strategy, we are taking a comprehensive approach to security across on-site and cloud infrastructure. This encompasses protection, access and management, all built around user identity and integrated with a highly secure, interoperable platform for a broad set of partner solutions.
Identity is a core part of our strategy, because it allows for more contextual protection and access to information and resources. With our Forefront platform, on-premise identities, such as those in Active Directory, work with cloud services. That enables simplified, secure user access to applications, such as Exchange, regardless of where the application is hosted.
Forefront's identity provisioning/de-provisioning and access management empower customers to integrate their investments in Active Directory and existing identities with cloud infrastructure. And, with solutions like Rights Management Services, in the future customers will be able to enforce persistent, identity-based policies around data anywhere it is stored, sent, or accessed - including the cloud.
We are delivering both standalone security services and security technologies within Microsoft’s cloud infrastructure. Forefront Online Security for Exchange is an example of a standalone service solution, providing email security for both on premise Exchange Server and Exchange Online (and other on-premise messaging systems.) Another example is System Center Online Desktop Manager, introduced today and available in beta by the end of the year. It is an integrated security and management tool that will provide desktop management capabilities in the form of an online service.
We are also providing fundamental identity components for Microsoft cloud services, such as the Azure Services Platform. The Microsoft Services Connector, for example, extends identities from on premises systems to cloud services. The .Net Access Control Service issues and manages identity “claims.” Both are based on “Geneva,” an open platform for simplified user access that works across organization boundaries for on-premise and cloud-based applications. Beta 2 of “Geneva” will be available soon.
I hope this information is helpful. Let us know if you have questions or comments.
Doug
One of the news items we announced with the April 16 introduction of the Business Ready Security strategy was the update/renaming of Exchange Hosted Filtering. The service is now called Forefront Online Security for Exchange (FOSE.) It is the first Forefront Online service, providing protection of inbound and outbound email - including Exhange and other solutions - from spam, viruses, phishing and email policy violation. The FOSE service level agreements include Five 9s uptime, email delivery of < 1 minute, 100% protection vs. known email viruses, capture of 98% of all inbound spam and less than 1 in 250k false positives.
FOSE received a lot of press attention with our announcement prior to the RSA Conference, such as this article on CNET.
Below is a diagram of the service.