This week in New Orleans Microsoft is hosting its annual Worldwide Partner Conference. We made several announcements today at the conference about our identity and security solutions. This news is part of our Business Ready Security strategy to help both partners and customers 1) protect everywhere and access anywhere, 2) integrate and extend security across the enterprise, and 3) simplify the security experience and manage compliance
Official names and pricing for “Stirling”
Forefront codename “Stirling” - the next generation of the Forefront Security Suite for integrated, comprehensive protection across endpoints, servers and the edge – will be officially known as Forefront Protection Suite (FPS).
FPS will include the products in the current suite, plus the Forefront Protection Manager (formerly known as the “Stirling” management console) and the Forefront Threat Management Gateway Web Security Service.
FPS pricing will remain the same as the current Forefront Security Suite and all of the component solutions will continue to be licensed on a subscription basis. They will also be available independently, with Forefront Protection Manager included. (Note that the Forefront Threat Management Gateway license is sold separately on a per processor basis.)
At WPC we are also announcing the following new product solution names:
· Forefront Endpoint Protection 2010 - current version is Forefront Client Security
· Forefront Protection 2010 for Exchange Server - current version is Forefront Security for Exchange Server
· Forefront Protection 2010 for SharePoint - current version is Forefront Security for SharePoint
· Forefront Online Protection for Exchange - currently called Forefront Online Security for Exchange
· Forefront Threat Management Gateway Web Security Service - the next generation of ISA Server 2006.
The new FPS solutions are currently in beta and final versions will ship over the course of the latter half of 2009 and the first half of 2010.
Public beta 2 of Forefront Unified Access Gateway
Forefront Unified Access Gateway beta 2 is available for download at www.microsoft.com/forefront. UAG provides secure, virtually anywhere access to messaging, collaboration and other applications, increasing productivity and policy compliance. UAG also extends the benefits of Windows DirectAccess across the enterprise, enhancing scalability, deployment and management.
Official name for “Geneva”
The three components of Microsoft “Geneva” – the upcoming open platform providing simplified user access and single sign-on for cloud and on-premises applications – have the following names:
· Active Directory Federation Services – formerly known as “Geneva” Server
· Windows Identity Foundation – formerly known as “Geneva” Framework
· Windows Cardspace – same as current version
At WPC partners will learn about how the solutions above offer tremendous opportunity to better meet the identity and security needs of customers...and to build their own businesses. Since announcing a $75 million investment in our partner ecosystem at WPC last year, we have seen very strong partner development and growth.
For example, we have seen a 50% increase in participation in the Security Software Advisors (SSA) program, which offers fees to partners who influence deployment. The Security Solutions Competency, which enables partners to differentiate themselves as experts, is one of the fastest growing competencies in Microsoft’s history and in the last year grew 46% in participation. This year we anticipate quadrupling the number of identity and security partners we support with training, marketing and customer engagement.
Microsoft has become aware of two interrelated issues affecting a Manual Scan in Forefront Security for SharePoint.
The first issue is a memory leak which occurs when Keyword Filtering is enabled. In all versions of Forefront Security for SharePoint prior to Service Pack 3, whether you have Keyword Lists created or not, you may experience this issue. If, however, you have Forefront Security for SharePoint with Service Pack 3 installed (released 7/1/2009), this issue will only occur if you have Keyword Lists created. If you do not have any Keyword Lists, even if Keyword Filtering is enabled for Manual Scan, you will not experience the leak. Real-time scanning is not affected by this issue.
The second issue may occur as a result of the first. After a period of time the memory leak can cause memory allocations to fail. If these failures occur repeatedly in a specific way, it causes Forefront Security for SharePoint to incorrectly determine a valid document as “exceedingly nested”. Every file that is scanned and determined to be exceedingly nested will be deleted and the contents replaced with standard deletion text.
Microsoft is actively working toward a resolution for these issues. An update will posted as soon as more information becomes available. In the meantime, we recommend that any customers using Forefront Security for SharePoint that run a Manual Scan disable Keyword filtering for Manual Scanning (for more information on configuring the Manual Scan job, see "Running the Manual Scan Job" in the FSSP User Guide http://technet.microsoft.com/en-us/library/bb795164.aspx). This is extremely important, as manual scanning of your entire document library opens the potential of losing any document content incorrectly identified as “exceedingly nested”. Please note that, by default, Keyword Filtering is enabled for the Manual Scan job.
Today we posted a white paper about the Microsoft antimalware engine strategy and changes beginning December 1, 2009. A summary is below - read the full document for a complete overview.
Forefront server security products - such as Forefront Secrurity for Exchange, Forefront Security for Sharepoint and Forefront Security for Office Communications Server incorporate a multi-engine strategy, using both Microsoft and industry-leading security partner technology to consistently drive high detection rates. They also include an advanced multiple engine manager that allows customers to concurrently configure up to five engines. Using multiple scanning engines delivers several critical advantages:
Tests performed quarterly by the independent AV-Test.org group have shown that the multi-engine set for Forefront security products rates highest in response times for “in the wild” viruses and variants. We have found that having multiple engines consistently provides the highest detection rates against the competition with average response time of 3-6 hours for new viruses versus competitive single-engine solutions average response times are more than 2-9 days (as noted in recent AV-Test.org data.)
In order to further develop stronger technology relationships with our antimalware partners and ensure continued customer value for the longer term, we are standardizing on a set of five antimalware engines moving forward. We are confident that this solution will continue to provide equal or better detection rates and response times than the industry’s other leading solutions.
What does this mean for Microsoft and its customers? The current and next generation of Forefront server security products, including Antigen, will include five antimalware engines as part of an ongoing strategy to maximize and maintain our malware detection advantages, as well as make investments in other areas that will increase overall protection for our customers.
Customers will be able to take advantage of these new enhancements and engine changes after deploying the Antigen and Forefront service packs released on July 1, 2009. These service packs will allow customers to move to the new set of five engines as well as additional engine changes that Microsoft may release after December 1, 2009.