Hello everyone,
The Microsoft Forefront team is currently conducting a survey and would like to hear your opinions about email security, especially how you use email security solutions in your organization. We would appreciate it if you would take the time to respond to this survey. This information will help us improve Forefront Protection for Exchange.
Please consider taking a few minutes at this time to complete the survey. This survey should take about 10 -15 minutes to complete.
To participate, please click here.
Carolyn LiuSenior Program Manager, Forefront Server Protection
We would like to announce that the Forefront Protection Server Management Console 2010 (FPSMC) is currently scheduled to be available as a free download on December 17, 2010. Using a browser-based user interface, FPSMC allows administrators to centrally manage deployments of Forefront Protection 2010 for Exchange Server and Forefront Protection 2010 for SharePoint within their enterprise.
For more information on FPSMC, please see our previous update:
http://blogs.technet.com/b/fss/archive/2010/10/25/forefront-protection-server-management-console-2010-update.aspx
Andrew Schiano
Software Development Engineer in Test
On behalf of the Security team at Microsoft, I am please to announce the release of Hotfix Rollup 2 for Microsoft's Forefront Security for Office Communications Server.
On December 15th, Microsoft shipped Hotfix Rollup 2 for Forefront Security for Office Communications Server (FSOCS) to provide a series of product enhancements and new features.
For a complete list of the new features and enhancements included in this rollup, along with directions for download, please see the following Knowledge Base article: http://support.microsoft.com/kb/2482040
As the installer runs, server service restarts may be necessary, so please plan accordingly when applying this Hotfix Rollup.
Regards,
Robert McCarthy
CSS Microsoft Security
Forefront Security for SharePoint (FSSP) includes a number of registry settings that control most of the configuration settings. The charts below provide information about the various settings.
· The first table gives information about several registry settings that are recommended and/or frequently used to improve FSSP’s performance.
· The second table gives information about registry settings related to blocking unwanted files.
· The third table gives information about registry settings used to set file size limits.
· The fourth table gives information about registry settings used to control the actions FSSP takes when infected files are detected.
Please Note: You should only make changes to registry settings if you are comfortable working in the registry. If you are uncertain, you should open a support case for assistance.
Recommended settings to maximize performance
Settings
Recommendation
Description
SumInternalSizesOfCompressedArchive DWORD set to 1
MaxUnCompressedFileSize (Default 100MB, represented in the registry as 100,000,000 decimal.)
DeleteCorruptedCompressedFiles Set to ON
Recommended
A combination of these three settings will allow compressed files that expand to less than 100 MB to be scanned, while ensuring that those that expand to over 100 MB are blocked.
SkipLargeCompressedFileDeletion DWORD set to 1
User discretion. Enabling this setting will allow large compressed files to bypass antimalware scanning. This will improve server performance, but it will reduce security.
By default this option is off (0). If set to on (1), then compressed files that expand to over 100MB will be bypassed instead of being blocked.
RecycleSPScanJobs DWORD set to 345,600 (decimal)
In the event that the scan process has leaked any memory or resources, we recommend restarting scan processes every 4 days. The restart will reclaim any lost resources. Recycle Forefront scan processes every 4 days (345,600 seconds equals 96 hours equals 4 days)
DeleteCorruptedCompressedFiles
Interim workaround: to be used only if necessary.
In Service Pack 3, compressed files should only be reported as corrupted compressed if they are truly corrupted. If for some reason files are mistakenly identified as corrupted compressed, the workaround is to set this setting to 0 (zero), which is OFF. After changing this setting, it is a good idea to contact support for help diagnosing the root cause of the problem.
ActionOnEngineError
In Service Pack 3, all known engine errors are resolved. In the event of these errors, the workaround is to set ActionOnEngineError to 0 (zero), which is “Ignore”. Other possible settings are 1 (detect/skip) and 2 (delete). After changing this setting, it is a good idea to contact support for help diagnosing the root cause of the problem.
This section details the various settings that FSSP uses to block specific files. This section is provided as a quick reference on how to configure FSSP to bypass these settings in the event of unexpected behavior. It is not recommended that you make any changes to these settings unless you are experiencing a particular problem that is leading to detections that you think are in error.
Forefront detection
What does this mean
How to set to skip detect
CorruptedCompressedFile
FSSP does not fully understand how to parse a container file.
Uncheck “Block/Delete Corrupted Compressed files” in the General Options work pane.
CorruptedCompressedUuencodeFile
FSSP does not fully understand how to parse a UUENCODE file.
Uncheck “Block/Delete Corrupted Compressed Uuencode files” in the General Options work pane.
UnwritableCompressedFile
FSSP encounters an error updating a container file.
This error will only occur when FSSP is updating a container file. There is no need to set this to Skip/Detect because FSSP was going to update the contents of a file, but instead FSSP will block the file.
UnreadableCompressedFile
A specific read error condition when reading a container file
Highly Compressed Files
There are two categories of highly compressed files:
1) Highly compressed formats that FSSP is aware of, but is unable to parse.
2) Highly compressed formats that FSSP is unaware of.
In either case, FSSP does not understand the compression algorithm used in a container file.
Case 1: Uncheck “Treat Zip archives containing highly compressed files as Corrupted Compressed” in the General Options work pane.
Case 2: These files are always reported as CorruptedCompressed. Uncheck “Block/Delete Corrupted Compressed files” in the General Options work pane.
Multipart RAR files
RAR files that are split across multiple archives cannot be scanned by FSSP.
Uncheck “Treat multipast RAR archives as Corrupted compressed” in the General Options work pane.
Concatenated Gzip files
FSSP cannot completely scan concatenated Gzip files.
Uncheck “Treat concatenated gzips as corrupted compressed” in the General Options work pane.
EncryptedCompressedFile
FSSP cannot scan a container file because it is password protected.
Uncheck “Block/Delete Encrypted Compressed files” in the General Options work pane.
EngineError, EngineExceptionError, EngineLoopingError
A third-party engine encountered an error scanning a file, or in the case of a looping error, has exceeded the maximum number of reads imposed by FSSP.
Set the DWORD registry key named “ActionOnEngineError” to 0 (zero).
ScanTimeExceeded
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.) It indicates that FSSP has exceeded the number of milliseconds in the MaxContainerScanTime registry key when scanning a container file.
There is no way to configure FSSP to ignore a compressed file that is taking too long to scan, but FSSP can be configured to avoid this error by increasing MaxContainerScanTime to a maximum value of 0x7FFFFFFF. As long as MaxContainerScanTime is longer than the SharePoint timeout value, this error will never occur. If a compressed file takes a long time to scan, then FSSP will return “ExceededRealtimeTimeout” during the scan.
ExceededRealtimeTimeout
Indicates that FSSP has timed out while scanning a file. The time limit is specified in the SharePoint administrator console.
Create a DWROD registry key named “UploadDocNoTimeout” and set it to 1. If you set this key, files that would have been blocked by a timeout will instead be uploaded without being scanned.
Sharepoint timeout
Indicates SharePoint has timed out waiting for FSSP to scan a file. In this case, SharePoint kills the thread in the w3wp.exe process that originated the scanning request. The user’s http request will fail. The user will have to resubmit a duplicate http request to recover.
n/a
Currently there is no way to set FSSP to skip these limit checks, but the limits can be increased if necessary. If a file exceeds these limits, then the file will be blocked.
ExceedinglyCompressedSize
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.). It indicates that one of the compressed files within a container file has a compressed file size that is greater than the default value set by FSSP. The default value is 0x01312d00 (20,000,000 decimal or approximately 20 MB) and is stored in the DWORD registry key MaxCompressedArchivedFileSize. This value can be increased, but increasing it could cause Denial of Service attacks, more timeouts, and/or performance issues.
SkipLargeCompressedFileDeletion
When set to 1, ExceedinglyCompressedSize errors will be ignored, effectively allowing these large files to be bypassed. The default is 0 (zero).
LargeUncompressedSize
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.). It indicates that one of the compressed files within a container file has an uncompressed file size that is greater than the default value set by FSSP. The default value is 0x05F5E100 (100,000,000 decimal or approximately 100 MB) and is stored in the DWORD registry key MaxUnCompressedFileSize. This value can be increased, but increasing it could cause Denial of Service attacks, more timeouts, and/or performance issues.
ExceedinglyNested ExceedinglyNestedFolderStructure
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.) It indicates that a container recursively nests other container files more than then maximum nesting value set by FSSP. FSSP has a default MaxNestedCompressedFile value of five, and a default MaxNestedAttachments value of 30. These values can be increased, but it recommended to limit the increases to 10 and 60 respectively. Increasing these values further could result in stack overflow crashes, Denial of Service attacks, more timeouts, and/or performance issues.
These settings control the action FSSP takes for large infected container files and exceedingly nested container files.
LargeInfectedContainerFile
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.) When this error occurs, it means FSSP was attempting to update a file within a container file, but the container file is too big. Instead of replacing one file in the container, the entire container will be replaced with deletion text.
FSSP has a default value to only clean compressed files under 25 MB, stored in the registry value MAX_COMPRESSED_FILE_SIZE. Increasing this value could cause Denial of Service attacks, more timeouts, and/or performance issues.
ExceedinglyInfected
This error occurs only on compressed files (zips, tar, gzip, uuencode, office files, etc.) When this error occurs, FSSP has detected numerous viruses within the same container file, and rather than continuing to scan this container file, the entire container file is blocked. FSSP uses a default of five, stored in the registry key MaxContainerFileInfections. Increasing this value could cause Denial of Service attacks, more timeouts, and/or performance issues.
Another important consideration when evaluating the performance of your SharePoint servers running FSSP is the impact of the antivirus scanning engines. Forefront utilizes many third-party virus scanning engines and components to provide virus and keyword filtering of the SharePoint server. The Forefront team has automated backend systems that are constantly stressing these 3rd party components to ensure that they are behaving correctly and utilizing memory as efficiently as possible. There have been incidents in the past, however, where a memory leak has been introduced through the update of one of our third-party engines. We are continually improving our back end tests to be able to detect these memory leaks before they are published.
If FSSP is unable to allocate memory while scanning a file, it currently does not differentiate between a large memory allocation that failed (because it is just too big) vs. a small allocation that failed (because a leak has consumed all usable memory). Depending on the type of file being scanned, and where in the scanning the memory allocation failure occurs, FSSP may report the problem as a “corrupted compressed” file, as an engine error, or as a scanning process exception.
A new feature has been added to FSSP SP3 to provide an additional layer of protection in the event a third-party vendor releases an update with a leak that is not detected by our back-end testing. The new feature is to periodically recycle the FSSP scanning processes in a controlled manner. This new registry key (named RecycleSPScanJobs) limits the life of our scanning processes to a finite time. By recycling the FSSP scanning processes, any leaked memory is recovered, thus reducing the probability of encountering a memory allocation failure. This feature will sequentially restart one scanning processes at a time, and the scanning load is shared among the other scanning processes during the recycle. We recommend setting this new registry key to 96 hours.
The registry key is a DWORD named “RecycleSPScanJobs” and is specified in seconds. To set this value to 96 hours, you will need to create the key and enter a value of 345,600 (which is 60 seconds * 60 minutes * 24 hours * 4 days). This will cause Forefront to reset its scanning processes every 4 days.
John Oesterle Senior Development Lead
Michel LaFantano Senior Writer - BPSG iX
On behalf of the security team at Microsoft, I am pleased to announce the release of Hotfix Rollup 1 for Microsoft Forefront Protection 2010 for SharePoint.
On January 17th Microsoft shipped Hotfix Rollup 1 for Forefront Protection 2010 for SharePoint (FPSP) to provide a series of product enhancements and new features. For a complete list of the new features and enhancements included in this rollup, along with directions for download, please see the Knowledge Base article: Description of Hotfix Rollup 1 for Forefront Protection for SharePoint
As the installer runs, Server service restarts may be necessary, so please plan accordingly when applying this hotfix rollup.
Rob McCarthy, Sr. Support Engineer
As of January 18, 2011, Microsoft will be signing antivirus engines used by Antigen with a new certificate in order to continue to ensure secure and reliable virus-engine updates. This will require a new certificate implementation on any Windows 2000 server running Antigen 9.0.
Please see the following Knowledge Base article for clear and detailed instructions on implementing this new certificate: As of 18th January 2011, a new certificate is required to continue updating virus engines for Antigen 9 installed on Windows Server 2000
Hi All,
Just wanted to call to your attention that Wikipedia entries have been posted for the following Microsoft Forefront products:
Feel free to improve and expand upon this content.
Thanks,Scott FlomanTechnical Writer – Forefront for Office
On behalf of the security team at Microsoft, I am pleased to announce the release of Hotfix Rollup 3 for Microsoft Forefront Security for Office Communications Server.
On April 18th Microsoft shipped Hotfix Rollup 3 for Microsoft Forefront Security for Office Communications Server (FSOCS) to provide a series of product enhancements. For a complete list of the enhancements included in this rollup, along with directions for download, please see our Knowledge Base article: Description of Hotfix Rollup 3 for Microsoft Forefront Security for Office Communications Server.
As the installer runs, server service restarts may be necessary, so please plan accordingly when applying this hotfix rollup.
To support the release of Forefront Protection 2010 for SharePoint (FPSP), we have updated all of the FPSP product documentation, which can be found on TechNet at: http://go.microsoft.com/fwlink/?LinkID=111584.
In addition to the general updates to the content, we have added several new documentation topics. These include:
Take a look and also let us know if there is documentation you would like to see created or enhanced. You can leave comments here on the blog or use the "Feedback" tool included on each TechNet topic.
Also, for more information about all of our documentation offerings, check out this recent blog article about using our help docs: http://blogs.technet.com/fss/archive/2010/04/16/how-to-use-forefront-server-protection-documentation.aspx
Michel LaFantanoBPSG Information Experience (iX) Team
Hello.
My name is Frank Trujillo, and I want to inform everyone that the Forefront Protection 2010 for Exchange Server (FPE) capacity planning tool is now available. As in the previous version of the tool, it is Excel-based and provides a workflow that makes hardware recommendations based on your preferred security configuration and desired environment.
The tool has been revised to align with the capacity planning guidance for Exchange Server 2010. In addition, we have added a few key options for FPE configuration that impact performance. These show up in the tool as different levels of keyword filtering, file filtering, and engine and performance settings – previously referred to as “bias” settings. We now support 4 core server configurations as well as 8 core server configurations with a couple of different scanning process configurations.
We have also introduced relative performance graphs to understand the performance impact of virtualized environments and various operating system and Exchange version combinations. This can be viewed in the Comparative Performance tab in the tool.
Finally, we changed how we communicate information in the graphs associated with the existing environments. Now each of the data streams end based on the maximum capacity of that configuration. As an example, for an Enterprise Reference Architecture (ERA), the maximum supported incoming message rate on an Edge Server with 4 cores and 4 scan processes, using a subset of 5 engines, is approximately 22 messages per second; where the maximum message rate for the same server configuration based on a dynamic subset of 5 engines is 34 messages per second.
The testing methodology for the product has also been slightly modified. A represented set of messages was created based on data from different customer verticals and then combined to create a near worse-case message mix that would generate the most tax on the deployed system. Actual 4 core and 8 core servers were leveraged in the targeted deployment architecture where the measurements were obtained.
You can download a free copy of the FSE capacity planning tool at the following URL:
http://go.microsoft.com/fwlink/?LinkId=191021.
After downloading the tool, you should first read the Directions and Readme tabs for complete information on using the tool. A Resources tab is also provided with links to obtain additional data to help make an informed decision during the planning stage.
Please keep in mind, however, that the FPE tool is not a replacement for thorough Exchange capacity planning. The expectation is that the deployment architecture adheres to the Exchange Server 2007 capacity planning guidelines.
Feedback or enhancement requests about the tool are appreciated. You can send comments directly to frankt@microsoft.com.
Thanks for reading.
Frank Trujillo Senior Program Manager - Forefront
Last week, the Forefront Server Protection team had two releases of note for our Best Practices Analyzer (BPA). A BPA from Microsoft is generally released alongside server software to help you ensure that you configure the software properly. When we released FPSP earlier this month, we also released a BPA to accompany it. Our BPA needs to be installed on the server that is running FPSP, and then you can access it as a separate program. (The BPA will *never* change configuration on a running server; it is a tool to help you check for specific best practices.) You can grab the new FPSP BPA here.
In our second release, we have also published an updated set of best practices for the FPE 2010 BPA, originally released last December. Our BPA tools have an optional setting that allows them to connect to the Microsoft Download Center in order to download updated sets of best practices. If you had already downloaded the FPE BPA, we recommend that you run a rules update to make sure to get these new best practices rules. Or, you can just download the full installer here. (Currently, the only way to move the new best practices rules to a machine that cannot connect to the internet is to download the .msi installer and reinstall.)
Lastly, a BPA is only as useful as the documentation explaining each best practice, as well as when and how to conform to that best practice. This documentation is included as a help file within each BPA.
Enjoy! And remember – best practices are a living set of rules. We continually take feedback from our support engineers in order to update our best practices. So if you have any questions or complaints, please let us know.
Danny PopperProgram Manager, Forefront Server Protection
Hi, my name is Scott Floman and I’m a technical writer in the Forefront server protection Information Experience (iX) group. We recently released Forefront Protection 2010 for SharePoint (FPSP) and I want to let you know about several whitepapers that were written about FPSP. These whitepapers are available at the following URL:
http://www.microsoft.com/forefront/protection-for-sharepoint/en/us/white-papers.aspx
Here is a brief overview of each of the new whitepapers:
Windows PowerShell Management of Forefront Protection 2010 for SharePoint—This whitepaper describes how you can access the Forefront Management Shell in order to enter FPSP Windows PowerShell commands. Windows PowerShell is command-line shell and task-based scripting technology that enables the automation of system administration tasks. This whitepaper presents an overview of how to use the Forefront Management Shell, describes the various FPSP commands (or cmdlets), and provides sample scripts for programmatically automating specific tasks. It also shows how Windows PowerShell can be used to export and import configuration settings to aid in multi-server management.
Monitoring Forefront Protection 2010 for SharePoint—This whitepaper describes the available monitoring tools for isolating and investigating operational issues in FPSP. In the FPSP Administrator Console, the Dashboard provides health monitoring reports and statistics about your FPSP environment. Incidents and quarantined items logged are also reported upon, and e-mail notifications are available to alert administrators about FPSP activity. There are several additional monitoring tools you can also use that are described in this whitepaper, including Windows Performance Monitor, System Center Operations Manager 2007 Management Pack, Best Practices Analyzer, Event Viewer, and Task Manager.
SharePoint Scanning and Integration with Forefront Protection 2010 for SharePoint—This whitepaper explains FPSP’s integration with SharePoint as well as details around each of the integration points. It contains architecture diagrams as well as information about FPE and SharePoint configuration settings.
Other good resources for obtaining documentation or technical information about FPSP are:
There are other Microsoft forums, blogs, and online technology sites that might prove useful as well; for more information, read this blog article:
http://blogs.technet.com/fss/archive/2009/03/10/other-blogs-and-content-of-interest-for-fss-users.aspx
Hello Everyone-
As you know, the Forefront team released Forefront Protection 2010 for SharePoint (FPSP) at the beginning of May. (You can read about the release here: http://blogs.technet.com/b/fss/archive/2010/05/04/forefront-protection-2010-for-sharepoint-launches.aspx)
A member of our Development team recently released a video that gives an overview of the new FPSP release and a demo of some of its main features. Check it out here:
http://edge.technet.com/Media/Forefront-Protection-2010-for-SharePoint-demo-and-interview/
Enjoy, and please send us feedback or questions through the Comments tool at the bottom of this article or by sending an e-mail using the Email Blog Author option in the Options section of our blog.
Michel LaFantanoTechnical Writer - BPSG iX Team
Hey everyone,
Mitch Hall, who is a Program Manager on the Forefront Protection 2010 for SharePoint (FPSP) team, recently did a presentation about the newly released FPSP product. His presentation provides an in-depth discussion of FPSP and an great product demo.
You can watch his presentation here:
What is New in Forefront Protection 2010 for SharePoint?
Michel LaFantano
Technical Writer - BPSG iX Team
Hey Everyone-
If you are looking for a tutorial on how to install Forefront Protection 2010 for Exchange Server (FPE) on an Exchange server, look no further. The Forefront Server Protection Information Experience (iX) team recently created two videos that guide you through a basic install and post-install verification.
The first video titled “Installing Microsoft Forefront Protection 2010 for Exchange Server” gives you easy step-by-step instructions on how to quickly install the product.
The companion video titled “Verifying Your Microsoft Forefront Protection 2010 for Exchange Server Installation” shows you how to easily test and verify that the product is configured out-of-the-box to detect malware, spam, and other inappropriate content.
A picture is worth a thousand words, so if you don't have the time to read the documentation, start here with these great how-to videos!
Suzanne GreenbergTechnical Writer - Forefront Server Protection Team
My name is Danny Popper, and I’m a program manager with the Forefront Protection team.
One of the most invaluable tools for an administrator responsible for running server software is Microsoft System Center Operations Manager. Operations Manager is a tool that, when configured with management packs, can centrally monitor your server software and let you know as soon as a problem occurs, instead of making you keep track of each application and server separately. Especially for products, like FPE and FPSP, which are frequently installed on a large number of servers, Operations Manager can make your day much less hectic. (For the full scoop on Operations Manager, head over here for their spiel.)
When FPE shipped in November 2009, we released a management pack. We’ve heard the clamor for a similar management pack for FPSP, but we decided to wait a few weeks in order to give you all the good news at once:
· We have released a refreshed FPE management pack.
· We have released a brand new FPSP management pack.
· Both packs are available in all 11 languages in which FPE/FPSP is available. (That is: Chinese-Simplified, Chinese-Traditional, English, French, German, Italian, Japanese, Korean, Portuguese-Brazil, Russian, and Spanish.)
Besides cleaning up our health rollup and monitors and releasing language packs, our other investment for these releases was in our user guides. They are included in the links above, as well as being available in the Microsoft TechNet library (FPE and FPSP). The content has been updated and restructured for ease of use. The online user guides can tell you about how to import the management pack as well as how to enable performance threshold rules and work with management pack operations. If you want additional information about Operations Manager 2007, go to the Microsoft System Center Operations Manager TechNet library.
In addition to enhancing the management pack documentation for FPE and FPSP, we recently made additional updates to our FPE documentation in the TechNet Library. There is now a Best practices topic for FPE operations and we made many small scale changes throughout the FPE doc set, mostly as a result of CSS and customer feedback. For example, the “Important Notes” section in the FPE Release Notes was reorganized by feature so that they are easier to follow. Additional documentation updates to FPE and FPSP are scheduled for later this summer. You can access the FPE doc set, including the Operations Manager 2007 content, via the following URL: http://go.microsoft.com/fwlink/?LinkID=111583.)
One last caveat that is important to mention, though, regarding the management pack refresh for FPE, is that you will have to uninstall any previous management pack (11.0.xxx.x) before installing this one. We understand that this is not always a simple task, and that many of you have customized the management pack, but we felt that it was a necessary step in order to clean up the health rollup included in the management pack.
Enjoy the management packs!
Danny Popper
Program Manager – Forefront Server Protection
On behalf of the Forefront Server Security team at Microsoft, I am pleased to announce the release of Hotfix Rollup 2 for Microsoft Forefront Security for SharePoint Service Pack 3!
On July 20th 2010 Microsoft shipped Hotfix Rollup 2 for Microsoft Forefront Security for SharePoint Service Pack 3.
For a complete list of the new features and fixes included in this rollup along with directions for download, please see the following Knowledge Base article:
· Description of Hotfix Rollup 2 for Microsoft Forefront Security for SharePoint Service Pack 3: http://support.microsoft.com/kb/2270645
As the installer runs, server service restarts may be necessary so please plan accordingly when applying this Hotfix Rollup.
Robert McCarthyMicrosoft Security
This week we made some significant changes to the Antigen documentation that is available in the TechNet Library. We did this in order to improve your ability to find the information that is most relevant when using a search engine to find answers to your questions. Rest assured that the information isn’t gone forever, it’s merely moved to a new format on a different site.
Here’s what happened: We moved the Antigen release notes, getting started, and deployment information out of the TechNet Library and into downloadable Microsoft® Word documents on the Microsoft Download Center. When we archive 50 topics this way, these now resolve as one search hit instead of 50. That takes 49 items you probably didn’t even need out of your way.
We’ve left the Antigen user guides and best practices information right where you’re used to finding it in the TechNet Library. Additionally, the Evaluation Guide and Quick Start Guide information is all still available in the Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Enterprise Manager user guides.
Once again, here is what moved and where to find it:
Formerly a TechNet Library node
Now a download center document
Release Notes:
Microsoft Antigen for Exchange Release Notes
v9_Release_Notes.doc
Microsoft Antigen for SMTP Gateways Release Notes
v9_SMTP_Release_Notes.doc
Getting Started:
Antigen Evaluation Guide
Antigen_evalguide_archive.doc
Antigen for Exchange System Requirements
v9_Quick_Start_Guide.doc
Microsoft Antigen for SMTP Gateways System Requirements
v9_SMTP_Quick_Start.doc
Deployment:
Antigen for Exchange Quick Start Guide
Antigen for Exchange Cluster Installation Guide
v9_Ex_Cluster_Install.doc
Antigen for SMTP Gateways Quick Start Guide
Antigen Enterprise Manager Quick Start Guide
AEM_Quick_Start_Archive.doc
John AndrillaTechnical Editor, BPSG iX
Hi, my name is Suzanne Greenberg, and I am a technical writer for the Forefront Server Protection products. I want to let you know about the recent release of two tutorial videos that introduce the Forefront Protection 2010 for Exchange Server (FPE) Administrator Console.
In the first video, Noreen Lynch, Senior Development Lead, introduces the FPE administrator console, describes the various features of the new console, and shows you how to navigate through various functions for monitoring your FPE server.
You can view the video on TechNet Edge here: http://edge.technet.com/Media/Forefront-Protection-for-Exchange-Console-Overview/
The second video is a continuation of the first, and Noreen continues the tour of the FPE administrator console. In this video, she focuses on configuring various policy management and task settings.
You can view the video on TechNet Edge here: http://edge.technet.com/Media/Forefront-Protection-for-Exchange-Console-Overview-Part-2/
These tutorial videos will help you get up to speed quickly on using the FPE administrator console.
Stay tuned, because there are more FPE and Forefront Protection 2010 for SharePoint (FPSP) videos to come!
Suzanne Greenberg
Forefront Server Protection
Hey Folks-
Our local video guru, Micah LaNasa, has been hard at work creating some new Forefront Protection 2010 for Exchange Server videos to help you more easily manage FPE on your Exchange servers.
His recent offerings include:
Check them all out on TechNet Edge and be sure to let us know what you think.
Micah and other writers on our team are busy working on additional videos, so keep checking here for word of new vidoes fresh from the editing room.
Michel LaFantanoForefront Server Protection - Information Experience (iX)
Alex Nikolayev, a program manager on the Forefront Server Protection team, was recently interviewed on video about the new antispam filters available in Forefront Protection 2010 for Exchange Server (FPE). Alex gives an excellent overview of the antispam filters in FPE and how they are integrated into a seamless antispam solution for protecting Exchange servers from unwanted spam e-mail.
You can watch the video at: http://edge.technet.com/Media/Forefront-Protection-for-Exchange-FPE-Anti-Spam/
Michel LaFantanoFPE UA
Greetings! I am a new technical writer on the Forefront Server Protection UA team. I wanted to make you aware of some new user documentation our team recently made available for Forefront Protection 2010 for Exchange Server (FPE).
If you are looking for the big picture on how FPE protects your Exchange servers and how to develop an effective scanning strategy, look no further. The new Protecting your Exchange servers documentation in the Planning and Architecture section gives you the parameters to understand best practices for scanning malware without compromising your server load performance levels.
Because FPE can be deployed and configured in a variety of ways depending on the topology of the Exchange organization, the most effective route for your own deployment needs to include good planning strategies around what needs to be scanned and on which servers in your specific architecture. Before you dive into deployment and operation detail, check out this section first to help you make good configuration decisions.
Planning and architecture guidelines and strategy is now available for the new release of Forefront Protection 2010 for Exchange Server (FPE) and is available here.
Check out this recent video of an IT pro talking about his experience with Forefront Protection 2010 for Exchange Server:
http://edge.technet.com/Media/FPE-Customer-Story/
If you are not familiar with TechNet Edge, it is a great resource for IT pros to get news, information, and tips about Microsoft technologies. There are tons of videos and other resources on the site.
Enjoy!
Michel LaFantano Forefront Server Protection UA
Hey Folks,
People have been asking on our forums if Forefront Protection 2010 for Exchange Server (FPE) can be run in a Hyper-V virtual environment. The short answer is yes. The deployment, configuration, and operation of FPE are the same in Hyper-V virtual server environments as on physical servers.
For details about installing in and running in a Hyper-V virtual environment, read our documentation on TechNet: http://technet.microsoft.com/en-us/library/dd639345.aspx
Hi, my name is Scott, and I'm a technical writer in the Forefront Server Security (FSS) User Assistance (UA) group here on Long Island, New York. This post is to let you know that the documentation for our just-released Forefront Protection 2010 for SharePoint (FPSP) Release Candidate (RC) product has been updated and posted to our TechNet Library at the following location:
http://go.microsoft.com/fwlink/?LinkID=111584
Please use the feedback feature on TechNet, because we do attempt to address all feedback received. Also feel free to e-mail any concerns to me directly at scfloman@microsoft.com or fss-ue@microsoft.com.
Lastly, I want to point out that another good resource for obtaining information about our products is the Forefront Server Security Forums (http://social.technet.microsoft.com/Forums/en-US/category/forefrontserversecurity), where you can easily interact with other customers and trained support professionals. Note that a passport account is needed to access the Forums.
That's all for now. Looking forward to hearing from you.
Scott Floman
Technical Writer