Today we are excited to announce formal support for Forefront Server Security for Exchange SP1 and Forefront Server Security for SharePoint SP1 running on the Hyper-V platform. This is part of a larger announcement that affects multiple Microsoft products, including Microsoft Exchange Server and Microsoft SharePoint Server.
Both products have been tested to confirm that all the functional aspects have the same behavior in Hyper-V virtual server environments as on physical servers. They are also approved for any hypervisor based virtualization technology certified under the Microsoft Server Virtualization Validation program.
This post provides an overview of deployment and operational considerations when running on Hyper-V. This information will also be made available as a TechNet article at a later date.
The minimum server and client requirements for Forefront Security for Exchange and Forefront Security for SharePoint are essentially the same when installing in a virtual Hyper-V environment. The application, OS, and hardware platform versions are limited, however, to those that are supported by Microsoft Exchange and Microsoft SharePoint on the Hyper-V platform.
For more details about Exchange and SharePoint support recommendations on Hyper-V, you should refer to the documents “Microsoft Support Policies and Recommendations for Exchange Servers in Hardware Virtualization Environments” and “Using SharePoint Products and Technologies in a Hyper-V virtual environment.”
Running Forefront in a guest virtual machine does not change the basic deployment, configuration, and operation guidance for the product. Refer to the Best Practices Guides and Operations Guides available on Microsoft TechNet for additional deployment and configuration considerations.
Once Exchange’s requirements for running in a Hyper-V environment have been met, there are specific guidelines for Forefront that must be followed:
Adding Forefront to an Exchange environment will add resource utilization on top of what Exchange, the guest OS, and host resource will be using. To ensure that your virtual environment can handle the anticipated load from Exchange and Forefront, it is helpful to measure the performance counters before and after Forefront has been installed. You can follow these steps to take these measurements:
(4) Transport Processes X (5) Scanner Engines @ 100mb each + File sizes = Memory utilization
Note: This is an example only and real world results will vary depending on multiple factors.
If you increase the Transport or Realtime process counts, add more scanner engines, and increase the engine bias, memory will quickly be exhausted. In most cases, the default number of process counts is adequate; however, you should consult the best practice guide for further information on fine tuning these settings. Additionally, use the performance data you collected earlier to help gauge how many process counts you should be using.
Project Manager, Forefront Server Security