- The multi-engine advantage...and updates
-
Today we posted a white paper about the Microsoft antimalware engine strategy and changes beginning December 1, 2009. A summary is below - read the full document for a complete overview.
Forefront server security products - such as Forefront Secrurity for Exchange, Forefront Security for Sharepoint and Forefront Security for Office Communications Server incorporate a multi-engine strategy, using both Microsoft and industry-leading security partner technology to consistently drive high detection rates. They also include an advanced multiple engine manager that allows customers to concurrently configure up to five engines. Using multiple scanning engines delivers several critical advantages:
- It increases the chances that emerging threats will be caught quickly.
- It provides redundancy to help protect against scan failures or defects in individual engines; if an engine fails, other engines continue scanning messages.
- It gives administrators an effective way to choose the most appropriate level of protection for their environment given their security needs and server performance capabilities.
- It allows engines to be taken offline for updates or reconfiguration without forcing messages or documents to be queued.
Tests performed quarterly by the independent AV-Test.org group have shown that the multi-engine set for Forefront security products rates highest in response times for “in the wild” viruses and variants. We have found that having multiple engines consistently provides the highest detection rates against the competition with average response time of 3-6 hours for new viruses versus competitive single-engine solutions average response times are more than 2-9 days (as noted in recent AV-Test.org data.)
In order to further develop stronger technology relationships with our antimalware partners and ensure continued customer value for the longer term, we are standardizing on a set of five antimalware engines moving forward. We are confident that this solution will continue to provide equal or better detection rates and response times than the industry’s other leading solutions.
What does this mean for Microsoft and its customers? The current and next generation of Forefront server security products, including Antigen, will include five antimalware engines as part of an ongoing strategy to maximize and maintain our malware detection advantages, as well as make investments in other areas that will increase overall protection for our customers.
Customers will be able to take advantage of these new enhancements and engine changes after deploying the Antigen and Forefront service packs released on July 1, 2009. These service packs will allow customers to move to the new set of five engines as well as additional engine changes that Microsoft may release after December 1, 2009.
- Forefront: CCTM Certified for UK government use
-
Last week West Coast Labs announced that Forefront Client Security has received the CESG Claims Tested Mark (CCTM),which provides a government quality mark for malware detection and performance, based on accredited independent testing. CESG is the UK government's National Technical Authority for Information Assurance. Their stamp of approval means UK government departments can reliably look to Forefront for endpoint protection.
The certification is designed to attest to the overall effectiveness and performance ofaproducts providing protection from a wide variety of security threats (malware, spam, URLs, etc. It is the fastest growing certification systems for information security products and services and is a highly regarded accreditation program.
- Survey says: Security the top challenge for IT pros
-
Today Microsoft released findings from a survey of 1200+ IT professionals in the US, UK, Germany and Japan. Some of the top findings about their opinions on IT in a recession, priorities and where they are investing are here. Among the most interesting results are related to security, such as:
· IT pros cite security as the number one challenge in managing infrastructure (above some other big challenges, such as uptime, resource utilization, systems management, end-user support, sprawling datacenters and interoperability.)
· Protection of customer and company data is the top security priority, above other activities including security systems management (#2), compliance and governance, identity management and adopting hosted security services.
· A majority of IT pros view security as an enabler of business. More than half think that IT security responsibilities include advancing overall business goals (52%) and increasing end-user productivity (51%)
The Microsoft take? We agree! Security remains too complex and expensive, and it should facilitate business collaboration, empower people and help organizations achieve their goals. That’s why we are taking a different, broader approach with Business Ready Security.
For an example of a company using identity and security solutions to grow in a challenging environment, watch this video about NuStar Energy.
NuStar Energy Tightens Protection by using Business-Ready Security Solutions
For more information, please visit http://www.microsoft.com/infrastructure/resources/itprosurvey.mspx
- Microsoft Security Essentials (formerly 'Morro') and Forefront
-
Today, Microsoft released a public beta of its new, free consumer anti-malware product codenamed “Morro”, which now has an official product name: Microsoft Security Essentials (MSE). This new solution will address the growing need for a PC security solution tailored to the demands of emerging markets. You may remember that “Morro” was originally unveiled back in November 2008 after we announced the discontinuation of retail sales for Windows Live OneCare subscription service effective June 30, 2009. As we described in this blog last year, Microsoft Security Essentials is intended for consumers, not business customers. Microsoft continues to offer security solutions for businesses with the Forefront line of products as part of its Business Ready Security strategy.
It is important to note that MSE will have a very positive impact on Forefront, because it allows Microsoft to capture even more threat intelligence from customers as more people use the free anti-malware solution. We'll be able to use that information to help extend our security research and in the development of signatures and protection capabilities in our Forefront products, which are being deployed by increasing numbers of enterprises today, with thousands of Microsoft security partners certified to sell and deploy Forefront solutions. And, of course, there's an exciting road ahead for Forefront as we release a brand new set of products for this family in our next fiscal year under the codename "Stirling".
Key points about Microsoft Security Essentials (MSE)
· The MSE beta will become available to the first 75,000 visitors to www.microsoft.com/security_essentials starting Tuesday, June 23, 2009. An English language version will be available to beta testers in the U.S. and Israel, and a Brazilian Portuguese version will be available in Brazil. Support for Simplified Chinese in China is scheduled to follow shortly after initial beta release.
· MSE release (RTM) is scheduled for H2 2009 in 10 languages and in the following 20 markets: Australia, Austria, Belgium, Brazil, Canada, China, France, Germany, Ireland, Israel, Italy, Japan, Mexico, Netherlands, New Zealand, Singapore, Spain, Switzerland, United Kingdom, and the United States.
· MSE will include new protection technology, as part of the Microsoft anti-malware engine, called “Dynamic Signature Service (DSS)” which delivers real-time threat signature updates to the client when it detects something suspicious, whether code or behavior. As we mentioned previously in April, Forefront Client Security 2.0 will also include DSS when it releases in H1 2010.
· MSE is designed for consumers and will be offered as a free download separate from Windows (including Windows 7).
- Server & Tools Business Exec discusses state of IT, answers your questions on June 23
-
Are you interested in hearing about how other IT pros are reacting to economic conditions and where they’re investing (particularly security?)
Do you have questions about Microsoft’s efforts to help IT be more cost effective and deliver new solutions to business?
Is there a connection between virtualization and cloud computing?
On Tuesday, June 23rd from 10:30am – 11:00am (PDT), join a teleconference with Bob Kelly, corporate VP of Infrastructure Server Marketing. Bob will talk about the state of IT within the context of results from a new Harris Interactive study of 1,200 IT professionals from the U.S., United Kingdom, Japan and Germany. The study was commissioned by Microsoft’s Server & Tools Business. There will be time for your questions following the brief presentation. Submit questions over the phone or you can submit them at any time leading up to or during the teleconference by tweeting with the Twitter hashtag, #qs4ms. If you are interested in attending, please REGISTER NOW. Once you open the invite box, you can save and close to your calendar.
- Forefront Threat Management Gateway Beta 3 – Ready for Download!
-
Forefront Threat Management Gateway Beta 3 – the last planned beta – is now available to the public for download and evaluation. This marks a big step towards providing a complete Web security solution with the first public preview of our URL filtering capabilities. I want to pose a few questions and answers about where Forefront TMG is going.
So, what makes our URL filtering special? For most companies, there is a physical limit on URL categorization and coverage because it is a manual process. Forefront TMG is leveraging the Microsoft Reputation Services to expand beyond what one company can provide. Instead, MRS aggregates URLs from multiple sources – including but not limited to iFilter, BrightCloud and Marshall8e6 – and determines which is most accurate for categorization. This gives Forefront TMG customers access to URLs from multiple trusted sources but also gives them confidence that the URLs will be accurate categorized. This enables Forefront TMG to expand well beyond where it could if Microsoft only developed its own URL data set, not unlike the added protection benefits of Forefront Security with multiple AV engines.
Why do you want Forefront TMG if you already have URL filtering? Most companies today have some sort of URL filtering. It may be a standalone product plugged into ISA or into a firewall or come as part of a unified threat management product. These solutions represent a compromise. With the first, you give up simplicity of a single vendor solution. With the second, you give up the richness you get from most standalone URL filtering products.
Forefront TMG represents the best of both worlds. It unifies a Web access gateway with URL filtering and antimalware so that you gain the efficiency of a single vendor but also provides functionality well beyond that found in UTMs designed as multi-purpose generic devices. Instead, it can be thought of as “best-of-need”. It provides the security you need with the simplicity you want.
You can find Forefront TMG Beta 3 here.
Bill Jensen
Senior Product Manager
- New version of Forefront Online Security for Exchange
-
Today, we released a new version of Forefront Online Security for Exchange (Release 9.1). This release delivers key enhancements to the directory synchronization tool as well as usability improvements to the administration center and spam quarantine.
New features in this release include:
- Enhanced Directory Synchronization Tool (with Differential Sync)
- New Track Changes Option
- Domain Enhancements
- New Blind Copy Option for Outbound Suspicious E-mail
- One- Day Interval for Spam Quarantine Notification Settings
- Enhanced Reporting Features
- Scheduled Reports sent by E-mail
- New Outbound Suspicious Traffic Type
- Top User Reports
- Reporting Web Service for Forefront customers
- Enhanced Audit Trail Search
- Date Range
- Bulk Uploaded User Events
To see a demo of some of these features - check out our TechNet Webcast on FOSE here!
- Forefront for Pharma
-
Headquartered in Albany, New York, AMRI provides wide-ranging scientific services to pharmaceutical and biotech companies. AMRI has more than 1,200 employees and sales of approximately U.S.$180 million.
The company was using two different client security solutions that did not work well with each other, had reliability problems, and were difficult to manage.
In 2007, AMRI tested a beta version of Forefront Client Security in a pilot project. After the pilot’s success, the company began FCS enterprise-wide.
“For what we really need it to do—secure the computers that store our company’s critical data—Forefront Client Security is a robust, stable solution that does the job reliably. Because we can automate the deployment of Forefront through Windows Server Update Services, we don’t even have to use an admin console to push it out to the environment. It supports a set-and-forget-it approach.”
-James Edwards, Sys Admin, AMRI
Read the case study here.
- Microsoft tops AV-Comparatives' testing
-
AV-Comparatives.org published the May edition of its proactive/retrospective testing to measure 16 anti-virus vendors’ capability in detecting new threats. Microsoft anti-virus received one of only 3 Advanced+ ratings. Our detection rate was 60%, the second best among the participants, and we had the fewest false positive samples.
This result is consistent with some recent proactive tests conducted by other industry test organizations. In the VB100 April edition, VB introduced a new metric, Reactive and Proactive (RAP), in their test criteria. Vendors scored from 8.0% to 94.7%. Both Forefront Client Security and OneCare score at 80% in the RAP test cases. In addition, in the WildList response time testing by AV-test.org in 2008, Microsoft was in the clear leading position on proactive detection.
For details, see AV-comparatives May edition, published here.
- Trial and win!
-
Check out the Forefront Trial Download Sweepstakes:
"Don’t miss the chance to win one of three $10,000 Grand Prize server systems for your home, a D-Link DNS-232 2-Bay Network Storage Enclosure, or a $50 Best Buy gift card instantly!
Now, through June 30, 2009, every time you download a different Microsoft Forefront trial software product, you’ll help keep your business safe and have a chance to win big in the Microsoft Forefront Trial Download Sweepstakes."
- Self-Service Online HR to Save MOD Millions of Pounds Over 10 Years with
-
The U.K. Ministry of Defence (MOD) is providing secure access to 10,000 “orphaned users” who work remotely and had no means of accessing internal administrative services. MOD worked with CapGemeni and is using Microsoft identity and security solutions, such as Identity Lifecycle Manager (next version to be called Forefront Identity Manager), ISA Server (next version Forefront Threat Management Gateway) and Intelligent Application Gateway 2007.
Ministry of Defence advisor to the CIO David Longhurst says: “With all our HR services now online, there will be savings in the back office which could amount to many millions of pounds over 10 years. The savings will far outweigh the cost of the implementation.”
Enabling productivity, saving money. Sounds like Business Ready Security. Read the MOD case study here.
- The integrated approach to client security
-
When PhillipCapital and the Australian government's Customs Service needed to improve the way they protect their desktops, they chose Forefront Client Security. A big reason for both was Forefront's integration with the rest of their Microsoft infrastructure.
"Forefront Client Security works seamlessly with our core infrastructure components. As a result, we have reduced the cost of administering our security infrastructure by 60%. My advice to any company seeking a new security solution is to try out Forefront Client Security. The benefits of integration and rich reporting alone make it an ideal choice." - Thomas Thiew, IT Manager, PhillipCapital
“The interaction between Forefront Client Security and Windows Server Update Services is excellent,” says Rodgers. “The solution is very well integrated, which will be a big plus for us in terms of sending out updates and security definitions to individual computers.” - John Rodgers, Director of Technical Infrastructure Support, Australian Customs Service.
Read the PhillipCapital case study here, and the Australia Customs Service case study here.
- Overcoming security fatigue
-
Here's a brief video featuring analyst Scott Crawford of Enterprise Management Associates discussing how companies can manage "security fatigue," costs and threats through a more holistic view. The Business Ready Security strategy is aimed at helping companies more easily achieve that more comprehensive approach.
Perspectives on Security: Overcoming Security Fatigue
- Business Ready Security webcasts
-
Register here for a new series of webcasts on the entire lineup of Forefront products supporting the Business Ready Security strategy. Starting tomorrow, webcast topics will include: Forefront Identity Manager, the Forefront "Stirling" security suite and component solutions, Forefront Security for Office Communications Server, Active Directory Rights Management Services, "Geneva," and more.
- Video: School District uses "Geneva" to simplify access
-
As demonstrated at RSA (and reported on CNET) the Lake Washington School District-- comprised of 50 schools and nearly 24,000 students -- is doing a pilot deployment of "Geneva" to provide students with easier access to education materials and info. Watch this video to get the whole story. (And get beta 2 here.)
Watch the video
