Server Security

Server Security Defense in Depth

FOREFRONT SECURITY FOR EXCHANGE AND SHAREPOINT
Microsoft has been progressively building a complete communications and collaboration platform, responding to the market demand for well-integrated communications and collaboration systems that replace individual point solutions. Microsoft’s strategy in this space is to build a set of unified communications and collaboration solutions that provide easy access to a wide range of work modes—Instant Messaging (IM), e-mail, calendar, team workspaces, document libraries—all using a familiar set of tools that let people work without disruption from the desktop or on the go. These solutions are based on, and take advantage of, infrastructure services like Microsoft® Active Directory® directory service and the Microsoft® Windows® operating system Rights Management Services.

For these services and capabilities to be truly useful in business, they must be properly secured. Each of these product families includes a wide range of security features, including encryption, authentication, and auditing. However, building an effective communications and collaboration system depends on protection of the system itself and the data it contains. Over the last two years, Microsoft has been steadily adding data-centric security functionality, beefing up the message security capabilities of Microsoft® Exchange 2007, adding built-in support for Windows Rights Management Services into Microsoft® SharePoint® Server 2007, and purchasing several security companies whose products fill gaps in Microsoft’s own offerings. Microsoft’s overall security strategy is to provide end-to-end security for business customers, beginning with the operating system and extending through network access to applications and services hosted on Windows servers. This end-to-end protection strategy is a broad vision that will take some time to execute.

The Microsoft® Forefront™ server security products are a major part of Microsoft’s commitment to realizing this vision by providing integrated security and management services for Microsoft’s communications and collaboration services. Microsoft acquired the proven and mature Antigen line of anti-virus products, and then updated them to provide better protection for Microsoft’s communications and collaboration solutions. Microsoft® Forefront™ Security for Exchange Server and Microsoft® Forefront™ Security for SharePoint® help provide advanced protection for the valuable data transmitted and stored in mailboxes, document libraries, and team sites. These products integrate with existing Microsoft management tools, simplifying deployment and administration. The Forefront server security products provide several key security capabilities to Exchange and SharePoint customers, including the ability to create file-filtering policies that apply across messaging and collaboration tools and an advanced multiple engine manager that allows you to concurrently run up to 5 of the included Microsoft and third-party anti-malware engines. Using multiple scan engines delivers several critical advantages:

It increases the chances that emerging threats will be quickly caught.
It provides redundancy to help protect against scan failures or defects in individual engines; if an engine fails, other engines continue scanning messages.
It gives administrators an effective way to choose the most appropriate level of protection for their environment given their security needs and server performance capabilities.
It allows engines to be taken offline for updates or reconfiguration without forcing messages to be queued.

A recent set of tests performed by the independent AV-Test.org group found some surprising differences in signature update times from various vendors. The tests compared AV lab response times for eighty-two “in the wild” viruses and variants that appeared from April to July 2006. Twenty-six of the viruses were quickly detected by all the scan engines, but some engines didn’t detect viruses for more than twenty-four hours. In a few cases (notably 0506 Banwarum.C@mm), some vendors didn’t update their signatures to provide a block until nearly five days had elapsed! Because Forefront Security for Exchange Server and Forefront Security for SharePoint combine multiple engines, the odds that a virus will go unblocked or undetected for long periods are greatly reduced. Organizations benefit from all updates for the set of engines you use, not just from updates to a single engine.

Back To Top

Company Mission Statement
To strive for growth in our customers, suppliers and employees and to conduct business
in an intelligent and responsible manner with the best intentions at all times.