So a preview: we have tested the above software and finally end up taking a non-MS route and using alternative softwares. Read on to find out....
Microsoft Forefront is not a single program, its their new flagship platform for security and network stability. It is everything from an antivirus/anti-spyware/antispam suite to a full blown 3 server networked security and connectivity suite that securely connects every aspect of your Microsoft life, from more secure VPN to internet web caching (results in faster internet, formerly ISA server), to less workstation viruses with better AV, and WSUS (Windows Software Update Server) - the Forefront platform ties all this together with its myriad of Forefront applications.
We went with the standard installs of Server 2008 and Exchange since the desired Forefront suite does not support Small Business Server - this took approximately 10 man hours to prep the platform from installing windows, to installing Exchange, SQL Server (required by Forefront), and finally Forefront for Exchange and Forefront Client Security for the server (note we are pretty proficient at slapping a server into shape). - What a PAIN!!!
Forefront Security for Exchange was surprisingly easy to installed (compared to all the rest), it took only about 3-4 minutes to install, and another 15 to configure - WOW!!! Forefront plugs right into Exchange and will scan all mail for viruses and spam before users ever see it. It looks like Forefront is VERY good at stopping viruses, it comes out of the box integrated with 8 different Antivirus scanners, and actually recommends you enable at least 4 of them (hmmm, I wonder how efficient that is in production), oddly 5 of these AV scanners were very obscure to the extent that I have never seen them before, the other 3 were somewhat obscure (no Symantec here). The spam area is pretty typical, it has keyword filtering, spam blacklist lookups, whitelists, and blacklists.
Now on to Forefront Client Security, this has several aspects, there is a ginormous server aspect. It uses the following items on the server to secure clients
Then the workstations get a very slim Forefront client (called MS Security Essentials) which uses around 10 megabytes of RAM - very impressive. This client scans for viruses and spyware very efficiently and is actually a 'spiffed up' version of Windows Defender (finally MS gets something right).
Unfortunately this solution would fit only a couple of my clients, as it requires a massive IT output to implement it, and licensing models are very prohibitive to sub 150 node networks, and doesnt really start to 'come in handy' until the 300-500 node network.
Forefront for Exchange requires Exchange Enterprise licenses (more $$ than Exchange Standard)
If you have lesss than 50 PCs you should definitely be using Small Business Server (75 max), which Forefront does not support due to its resource needs at the server (its a hog).
******* Key reading: *****************************
A BETTER SOLUTION for the SMB and possibly Enterprise:
If you are a candidate for Small Business Server (75 users max), a far more efficient and cost effective solution is:
Vamsoft ORF actually works better than Forefront on all fronts, and even for the Enterprise deployment. Vamsoft supports regular expressions (Forefront lacks), which allows it to scan emails and get those odd variations of words like v1agr@ or m0rtg@ge that we so often see now - a keyword filter just isnt enough, it must grab the variations, and ORF does. ORF also supports a number of virus engines, as well as blacklists and whitelists, and even automatic whitelisting of people you email, another thing I didnt notice in Forefront was greylists, and tarpit delay. The best of all ORF is layed out with far more options {than 4front}, and yet I can configure it in the same amount of time, and ORFs memory and CPU footprint is very small at around 10mb ram. Settings are saved in a text file, so I can quickly pass my golden installation on to other clients Exchange servers, making configuration even quicker - like 3 minutes.
Whats more the, the reports in ORF are very clear and concise and actually solved a problem for me in 3 minutes, at which 4 hours of trying to use microsoft resources failed.
Coming in at just under $300 one time license, ORF is worlds below the microsoft platform, and at that same cost it will work on any version of Exchange from SBS to Enterprise, and includes SQL integration for settings and reports at no additional cost.
On to viruses and spyware:
Comodos antivirus engine is great at around 15 mb ram, and NOD32 uses a bit more at about 30 mb- still worlds below Symantec at 200 mb.
The Forefront platform looks great, seems well thought out, seems to work well, looks thorough, but I am reluctant to recommend it at all because it still lacks a couple of minor items that competing solutions have, and the implementation cost would be staggering compared to other solutions, even if your IT is on salary, they might have something better to do, finally not to mention the actual cost of the licenses. I dont know what Forefront costs (we used a 120 day trial), but I know its pre-requisites are very costly, like SQL server and Exchange Enterprise, and multiple servers for its recommended deployment like Windows Essential Business Server (actually 3-4 server solution for network security and management). As said, it would most likely fit very well on a 500 node network that has unlimited IT staff on salary, and would most likely in the long run save time and run very efficient, but it does not even belong on a medium sized network of 100 users.
****************************************
The same goes for Server 2008 Standard and Exchange 2007, there are some advantages over previous versions, but unless your infrastructure *requires* them, its not worth it - a client with less then 50 users recently requested an upgrade from their Small Business Server 2003 platform to full blown Server 2008 Standard - nix!!
No comments:
Post a Comment