The Security Wizard

Forefront MVP announced

2009-04-01T17:27:02Z

First, I must begin with apologies for not updating the blog for a few weeks, but as some of you might know I've been very busy with a lot of new projects. Do not worry, I have plenty of new stuff to write and will do it as soon as I'll have some time. In the mean while, I was very pleased to receive today the following E-Mail: ======================================== Dear Yaniv Feldman, Congratulations! We are pleased to present you with the 2009 Microsoft® MVP Award! This award is given...(read more)

Tamper Protection in Forefront Client Security

2009-01-09T00:44:00Z

Every Anti-Virus has a mechanism called tamper protection that helps administrator keep users from mishandling there antivirus settings and services. Forefront Client Security only offers basic control over what the user can or cannot do with the FCS Client Console on his client machine. What the FCS System doesn’t provide is a built-in mechanism to protect FCS services from being stopped or prevent FCS from being removed by the user. It’s true that some of these are possible to prevent by not giving...(read more)

IAGServer.org is alive!

2008-10-31T14:36:00Z

I want to announce about a new Forefornt Edge Intelligent Application Gateway (IAG) Knowledge Center and Forums that includes Videos, Articles, Links and more ! http://www.IAGserver.ORG - The First Place To Share Great Minds http://forums.IAGserver.ORG There are so many new things in this Application Aware Remote Access SSL VPN product! for example: Active Directory Federation Services (ADFS) gateway, Kerberos Constrained Delegation (KCD) with Smart Cards, OTP and Soft Certificates, Application Filtering...(read more)

Forefront Client Security Deployment Tool

2008-06-16T22:09:19Z

After a lot of work, I am very pleased to finally announce the release of "Forefront Client Security Deployment Tool". FCS Deployment Tool is a free toolkit provides additional deployment capabilities in addition to those which are available with the RTM Version of FCS . This tool gives network and security administrators the ability to scan their network and/or AD, discover existing installed Anti-Virus solutions (currently supporting Mcafee, Symantec and Trend-Micro) that are already...(read more)

Forefront Client Security Remote Definitions Update Using MOM Tasks

2008-06-09T12:17:30Z

Overview This Guide explains how to create a process of remote updating forefront client security definitions using MOM2005 Tasks. This ability to MOM2005 gives you the ability to "Right Click à Update Definitions" on each and every installed client and by that gives you the ability to update and control your client definitions outside "windows update". Note: This update method is not a replacement for the Windows update method. You can take the scripts and the first part of this...(read more)

ISA Firewall Dirty Dozen

2008-04-17T14:11:19Z

There are a handful of questions asked repeatedly on the ISAServer.org message boards and mailing list. Thomas Shinder's (One of the greatest ISA experts in world) answers a collection of the top 12 most frequently asked questions. This one is for all of you who ever worked with ISA and got stuck configuring your settings... http://www.isaserver.org/tutorials/ISA-Firewall-Dirty-Dozen-FAQ.html...(read more)

Forefront @ Tech-Ed 2008

2008-04-04T09:17:06Z

Just a little bit more then 48 hours until the first unveiling of Forefront Stirling, the second generation of Forefront Security line of solutions at RSA. But we are not in RSA, we are going to Tech-ED! for the first time ever, we will present stirling a few hours before the rest of the world so you guys will be the first people in world (outside of MS) that will get the first glance about the most amazing security solution youv'e seen a great while.... in addition to that, those of you who...(read more)

Updating Forefront Client Security Definitions using SMS2003 or SCCM2007

2008-02-24T21:12:00Z

For the first time, you can deploy FCS definitions in an automated process using SMS 2003. with this procedure you can download the definitions from the security portal and distribute them using SMS in an automatic way without any human intervention. Notice that this procedure can be used in a similar way in SCCM2007 (or any other distribution method) as well. If you have any questions, feel free to call :-) Part 1: Creating a scheduled job for definitions download. 1. Download DefinitionsDownload...(read more)

Server 2008 is only 3 days away...

2008-02-23T21:46:29Z

we are now only 3 days away from the first virtual launch ever of Windows Server 2008 and the excitement just keeps on going up. As a security consultant I just can't sit down quietly while the next level of security comes out officially into the air of the IT world. This Virtual event will include live broadcasts of the keynote and will give you the ability to really "walk around" the floor of the convention center in LA watching all the stands and the exhibitions on the spot. I am...(read more)

Deploying Forefront Client Security - One install on two platforms

2008-02-22T08:51:00Z

One of the issues with FCS Client installation is that you have two separate versions of the FCS client agent (32/64Bit) and you need to deploy each one of them to the appropriate computers. that means that if you want to deploy FCS client agent using anything different then WSUS, you need to create two different installation packages/script. Here is a script for installation of FCS Client, that checks for operating system version (32/64Bit) and installs the appropriate version accordingly. You can...(read more)

Deploying Forefront Client Security Using SCCM2007 - Video Guide

2008-02-20T23:09:27Z

This is Video guide that Explains how to deploy Forefront Client Security Client Agent using System Center Configuration Manager 2007. the video details all the stages of creating a package from the client source files, creating a task sequence that includes old AV removal script and package deployment and advertising the task sequence to the appropriate collection. hope you'll like it. good luck! I am very excited since it is my first ever video guide. I know I sound a bit funny on the recording...(read more)

Deploying Forefront Client Security Using SCCM 2007 - Step-By-Step

2008-02-20T01:51:51Z

This is a Step-By-Step guide for using SCCM2007 to Deploy Forefront Client Security Client Agents. Pre-Requisites: 1. Installed and configured FCS management server. 2. FCS Policy configured and deployed on client machines. 3. Windows Update policy Configured and deployed on client machines. 4. Client Installation Files (the Client directory on the installation CD) on a shared directory on the FCS server (only read permissions needed). Creating the Installation Package 1. Open SCCM 2007 Console and...(read more)

Deploying Forefront Client Security Using SMS 2003 - Step-By-Step

2008-02-20T01:22:00Z

This is a Step-By-Step guide for using SMS 2003 to Deploy Forefront Client Security Client Agents. you can also find here a script to run that will kick in another script to remove the current AV solution and only then deploy FCS client agent on the target computer. Open SMS 2003 Administrator Console (Start->All Programs->Systems Management Server 2003->SMS Administrator Console. Right-Click Packages -> New -> Package On the general tab, Update Package details. On the Data source...(read more)

Who wants to be a Microsoft Forefront Client and Server Technology Specialist ?

2008-02-15T11:31:00Z

brand new exam... fresh from the oven. I've taken 70-557 exam today and passed. indeed, not a 1000 score, but I think they had a mistake in one of the questions... who the hell uses a script to distrbute scanjob templates? thats why FSSMC exists.... oh well. this will have to do :-) BTW, a little preview for those of you who will have the pleasure of being in my lectures at Tech-ED ... I have an Exam Voucher for the 70-557 that I'm planning to give away as one of the prizes in one of the...(read more)

Configuration Changes in Antigen/Forefront Due CA Engine Consolidation

2008-02-14T22:51:35Z

Molly Gilmore (a program manager on the Forefront Rapid Response Engineering team) has published a reminder on the new behavior expcted from antigen/forefront now that CA has consolidated their two AV engines. First, I would like to mention that there is a KB Article was created that outlined the change and the associated product benefits communicated by CA http://support.microsoft.com/kb/931373 ). after the consolidation was made, the FFRRE team has recommended to disable the CA InoculateIT engine...(read more)