SharePoint Notes

Bleeding on the cutting edge …

Archive for the ‘Forefront Server Security’ Category

Forefront Threat Management Gateway 2010 RTM’s

Posted by Christian Dam on November 17, 2009

The Forefront TMG team has announced they have submitted the final bits to RTM. Well done!

More information here: http://blogs.technet.com/isablog/archive/2009/11/17/forefront-threat-management-gateway-2010-release.aspx

Advertisements

Posted in Forefront Server Security | Comments Off on Forefront Threat Management Gateway 2010 RTM’s

A couple of infrastructure related anouncements …

Posted by Christian Dam on October 11, 2009

Windows Virtual PC

Windows Virtual PC has RTM’ed and is available on technet. I would expect it do be available on MS Update / Download soon as well: http://blogs.msdn.com/virtual_pc_guy/archive/2009/10/07/windows-virtual-pc-and-windows-xp-mode-now-on-msdn-technet.aspx

Support changes for Windows 2000 and Windows 2003 July 2010

Extended support will end for Windows 2000 and Windows Server 2003 and Windows Server 2003 R2 will move to extended support: http://blogs.technet.com/windowsserver/archive/2009/09/15/support-changes-coming-july-2010-for-windows-2000-server-and-windows-server-2003.aspx

Forefront Threat Management Gateway reaches the Release Candidate state

The product team announced that the RC version od the next version of ISA Server / Intelligent Application Gateway (IAG) 2007 firewall products is available for download: http://blogs.technet.com/isablog/archive/2009/10/11/forefront-threat-management-gateway-2010-release-candidate-now-available.aspx

Posted in Forefront Server Security, Windows Server | Comments Off on A couple of infrastructure related anouncements …

Installing Microsoft Forefront Security for SharePoint with SP1

Posted by Christian Dam on January 20, 2008

A quick start guide to Microsoft Forefront Security for SharePoint.
Step 1: Installation

  1. Click setup.exe
  2. Click Next on the Welcome page
  3. Click Next to accept the licence agreement
  4. Enter User Name and Company Name and click Next
  5. Select Local Installation anc click Next
  6. Select Full Installation
  7. Select the engines to install and click Next
    • Forefront comes with eight different scan engines where the Microsoft Antimalware engine and four additional random chosen engines are selected.
    • The possible scan engines are:
      • Microsoft Antimalware Engine (cannot be de-selected)
      • AhnLab Antivirus Scan Engine
      • CA Vet
      • Authentium Command Antivirus
      • Kapersky Antivirus Technology
      • Norman Virus Control
      • Sophos Vires Detection
      • VirusBuster Antivirus
    • Only four additional engines can be selected during installation.
    • You can add or remove selected engines at this point or through the administrative client later
    • More scan engines add to the memory requirements
  8. Click Next
  9. Select Destination Folder and click Next
  10. Select Program Folder and click Next
  11. Enter User Name and Password of an account that have local administrative permissions on the SharePoint Farm Servers including the database server if it is a seperate server. Click Next
  12. Click Next
  13. The installation starts …
  14. That’s it. Click Finish

Step 2: Configure and Update Scan Engine Definitions

After the installation make sure you update the scan engine definitions:

  1. Start Forefront Server Security Administrator (Start -> All Programs -> Microsoft Forefront Server Security -> SharePoint Security -> Forefront Server Security Administrator)
  2. Select server to connect to and click OK
  3. Navigate to Settings -> Scanner Updates
  4. Select every scan engine in turn and click Update Now
  5. Jump to the Antivirus settings and select the scan engines you want to enable for both scan jobs

Step 3: Test

  1. Verify that antivirus has been configured in MOSS:
    • In Central Administration navigate to Operations
    • In the Security Configuration section select Antivirus
    • Make sure that Scan documents on upload and Scan documents on download are checked
  2. Create a test “virus” file
    • Copy the following string to a file and save the file as eicar.com:
      • X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
    • This is naturally not a real virus, but a definition defined by European Institute for Computer Anvirus Research for situations like this, where we need to test an installation without messing about with real vira
  3. You may need to unblock .com files first:
    • Go to Central Administration -> Operations -> Blocked Files Types
    • Select the Web Application that host your portal
    • Remove the com file type from the list (remember to add it again later)

  4. Upload eicar.com to your portal
  5. If you get the following message, you should be OK

    “eicar.com” contains the following virus: “VIRUS= EICAR_test_file (VBuster,Sophos,CA(Vet),Microsoft); Tagged ID: 0C542A02_C741_4366_A6DD_8A5546B38D70″

    This file cannot be saved to the document library. If you want to save this file to the document library, clean the file using alternative virus scanning software and try saving it again.

    Posted in Forefront Server Security, MOSS, WSS | Tagged: , , , | Comments Off on Installing Microsoft Forefront Security for SharePoint with SP1