Learn about the membership of the ForeFront family

With the widespread use of servers and clients in the Windows operating system, various intrusion attacks are common in various media, and many of them cause serious economic losses. How should enterprise users respond to such a severe security situation? In response to this security situation, Microsoft introduced the ForeFront Security security product family, which includes ForeFront Client Security, ForeFront Server Security, and ForeFront Edge Security, covering client, server, and network perimeter security. ForeFront can be said to reflect Microsoft's understanding of the Windows operating system and network security needs of enterprise users. Let's take a look at the members of the ForeFront family.

Features of ForeFront Security

ForeFront Security is not only a few products named after ForeFront Security, it also includes numerous Microsoft security products such as WSUS, System Center, ISA, IAG, etc. The so-called "essential nature through the phenomenon", although ForeFront's product line is quite complex, but we can still see three characteristics that Microsoft has to achieve on ForeFront: synthesis, integration, simple

● synthesis ( Comprehensive) The ForeFront family is a complete solution for client, server and network perimeter security, including security features such as malware defense, patch management, authentication, and remote access, covering the corporate network and all nodes using the Windows operating system.

●Integrated ForeFront can be closely integrated with the information processing system and security solutions of the user's existing Windows platform, enabling users to control the security of the enterprise network more effectively and clearly. .

Simplified ForeFront provides users with a single management view that increases the visibility of the user's network security status, enabling better management and threat mitigation processes.

What can be learned from the three characteristics of ForeFront for enterprise users? There are different answers for companies of different sizes in different industries to answer this question, but the author believes that the difference between the answers should be in these three The priority of the feature is ranked rather than the content of the answer. Because some components of ForeFront Security have not yet been officially launched, it seems that it is still too early to discuss the advantages and disadvantages of ForeFront and other security solutions from the technical level of the overall security architecture, but from the design concept of ForeFront to discuss the implementation of Windows platform security, but A very instructive topic.

Forefront and Enterprise Security 4 Features

Security Comprehensive is first and foremost a comprehensive implementation of Windows security. At present, the original security implementation in most enterprises can be classified as “a headache, a painful foot”, if the client often faces the threat of malware, the information department of the enterprise will purchase the counter of the stand-alone version. Virus software is installed and installed; if the server is likely to be hacked, the enterprise information department will purchase a firewall and install an intrusion check device; if the mail service has a large amount of spam attack in a certain period of time, the enterprise information department will purchase various anti-investigations. Spam security products —— Enterprise procurement and deployment of security solutions is not based on a strategic analysis of security threats affecting business and information processing, but only short-term behavior to protect against certain types of security threats. Although such procurement and deployment ideas have good results in the short term, they will bring false security and security risks to enterprises. Enterprises will often recognize new ones after they are damaged by new security threats in the future. Threat and react to it.

The recent 0Day exploits that frequently appear on the media are an example. Enterprises only deploy general anti-virus software and firewalls. (This kind of enterprise environment is very common. For the sake of simplicity, the following is called general information. The processing environment) is undefended under the attack of 0Day vulnerability. Only when security functions such as intrusion detection, anti-virus, and firewall are enabled at the same time can the detection and interception be more effective. In addition, the lack of a visionary security solution procurement deployment method can easily lead to the lack of security functions, which in turn creates potential weaknesses in the enterprise's information security system. The water that can be loaded in a bucket depends on the length of the shortest barrel, a safety system that lacks some critical safety functions, and the actual safety performance is not much safer than the environment in which the safety scheme is not used, or the general enterprise mentioned above. As an example of the information processing environment, if you do not use the WSUS service or use Windows Update on the internal network, the administrator cannot grasp the patch upgrade status of each network node. A new worm that uses Windows vulnerability propagation and anti-virus software can not detect it temporarily will be able to It is easy to capture all the machines in the enterprise intranet. From this perspective, it is extremely important for enterprise users to maximize the security of the Windows platform and implement the “integrity of security features” that Microsoft has implemented in ForeFront Security.

Security Integration Second is the integration of Windows security implementations. ForeFront Security emphasizes the seamless integration of its security features with the user's legacy Windows platform applications. The composition of the enterprise information processing environment is very complicated. Even in a slightly larger enterprise, the information processing environment can be divided into various application types such as various application servers, key network servers, and client machines according to different information processing requirements. Not to mention large and medium-sized companies or multinational companies. The software and hardware environments in different environments are very different, and the security level and performance requirements are different. For example, enterprises need to deploy a set of security solutions for content filtering and performance monitoring on the application server, but they do not plan to deploy them beforehand. The compatibility and integration of the old application server environment have been rigorously tested, and only the advertisements are selected for promotion. The subsequent troubleshooting is a nightmare for the enterprise information department. The implementation of this security solution The effect is also impossible to talk about. Therefore, when deploying security solutions, the integration of security solutions and legacy facilities is a key factor that must be considered, both in terms of implementation effectiveness and protection of existing investments. Previous12Next page Total 2 pages