Hello;
We are together again in a new article about Forefront , Microsoft ‘s security product. In the previous sections, Forefront Client Security related installation, We talked about the innovations and features coming in. Now, after this section, we will examine the products on the Forefront Server Security side. In this section, the Forefront Server Security for Office product, which is the product of the Forefront Server family We will examine Communications Server(OCS).
In the new forefront family offered by Microsoft, it integrates easily with your existing IT infrastructure, provides simplicity in management, distribution and reporting, and It is a family of security products that provides you with detailed security protection. We have examined this family under 4 main headings in the previous sections. Today, threats have become more dangerous. .At the same time, it is frequently updated for applications. In order to avoid such drawbacks, you can use solutions with many different technologies both in your company and at home. It will also cause management difficulties. For example, you can choose different antivirus engines such as Kaspersky, Norton Antivirus, Nod32 and McAffee to prevent any harmful content you may encounter in the company network. a solution will be costly for you and you will not be able to provide management from a single center. And you must have the necessary knowledge about all the antivirus engines you use.
Apart from these disadvantages, when there are many management consoles Because of this, you will not be able to follow the reports properly. You have to examine and follow the reports separately from each interface. Yes, friends, using different antivirus solutions is a really solid solution, but it has the above disadvantages. Despite all this cost and management confusion, Microsoft has 8 complete reports on this subject. It has developed the ForeFront Client and Server Security family, which uses different antivirus engines. As a solution, you can choose this product, which works very stable, for such a purpose.. In another article, I will mention this product family. Of course, there may be solutions that everyone prefers and uses according to themselves..
Forefront Security For Office Communications Servers(OCS) 2007
<
In every company scenario, applications such as Instant Messaging can be preferred for users to instantly share information with each other. For example, a user can reach any person or institution within or outside the company by using methods such as telephone, mail, etc. The phone can be costly. Communicating by mail may increase the load on our mail server within the company. For this and similar reasons, applications such as Instant Messaging are generally preferred by companies. For example, Messenger, Office Live Communicator used with Office Communications Servers. 2007,GoogleTalk,etc…
With OCS, users in different branches of a company can manage their free instant messaging and VOIP traffic via this server role with their Smartphone. z.In addition to these, we can send e-mails and send files. If applications other than Office Live Communicator, which is used with Office Communications Servers (OCS), are used within the company, we do not have full management. Or to give an example, ISA Server is used to prevent Messenger conversations. Of course, there is a possibility that such applications can be abused by users. In other words, friends, lovers, etc. can be chatted with friends, lovers, etc., unrelated to work. At the same time, unwanted harmful content can be transmitted to computers within the company without being aware of it.. In order to control such a situation, we can instantly control the internal or external messaging by installing Forefront for OCS on OCS.
With Forefront for OCS, we can filter content using keywords, which cannot be done in other Instant Messaging applications. At the same time, we can also filter by file type. In summary, if we use OCS as an Instant Messaging application within the company, we can use all kinds of messaging, sent attachments. we can filter all files.
Configuration Options on Forefront Security For Office Communications Servers(OCS) 2007
<
Let’s get to know the options we can use with Forefront under 4 main headings in total.
1)SETTINGS
2)FILTERING
3)OPERATE
4)REPORT
1)SETTINGS
a)Scanjob: Under this option There is 1 IM Scanjob method. With this Scanjob, we can manage Inbound, Outbound and Internal messaging traffic.
b) Antivirus : In this section we can configure the IM Scanjob method.
Which virus software IM Scanjob will use File Scanners In the section we select. We decide what actions should be taken within the Action section of this virus software.
The Concept and Characteristics of Bias
< In the
Bias section, we can determine the action that will affect the performance of Forefront Server Security for OCS according to our security understanding.. Recommended is Favor Performance and other options are as follows.
●Maximum Certainty:Scans all messages with all selected virus scanning engines. That is, mails must be scanned with all 5 selected antivirus engines. If an engine is offline (for example, updating), messages or files will not be scanned until that engine is online.
●Favor Certainty: It will scan without using virus software that is not currently available. Each item is scanned with all available engines that are up to date.
●Neutral: 50% using at least 3 virus scanning engines
●Favor Performance: According to server CPU load, products adjust the number of engines to scan incoming items. They do this based on their MEM ratings. 25% of the search engines are used.
●Maximum Performance: All mails selected Scans using only one of the virus scan engines available. This is determined by the MEM ratings. It is fast in performance but low in security.
Forefront Multiple Engine Manager(MEM) system monitors the performance of all active engines and rates how well it has performed in detecting new threats in the past and how up-to-date the virus definitions are. These scores (or MEM ratings) and administrator-specific settings (control over performance) determine which engines are used more frequently.
c)Scanner Updates
In this section, we can set where and how often the antivirus engines running on Forefront will update. In addition, in the Scanner Informatin section, we can specify the version numbers of the antivirus engines and when was the last time. We can see that they are updating. Also, we can specify a UNC Path in the Network Update Path section to enable updates to be installed from any location on the network. We can use this scenario when WSUS is offline and the internet cannot pull updates.
If you have changed the path and we can return to the default http path again. Plus, we can use the secondary section to show a secondary path.
<
Templates
Easier to manage on Forefront In order to do this, we can prepare and use different templates for each server role.
General Options
We use this interface to configure general settings on Forefront. For example, Forefront virus logs are not turned on by default. At the same time, we must select the Delete Encrypted Compress Files option in the Scanning section to delete the encrypted and compressed files during scanning.
1)Filtering
In this menu, we can configure messages sent via OCS to be filtered and unsolicited words blocked. At the same time, we can filter file extensions..
a)Content
<
In this section, we can use IM Scan job to exclude messaging traffic with a domain we trust.
b)Keyword
Using IM Scanjob, we can filter the word using the keywords lists we have prepared before in Filter Lists. We may be aware of the words we do not want in the content.
c)File
<
We can use this section to ban the extensions that we have specifically specified. For the banned application, a txt file is sent to the user who will buy the application, and information about why it was blocked.
Also through the following methods We can also filter.
*.exe = Refers only to *.exe extensions within the Organization.
*.mp3>2mb = Again refers to files with MP3 extension larger than 2 MB within the Organization.
*.doc>5mb = Outside the Organization Refers to incoming or sent files with DOC extension greater than 5 MB
*.*>10mb = More than 10 MB within the organization indicates all large file types.
d)Allowed Sndr/Rcpt Lists
We can add the lists we defined under Allowed Sndr/Rcpt Lists in the Filter Lists section to this section.
e)Filter Lists
<
With any filtering method that we can use under Scanjobs We can create related lists from this section. For example, creating an Allowed Sndr/Rcpt Lis. In the picture below, a list named contacts for which we have defined the sender and receiver addresses we allow..
3)OPERATE
Under the Operate section, there is a subtitle named Run Job.
a)Run Job
●IM Scan Job
We can disable the IM Scan job method by bypassing it. At the same time, we can make settings such as which filtering method will be used in IM Scan Job.. For example, we can determine whether Virus Scanning, File Filtering, Content Filtering, Keyword Filtering can be done with IM Scan job.
4)REPORT
Under the reporting section, Notification, There are 3 subtitles, Incidents and Quarantina.
a)Notification
In this section, we can ensure that the necessary information about the harmful content is sent to the person or persons we have determined by e-mail.
b)Incidents
Which virus can be detected by IM Scan Job method We can view all the information such as the total number of scans, which antivirus engine has caught harmful content, and who Forefront sent an e-mail to, from this interface. Again, with all the actions we have accessed from this menu, We can export the relevant reports.
c)Quarantina
We can access information such as the name of the quarantined harmful content, between which users it was caught, the name of the plugin. We can export.
Yes, friends, we have come to the end of another article. As you can see, Forefront It brings many innovations to our companies in security in every sense. We can ensure our security more stable with the related products from the Forefront Server Security family, which are compatible with the different server roles we use. See you in another article about Forefront..
Goodbye…
Source:
http://www.microsoft.com/forefront/serversecurity/ocs/default.mspx