Forefront client Security : Part 1

today one of my customers asked me what is the best antivirus for business? there is a thousand type out there and all look a like ,and no one can effort mistake, there is home based antiviruses out there claiming to be able to be used in business but actually the vendors that can be used in business does not exceed 5 or 6 vendors ,Google/Bing search will not get you the result you need any more every website claim to be antivirus X is the best ,

its all about business now ,the impact on users computers and the options that the antivirus delivers .

I believe that FCS is the best antivirus out there for business its very light and working quietly without user interruption and maybe that what caused some people to dismiss it , because its so good in what it does (its gift became its curse )

so I will try to demonstrated some of the features of this product

we will do do the following in that order for it to be installed

dotnet 1.1 with SP1
Install .NET Framework 3.0.
IIS (all of it -not for FCS but for SQL )
Install SQL Server 2005 with SP2. (Database Services, Reporting Services, Integration Services, and Workstation components. make SQL agent start automatically)
Install GPMC with SP1.
Install, configure, and synchronize Windows Server Update Services (WSUS) with SP1.
Add the Client Security server site (server name ) to the Local intranet zone in Windows Internet Explorer. (Very important )
Verify and record the reporting server URL.
Install Client Security.
Install Client Security SP1. (very important )

note if you are using any image technology (like ghost or MS MDT server ) The master computer must not communicate with Client Security servers after the Client Security client components have been installed.

FCS with MOM 2005 Database Guidance (a must read )

http://blogs.technet.com/b/fcsnerds/archive/2008/09/25/fcs-with-mom-2005-database-guidance.aspx

I will be installing single server topology it can hold up to 2Kor 3K by Microsoft recommendations (but I tested it with 10K and worked ok )

installing dot net 1.1 Sp1

next step dotnet 3 and IIS

SQL 2005

then we start installing SQL 2005

ignore this warning

don’t forget to select sql agent for the startup , I am using local system for sql service which is ok in normal security environment but if your FCS in the middle of your entire network I recommend to use Domain account and register it SPNs

do not let SQL installation configure the report server

and install

now we apply SP2 or 3

and we done Smile

SQL reporting server

next we start configuring SQL reporting server

just click new and accept the defaults

in the we service identity you must change the pool to classic .net

now in the database connection

type the server name and press connect

then press new and accept the defaults

press apply

that’s it Smile

local intranet zone and test the report server

next step to add the server name to the local intranet zone and test the report server

now try : http://servername/reports

and: http://servername/reportserver

you should get results like below

GPMC

next we install GPMC from add features

WSUS

next Stop WSUS

we use the local SQL don’t install internal database this will cause unnecessary load on the server

next the server setting – note that I did not use the defaults

accept the defaults until you reach

press start connecting (note this process takes a bit of time )

select the language

next we select the products (now with every product you select confider it additional 5Min of sync time so select carefully )

next I select all classifications but drivers

and finish Smile

that’s for Wsus for now we will be back to it in configuration section

ignore the warning we will apply the service pack later on

select all but distribution server its only function to force WSUS to sync every hour

next use DAS Account (domain account with admin privilege on the FCS server )

now this this tricky Microsoft does not support auto growth so you have to size your database correctly (review FCSnerds blog link in the start of this post)