now in our previous post we installed forefront protection for exchange on four server (Forefront protection for exchange 2010 Installation and design Step by Step ) now we need from one location the ability to manage it and see reports from centralized location
The Microsoft Forefront Protection Server Management Console (FPSMC) 2010 provides multi-server management for Forefront Protection 2010 for Exchange Server (FPE 2010) and Forefront Protection 2010 for SharePoint (FPSP 2010). The management console delivers an easy to use graphical interface for server discovery, configuration deployment, reporting, quarantine management, engine and definition update deployment and integration with Forefront Online Protection for Exchange.
what is the system requirement for the FPSMC ?
- windows 2008 R2
- .NET Framework 3.5 SP1 or later framework
- Microsoft Chart Controls for .NET 3.5 SP1 (http://go.microsoft.com/fwlink/?LinkId=202816 )
- Internet Information Services (IIS) 7.0
- SQL Server 2008 or above is required for an Enterprise installation. Otherwise, FPSMC will automatically install SQL Server 2008 R2 Express.
- Network Ports needed
HTTP port. Enables communication between the web browser and FPSMC, as well as all HTTP communication from FPSMC to the internet.
Required for FPSMC agent deployment (unidirectional: FPSMC server to the managed computer)
The deployment agent listens on this port on a managed server to receive commands from the FPSMC agent (unidirectional: FPSMC server to the managed computer).
The push installer listens on this port on the managed servers (unidirectional: FPSMC server to the managed computer).
The NotificationService on the FPSMC server listens on this port to receive data (such as quarantine and stats) from the managed servers.
The following are the environmental considerations:
- FPSMC will not install on a server running any other Forefront product.
- FPSMC will not install on a server running any version of Microsoft Exchange Server or Microsoft SharePoint Server.
- FPSMC will not install on a domain controller.
- FPSMC must be installed on a domain-joined server.
- One installation instance of FPSMC can support up to 100 managed FPE and FPSP servers
now how to install it and manage the forefront protection with it ?
in my experience we need one server with SQL express we don’t need a lot of resources for it so I will be using the standalone installation
this is how it looks after the installation
now we add the servers and let the information flow in
go to new servers and add all the needed server
next we add the servers needed
next we deploy the agent
now we create our master configuration file in order to deploy it to the rest of our server
kindly note that the exchange HUB configuration is different than exchange Mailbox configuration
go to the node you want to export from and start forefront management shall
run the following command to export the configuration
Export-FseSettings -path c:\Export.xml
we copy this file to the FMC server and create a package
which section you want to import and deploy
next we we create a job to deploy our package
go to job
now lets run the created job
now this is the deployment result
the export was created on HUB so it can not be deployed on Mailbox (if you selected something general and the same in all forefront like general setting then it will apply to all but to force an entire policy the servers need to be the same )
so repeat the above steps for the mailbox servers