I wanted to try Forefront Client Security (FSC), Microsoft's new desktop antivirus software for the enterprise, already for quite some time. Today, I thought I could just have a quick look at it even though I am still busy exploring Windows Server 2008.
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
Well, I realized quickly that it isn't really possible. Whenever MS comes out with a new product it is not a big deal to test it, because the first version is usually a rather simple tool. This doesn't seem to be the case with FSC.
Actually, after reading about the requirements I had to give up my original plan to install it in a test environment now. If you want to try all its components, you have to install several other Microsoft products first: .NET Framework 2.0, Group Policy Management Console (GPMC) with SP1, Microsoft Management Console (MMC) 3.0, SQL Server 2005 with SP1 (including Database Services, Integration Services, Reporting Services, and Workstation components), Internet Information Services (IIS) 6.0 and ASP.NET, and Windows Server Update Services (WSUS) 2.0 with SP1.
Usually, it is not too difficult to install these programs. However, it takes quite some time until you got them all working. Unfortunately, neither the setup procedure nor the documentation provides the links where you can download them. This reminds me on my post about Server Manager of Windows Server 2008.
I wonder if Microsoft will use it in the future to simplify the installation of all its server products and not just for the Windows components. If you ever worked with YaST in SuSE Linux, you know how convenient it is to just select the software you want to install and let YaST collect all other components for you. It seems as if Microsoft was left behind by Linux in respect to ease-of-use of backend installations.
Beside the fact that you have to invest a lot of time to install all the requirements, FSC seems to be a rather complex product. At least this was my impression when I skimmed over its documentation. FSC itself consists of five different components: Management Server, Collection Server, Collection Database, Reporting Server and Reporting Database, and Distribution Server.
You can install them all on just one physical server, or use multiple machines for performance reasons. The documentation lists four different topologies with one, two, three or four servers. Unfortunately, I didn't find any detailed description of the different components. So you can only guess their purpose from their names.
Subscribe to 4sysops newsletter!
Obviously, Microsoft is also targeting big enterprises with FSC. To my knowledge this is a novelty for a new server product from Redmond. Since there seems to be no easy and fast way to try FSC, I am not sure if it makes sense to invest more time in this. I blogged some time ago that Forefront's scan engine which is responsible for detecting malware is probably not yet reliable enough to compete with other major antivirus software vendors. Perhaps it would have been better if MS invested more in building an infrastructure to collect and analyze malware instead of focusing on the management components of FSC. If this were just a product of an unknown software vendor, I probably would forget about FSC by now. Okay, this was just my first impression, I am sure there will be a second one sooner or later.