Microsoft Forefront Endpoint Protection 2010
The Convergence of Desktop Security and Management
Desktop management and security have traditionally existed as two separate disciplines. Yet both play a central role in keeping users safe and productive. Management ensures proper system configuration, deploys patches against vulnerabilities, and delivers necessary security updates. Security provides critical threat detection, outbreak response, and system remediation.
Forefront Endpoint Protection 2010 enables businesses to align security and management to improve endpoint protection while greatly reducing operational costs. It builds on System Center Configuration Manager 2007 R2 and R3, allowing customers to use their existing client management infrastructure to deploy and manage endpoint protection. This shared infrastructure helps reduce ownership costs while providing improved visibility and control over endpoint management and security.
Features
Forefront Endpoint Protection 2010 makes it easier to protect critical desktop, laptop, and server operating systems against viruses, spyware, rootkits, and other threats. Some of the key features in Forefront Endpoint Protection 2010 include:
 | Simplify |
Feature | Description |
 | |
| Single console | Forefront Endpoint Protection 2010 is built on System Center Configuration Manager 2007 R2 and R3. Configuration Manager provides a single interface for managing and securing endpoints, reducing complexity, and improving troubleshooting and reporting insights. |
| Central policy creation | Administrators have a central location for creating and applying all endpoint-related policies. |
| Improved visibility | With a shared view of endpoint protection and configuration, administrators can more easily identify and remediate vulnerable computers. |
| Automated Agent Replacement | Forefront Endpoint Protection 2010 automatically detects and removes the most common endpoint security agents, dramatically lowering the time and effort needed to deploy new protection. |
 | Integrate |
Feature | Description |
| |
| Single infrastructure | Forefront Endpoint Protection uses the Configuration Manager infrastructure for deploying and managing endpoint protection. It also eliminates the expense of purchasing and maintaining an independent security infrastructure. |
| Enterprise scalability | Using the Configuration Manager infrastructure, Forefront Endpoint Protection clients and policies can be efficiently deployed to hundreds of thousands of users. |
 | Protect |
Feature | Description |
| |
| Highly accurate detection | Forefront Endpoint Protection protects against the latest malware and rootkits with low false positives. |
| Behavior monitoring | Forefront Endpoint Protection detects system behavior and file reputation data to identify unknown threats. |
| Vulnerability Shielding | Forefront Endpoint Protection blocks exploitation of endpoint vulnerabilities with deep protocol analysis of network traffic. |
| Efficient scanning | Forefront Endpoint Protection keeps employees productive with low performance impact scanning. |
| Client firewall management | Forefront Endpoint Protection helps administrators centrally manage Windows Firewall protections across the enterprise. |
Simplify desktop protection and reduce operational costs
Endpoint Protection 2010
Microsoft Forefront Endpoint Protection 2010 helps businesses simplify and improve desktop security while greatly reducing infrastructure costs.
New Efficiencies: The Convergence of Desktop Security and Management
Desktop management and security have traditionally existed as two separate disciplines, yet both play central roles in keeping users safe and productive. Management ensures proper system configuration, deploys patches against vulnerabilities, and delivers necessary security updates. Security provides critical threat detection, incident response, and remediation of system infection.
Forefront Endpoint Protection 2010 introduces the ability to align these two work streams into a single infrastructure. Built on Microsoft System Center Configuration Manager 2007 R2 and R3, Forefront Endpoint Protection 2010 gives IT:
- Consolidated tools, processes, and infrastructure to create new efficiencies and lower desktop ownership costs.
- A unified view of configuration and security information that makes it easier to identify and remediate vulnerabilities.
Lowers Ownership Costs
With discrete infrastructures for management and security, companies must purchase and maintain separate hardware and software, create and manage two sets of policies, and take two sets of actions when a security incident occurs. Together, Forefront Endpoint Protection and Configuration Manager deliver significant operational efficiencies not available with traditional management and security silos by offering:
- A single server infrastructure to maintain.
- A single mechanism for deploying client software and updates.
- Central implementation of policy.
- A single solution for training administrators regardless of their role. With the Microsoft Enterprise Client Access License (ECAL), organizations can also purchase all the components they need to manage and secure desktops in one SKU, eliminating the need to buy single-purpose software.
Improves Protection
Most desktop vulnerabilities are a result of poor system configuration, yet security administrator s lack ready access to inventory, patch level, and other desktop-specific data.
Forefront Endpoint Protection 2010 and Configuration Manager give organizations industry leading threat-detection capabilities alongside the world’s most widely used tool for remediating desktop security vulnerabilities.
The combination of these technologies in a single infrastructure offers a unique, consolidated view into the health and protection status of user systems. IT can better identify at-risk machines and take action to patch systems, block outbreaks, and initiate clean-up efforts. These combined technologies also consolidate and simplify reporting on the complete desktop environment.
|
