Microsoft delivers Forefront for SharePoint 2010

Microsoft has launched Forefront Protection 2010 for SharePoint, updating the security suite to meet next week's scheduled release of SharePoint 2010.

The latest addition to the Forefront family of security products, which provide anti-malware protection for a range of Microsoft software, was made available on Tuesday.

"This release provides protection for Microsoft Office SharePoint Server (Moss) 2010 and Moss 2007, as well as Windows SharePoint Services 3.0 SP1 and Microsoft SharePoint Foundation 2010," said Brita Jenquin, senior product manager for Forefront, announcing the release in a blog post.

Architecturally, there are few changes from the last version, Forefront Protection 2007 for SharePoint, Microsoft said. However, the software giant has reduced by three the number of malware engines in the latest version, eliminating engines from CA, Sophos and Ahn Lab. It has still retained five engines — Authentium, Kaspersky Lab, Norman and VirusBuster, as well as using its own engine. At the time of writing, Microsoft could offer no comment on why the three engines had been discontinued.

The other changes reflect product amendments in SharePoint 2010, such as support for PowerShell and Hyper-V and a new user interface.

"This is about keeping in step with SharePoint 2010," said Michael Newberry, Forefront security product manager, speaking to ZDNet UK on Wednesday. "The architecture of Forefront is essentially the same as for the previous product."

Newberry said that Forefront would continue to offer multiple malware engines in case one failed to pick up malware. "You have the flexibility," he said. "If new malware comes out, maybe vendor one doesn't detect it. Straight away, you've got defence-in-depth there."

Microsoft has faced a bumpy ride with both its Forefront security suite and its SharePoint content management software.

Last week, a security firm called High-Tech Bridge found a serious cross-site scripting flaw in SharePoint 2007 that it said could be exploited to gain user rights on sites built using the product. Microsoft said it would release a patch as soon as it had developed one of sufficient quality for widespread distribution. It also offered a workaround.

Microsoft has already made many technology and branding amendments to the Forefront portfolio. The latest was in April, when the software giant said it would not release Forefront Protection Manager (FPM) — the software that manages the security of Exchange Server and SharePoint Server. The functionality will now be built into System Center Configuration Manager, Microsoft said.

"Instead of having one system for security management and a second system for operations management, the management is being combined into one place. We are merging the stand-alone security management tools (FPM) into the systems management tools (System Center) so an administrator can manage and secure their system from one place," Newberry told ZDNet UK.

"So, for example, the management of endpoint security will be done by System Center Configuration Manager (SCCM) when Forefront Endpoint Protection is released later this calendar year. SCCM will perform the job that FPM was going to perform, as well as doing much more," said Newberry.

Newberry provided no further details of the product replacements for Forefront Protection Manager. Microsoft has promised more details in due course.

One product closely allied to Forefront that was made available on Wednesday is Active Directory for Federated Services 2.0. ADFS 2.0 is a free download for Windows Server 2008 and 2008 R2 that enables businesses to extend identities applied within their business to cloud services. Further details were given in a Microsoft blog post on Wednesday.