Category Archives: Security

Forefront Security for Exchange SP2 RU2

Posted on by
Reply

For people running ForeFront Security for Exchange SP2, Rollup 2 was released.

The related knowledgebase article kb2270641 mentions the following additional fixes:

  1. The FSCTransportScanner.exe process in Forefront Server Security for Exchange may stop responding, and this generates a Dr. Watson crash that references Bucket ID 1211603866
  2. The FSECCRService.exe process in Forefront Server Security for Exchange may stop responding, and this generates a Dr. Watson crash that references Bucket ID 1076269539
  3. Forefront Server Security for Exchange fails to write a crypto checkpoint in the RSA\Machine Keys folder
  4. The FSCController.exe process in Forefront Server Security for Exchange may stop responding, and this generates a Dr. Watson crash that references Bucket ID 1229588505
  5. The Forefront Security for Exchange GetEngineFile process crashes and Forefront is unable to perform a scan engine update
  6. Kaspersky scan engine in Forefront Security for Exchange does not update on a CCR cluster
  7. Forefront Security for Exchange does not install on Windows Server 2008 R2
  8. Forefront Security for Exchange now supports the Kaspersky 8 engine

For more details, consult the KB article. You can download FSE SP2 RU2 after submitting a hotfix request here.

Forefront Server Protection Script Kit

Posted on by
Reply

Microsoft released version 1.0 of the Forefront Protection Server Script Kit (FPSSK). This kit, existing of several Powershell scripts, is to support you in managing multiple servers with Forefront Protection 2010 for Exchange Server (or Forefront Protection 2010 for SharePoint).

The script kit enables you to capture the names of all computers running Forefront Protection 2010 in a an Active Directory domain, capture Forefront Protection 2010 configuration settings from specified computers, deploy those settings to specified computers, compare captured settings to those on specified running computers, and run basic computer status reports.

Sounds a good solution for small environments or when budget is tight. It is no replacement for the  Forefront Server Security Management Console product.

You can download the kit here.

Publishing Exchange 2010 with UAG & TMG

Posted on by
Reply

Today Microsoft released a white paper by Greg Taylor (Sr. Program Manager, Exchange Server Customer Experience Team) on publishing Exchange Server 2010 with Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010.  This white paper contains information and guidance on publishing Exchange Server 2010 using Forefront UAG and  Forefront TMG. This includes information on how to choose between UAG and TMG for different scenarios as well as steps on how to configure thos products in order to publish Exchange 2010.

You can download the white paper here.

Microsoft Forefront Protection 2010 for Exchange Rollup 1

Posted on by
1

Microsoft released Hotfix Rollup 1 for Forefront Protection 2010 for Exchange Server (KB2181692).

Here’s the list of fixes included in this rollup:

  1. There is a handle leak in FSCController when SQM is uploading data in Microsoft Forefront Protection for Exchange
  2. A Forefront Protection for Exchange scan engine update fails and generates Application Log errors
  3. Forefront Protection for Exchange replacing legitimate attachments with text files and quarantining legitimate mail
  4. Proxy credentials and UNC path settings for Forefront Protection for Exchange do not replicate to passive node during cluster failover
  5. Forefront Protection for Exchange is blocking all incoming mail
  6. A system state backup fails while attempting to perform anything other than a full backup on a server running Forefront Protection for Exchange
  7. Forefront Protection for Exchange filters email with attached .MSG files that contain a subject line ending with a file extension
  8. The Forefront Protection for Exchange client crashes when adding an IP address, or range, to either the IP Allow/Block List
  9. Forefront Protection for Exchange sends legitimate email to Exchange’s UNDELIVERABLE folder
  10. Store slows down and RPC request queue length rises when Forefront Protection for Exchange is running on Windows 2003 64-bit server
  11. FSCUtility fails if run on a non clustered server that the cluster service is installed but disabled on
  12. FPE detecting valid .xls or.csv file as Exceedingly nested
  13. Forefront Protection for Exchange does not send External Sender notifications
  14. The FSCManualScanner.exe process in Forefront Protection for Exchange terminates unexpectedly
  15. The FSECCRService.exe process in Forefront Protection for Exchange may stop responding generating a Dr. Watson crash that references Bucket ID 107626953990176: Customer experiences OOXML performance issues when scanning
  16. Customer experiences OOXML performance issues when scanning
  17. Dr. Watson reports a null reference exception in Microsoft.FSS.AntiSpam.dll (from Forefront Protection for Exchange); Bucket ID [838554094]
  18. Spam Reports may take an excessive amount of time to retrieve in Forefront Protection for Exchange
  19. A scan job in Forefront Protection for Exchange will not restart after hitting the MaxDisableWait time timeout threshold
  20. Forefront Protection for Exchange allows mail to go through unscanned if the MaxDisbaledWait time threshold is exceeded
  21. Forefront Protection for Exchange generates more Realtime Scan Timeout notifications than expected
  22. Sluggish or stopped mail flow resulting from the FSCTransportScanner process, within Forefront Protection for Exchange, crashing while scanning files with embedded object links.
  23. Forefront Protection for Exchange does not have a Skip/Detect action option for the MaxContainerScanTime action menu

For more details on the fixes consult the related knowledge base article (2181692). You can download the Forefront Protection 2010 for Exchange Server Hotfix Rollup 1 here.

Forefront Threat Management Gateway SP1

Posted on by
Reply

Microsoft released Service Pack 1 for Forefront Threat Management Gateway 2010.

Here’s the list of changes included in this service pack :

New Reports
• The new User Activity report displays the sites and site categories accessed by any user.
• All Forefront TMG reports have a new look and feel.

Enhancements to URL Filtering
• You can now allow users to override the access restriction on sites blocked by URL filtering. This allows for a more flexible web access policy, in that users can decide for themselves whether to access a blocked site. This is especially useful for websites that have been incorrectly categorized.
• You can now override the categorization of a URL on the enterprise level; the override is then effective for each enterprise-joined array.
• Denial notification pages can now be customized for your organization’s needs.

Enhanced Branch Office Support
• Collocation of Forefront TMG and a domain controller on the same server, which can help reduce the total cost of ownership at branch offices.
• When installed on a computer running Windows Server 2008 R2, SP1 simplifies the deployment of BranchCache at the branch office, using Forefront TMG as the Hosted Cache server.

Support for publishing SharePoint 2010
• Forefront TMG SP1 supports secure publishing of SharePoint 2010.

You can download Forefront TMG 2010 SP1 here.