Enhancing SharePoint With Forefront AV Vendors Aggregation (MEM) and a Proper Update Policy

Corporate antivirus SharePoint protection is only as good as your AV vendor builds and how well you assimilate updates to their arbitrary AV scanning engines. For that reason, Forefront for SharePoint has built in mechanisms that will allow you to aggregate and incorporate AV vendors various scan engines into one cohesive unit protecting your SharePoint content repositories in a method that conforms to your enterprise antivirus policy. This is one of the most important features of Forefront for SharePoint, since you don’t have to buy sister software platforms, can use your current AV software platforms, and purchase additional AV software as your metrics determine out of the Forefront for SharePoint reporting modules.

Default Forefront for SharePoint Engines to Use With SharePoint

If you have other engines that you wish to implement with Forefront Security for SharePoint, all licensed engines can be assimilated into your Forefront Security for SharePoint framework using the scanner updates option. Forefront for SharePoint is somewhat indifferent to the engines you wish to implement, therefore arbitrary engine implementation is one of the greatest features that Forefront For SharePoint promotes.

Updating Arbitrary Forefront for SharePoint Scan Engines

The option of executing updates on assorted Forefront for SharePoint digested AV scan engines with miscellaneous vendors is a rather straightforward process, and is completed through the Settings menu in the FSSP client (the first pane when launching the FSSP client, see other article for options of working with the FSSP client application), which will allow you to attach to your appropriate server and show the handle and arbitrary updating agenda, depending on your current configuration. If you desire to update manually through this interface, that option is also available, using the update now feature which will allow you to trip an instantaneous update of your elected AV scanning engine. The relevant engines are updated by means of a component within Forefront for SharePoint called the Forefront for SharePoint Updater Server (AntEngUp), which will facilitate the updating processes for the relevant scan engines and pertinent AV signature files.

For each of the AV scanning engines within your SharePoint environment, simply select the server that you require to configure for updates. In the bottom portion, a slight details pane will populate presenting your:

  • Engine Version
  • Signature Version
  • Update Version
  • Last Checked
  • Last Updated

This should tell you all the relevant information regarding the current status of the arbitrary scanning instance, which should allow you to make intelligent decisions about your scanning engine update policy. To bring up to date a relevant AV scan engine on a schedule or for an update now option, there has to be a particular path for the Forefront for SharePoint service to seize the AV update file from, which can be from the FSSP FTP or HTTP site, or if you have a central SharePoint server that captures relevant updates to populate throughout your SharePoint environment (typically still through the Sybari FTP or HTTP site), you can enter that information into the update path. This is fairly normal, moreover recommended, since it means that only one of your front end web servers running SharePoint has to query outside of your network while the other remain unaffected.

Using a Proxy With Forefront for SharePoint

If you use a proxy within your network to gain external access, you can use the proxy setting dialog, invoked through the Use Proxy Server checkbox, which will allow you to specify the:

  • IP
  • Port
  • Username
  • Password 

settings of your proxy server so that you can successfully receive updates with your network arbitrary proxy configuration.

Using the Remaining Forefront for SharePoint Dialog Options

The rest of the options within this dialog are pretty straightforward to tailor an AV scanning engine Forefront for SharePoint update policy. You can use the data option to set the check for updates, the time for the update, the frequency of the update, the repeat option to select a schedule repetition of update checks, enabling updates for your arbitrary scan engine, and setting up multiple servers to assimilate updates. It is also best to choose the option to perform updates when the Forefront for SharePoint service starts, so that whenever your AV services begin they have the most relevant scan engines. Your SharePoint antivirus policy is only as good as your scan engines, having an antivirus solution in place without having a policy by which to update those engines doesn’t offer adequate protection for your SharePoint environment. However, the way that you schedule the updates should be based on your corporate Antivirus policy, so should be able to conform to your standards in an adaptive environment.

There will be a small lapse from what you initially get a new update within the Forefront for SharePoint framework while the new files are adapted to your environment. You current scan jobs will temporarily suspend themselves while they assimilate the newly gained data.