Reports

  • Article

 

Applies to: Forefront Server Security Management Console

The Forefront Server Security Management Console (FSSMC) can collect information from all of the managed servers and generate reports on a variety of Forefront Security-related topics. The main report categories are:

  • Detection Reports
  • SMTP Traffic Reports
  • Engine Versions Reports
  • New Servers Report

The FSSMC regularly polls all managed servers to collect data about scanner activity, engine versions, and SMTP traffic. The polling interval is set in the Global Configuration work pane. For more information, see Configuring Global Configuration Settings in the Getting Started chapter.

Reports are grouped by the type of server (Exchange Server 2003 or Exchange Server 2007). The categories are initially shown collapsed. To expand a category, click the associated Show All; to collapse the category again, click Hide All.

Detection Reports

Detection reports are used to collect and present data about the number of viruses, filter matches, and spam incidents detected during a certain period on selected or multiple servers running Forefront Security. For more information, see Configuring and Running Reports.

The reports include:

  • Virus Detection Report
  • Virus Detection Summary
  • Virus Action Report
  • Virus Action Summary
  • Top n Viruses Found
  • Spam Detection Report
  • Spam Detection Summary
  • Spam Action Report
  • Spam Action Summary
  • Content Filter Report
  • Content Filter Summary
  • File Filter Report
  • File Filter Summary
  • Filter Action Report
  • Filter Action Summary
  • Filter Statistics

SMTP Traffic Reports

SMTP Traffic reports are used to collect and present data about the amount of activity on selected SMTP servers running Forefront Security. For more information, see Configuring and Running Reports.

The reports include:

  • SMTP Messages Processed
  • SMTP Messages Processed Summary
  • SMTP Bytes Processed
  • SMTP Bytes Processed Summary

Engine Versions Reports

Engine Versions reports are used to collect and present data about the antivirus engine versions on selected servers running Forefront Security. The Out-Of-Date Engine and Signature Versions Report lists only out out-of-date engines on each server. FSSMC compares your current engine versions with the latest versions on the Internet to determine which of your signatures are out of date. For more information, see Configuring and Running the Engine Versions Reports.

The reports include:

  • Out-Of-Date Engine and Signature Versions Report
  • Full Engine and Signature Versions Report

New Servers Report

The New Servers report shows you all the new servers added within a selected period. You can choose to see new Exchange servers, new SharePoint servers, or both. For more information, see Configuring and Running the New Servers Report.

Configuring and Running Reports

To run any of the reports (other than the Engine Versions Report or the New Servers Report), open the desired category by clicking its name in the Reports section of the Navigation Area. Then click the specific report that you would like the Forefront Server Security Management Console to generate.

Note

Before running reports manually, you should first open the Global Configuration work pane and click the Poll Now button to ensure that the FSSMC has the most recent data from the servers it manages.
The Virus Detection report will be configured in the following steps as an example. All reports are configured and run following the same basic steps, with the exception of the Engine Versions reports and the New Servers Report. For more information about running the Engine Versions reports, see Configuring and Running the Engine Versions Report. For more information about the New Servers Report, see New Servers Report.

To configure and run the selected report

  1. Click Detection Reports in the Reports section of the Navigation Area. The Detection Reports work pane appears, showing you a list of all available reports.

  2. Click Virus Detection Report in the reports list (for example). The Report Parameters work pane appears.

  3. Complete information on the Report Parameters work pane:

    Select Products

    Indicate the products to be included in the report. The choices are Forefront Security for Exchange Server and Forefront Security for SharePoint.

    Start Date and Time

    Indicate the starting point of the data collection.

    Time Interval

    Indicate the interval for the report: one hour, one day, one week, one month, and one year.

    Examples:

    • To collect information for the past week, enter a start date of one week ago, and select 1 Week as the interval.
    • To collect information for the month of January 2007, enter 1/1/2007 as the start date and 1 Month as the interval.

    Select Servers

    Indicate the servers and server groups to include in the report.

    Top n Viruses

    For the Top n Viruses report, there is also a field for you to enter the value of n. This is a number from 1 to 15.

  4. Click Next to generate the report, which is displayed in a separate window.

Note

If the type of report you chose does not apply to one or more of the servers or server groups because the product type installed on the server does not support it, you will see a note on the report itself saying "This report does not apply to the following servers" followed by a list of the servers whose data do not appear in the report.

Configuring and Running the Engine Versions Reports

Run the Full Engine and Signature Versions report to get a list of the engine and signature versions for each of your engines. Since it is critical to keep all your engines updated, you should run the Out-of-Date Engine and Signature Versions Report periodically to see which, if any, of your engines do not have the latest signatures.

To configure and run the Engine Versions reports

  1. Click Engine Versions in the Reports section of the Navigation Area. The Engine Reports work pane appears.

  2. Select Out-of-Date Engine and Signature Versions Report or Full Engine and Signature Versions Report. The Report Parameters work pane appears.

  3. Select the servers or server groups from which to collect version data.

  4. Click Next to generate the report in a separate window.

Note

Before running reports manually, you should first open the Global Configuration work pane and click Poll Now to ensure that the FSSMC has the most recent data. The poll now job takes a few minutes to run.

Configuring and Running the New Servers Report

Run the New Servers report to get a list of all the new servers added during a specified time period.

To configure and run the New Servers report

  1. Click New Servers in the Reports section of the Navigation Area. The Report Parameters work pane appears.

  2. Complete the information on the Report Parameters work pane:

    1. In Select Products, indicate the products to be included in the report. The choices are Forefront Security for Exchange Server and Forefront Security for SharePoint.
    2. Select the Time Interval. You can select a value between 1 (the default) and 30 days.

  3. Click Next to generate the report in a separate window.

Saving Reports

Reports generated by the FSSMC can be saved for later use. You have a choice of saving them as HTM or MHT files.

  • If you save a report as an HTM file, a subdirectory is created to store the image files used in the report. If you subsequently copy or move the report file to another location, the associated image directory will be copied or moved automatically.
  • If you save a report as an MHT file, an HTML archive file is created that includes all the image files used in the report. This simplifies sending reports, because they are completely self-contained in a single file.

To save a report

  1. Run the desired report.

  2. Choose Save As in the File menu of the report window.

  3. Enter a file name and location. (We recommend creating a new folder for each report.)

  4. Indicate the type of file to create: HTM (the default) or MHT (Web Archive).

  5. Click Save.