Top 5 Reasons to move to Forefront Endpoint Protection 2010
Publish Date: 02/18/2011
Whether your company is using non-Microsoft anti-malware software or Forefront Client Security (FCS), there are some compelling reasons to move to Forefront Endpoint Protection (FEP) 2010. FEP was made generally available to the public on 1/1/2011. Links below go to videos or screencasts for the topic.
Convergence of Management and Security
All of the administrative functionality of FEP runs on top of System Center Configuration Manager (SCCM) 2007 R2 or R3. By combining the place where you typically manage all of your desktop machines (SCCM) with the security software, this enables a number of potential benefits:
- Save $ on hardware costs – If you are currently utilizing another software company for your anti-malware software and you are using SCCM, then you could save costs by eliminating the server(s) required to run your other anti-malware software since FEP runs on top of the existing SCCM server infrastructure.
- More efficient separation of roles – Instead of having multiple consoles (and often different roles who have access to these consoles) when a security incident breaks out, a single role can identify at-risk machines and take action to patch systems, block outbreaks, and initiate clean-up efforts using a single infrastructure.
Easy and Effective Policy Management – Deploying FEP policies is made easy through the familiar wizards built-in to SCCM to push out to clients. Furthermore, if you choose not to use SCCM to manage FEP – you can use group policy to push policies to your clients.
- Centralized Reporting and visibility – Configuration Manager provides a single interface for managing and securing endpoints, reducing complexity, and improving troubleshooting and reporting insights.
New Innovative Protection Technologies
There are a number of new innovative technologies built in to the FEP client to give excellent protection to your clients. Some of the interesting and innovative protection technologies are:
- Network Inspection System (NIS) – prevents attacks on every client based on the core Microsoft vulnerability exploit disclosed and not only on the signature for a specific piece of malware. This is an excellent technology to prevent against any zero-day exploits in your environment. NIS is also known as network vulnerability shielding.
- Behavior Monitoring and Dynamic Signature Service (DSS) – uses the power of the cloud to deliver real-time threat signature updates to the client when it detects something suspicious, whether code or behavior.
- Diagnostic Scan – the on-demand “Quick Scan” in FEP 2010 has built-in intelligence to adjust the depth of the scan based on the threat posture and context of the system being scanned. This provides the ability to scan much more aggressively when needed – for example on systems with a tampered kernel. Healthy systems experience a faster, lower-impact scan.
- Dynamic Translation - Translates code that accesses real resources (unsafe) into code that accesses virtualized resources (safe). Although this functionality is also in FCS, it's a great technology included in FEP 2010 some people still don't know about.
- Easy to deploy
By utilizing the proven deployment technology found in SCCM, FEP is able to be easily deployed in your company even if you have existing non-Microsoft anti-malware software installed.
- Automated Migration or upgrade with no down time – Deployment packages for FEP in SCCM will easily install new or replace existing anti-malware software while keeping the machines protected throughout the entire transition. We support automatic replacement for most major non-Microsoft anti-malware software from companies such as McAfee, Trend Micro, and Symantec.
- Proven large scale deployment – FEP 2010 has been successfully deployed to 100,000+ machines at Microsoft and some benefits seen were faster response to infections and a decreased AM policy deployment SLA.
Go to this website for more information, whitepaper, and webcast.
- Competitive and Trustworthy
FEP is a strong competitor in the industry, proven by 3rd party independent anti-malware testing companies. FEP is also trustworthy from a proven track record with MSE and world-wide support from the MMPC.
- Large existing client base – FEP has the same underlying anti-malware engine and signature database as Microsoft Security Essentials (MSE), which is installed on over 40 Million machines.
- Highly Ranked protection engine – (MSE v1 AM version 2.0) received the December 2010 VB100 award, was rated Advanced+ for proactive testing November 2010 by av-comparatives.org, and consistently has the lowest of any vendor for false positives according to av-comparatives.org’s tests.
- Excellent Malware support – from Microsoft Malware Protection Center (MMPC) provides world class antimalware research and response capabilities that support Microsoft's range of security products and services. With laboratories in multiple locations around the globe the MMPC is able to respond quickly and effectively to new malicious and potentially unwanted software threats wherever and whenever they arise.
- Efficient Client Protection
FEP has a proven user interface from the experience with MSE, a lightweight client install, and a high-performance minimal impact on the client machine.
- Familiar user interface – The FEP interface looks nearly identical to the MSE product which many users have praised and become accustomed to.
- Small footprint – After the client is installed on a x64 machine, it only takes up ~11 MB of disk space.
- Low performance impact – MSE was ranked in the highest category of “Advanced+” for performance by av-comparatives.org in December 2010.