Preparing to install Client Security

Applies To: Forefront Client Security

This topic provides an overview about how to prepare for installing Microsoft® Forefront™ Client Security. For detailed instructions, see the following topics:

Before installing Client Security or deploying Client Security to your client computers, make sure you have done the following.

Computer Task Steps

All servers

Verify your hardware and software requirements.

For more information, see Verifying your system requirements.

All computers

Prepare your network for installation.

If firewalls exist between your Client Security servers, network ports must be opened. In some cases, firewalls must be disabled.

In addition, the distribution server uses port 80 (for HTTP) or port 443 (for HTTPS) to download definition updates from Microsoft Update.

For more information, see Preparing your network for installation.

Create the installation account and service accounts.

You must be a domain user with local administrator privileges on all servers to install Client Security and verify that the installation is successful.

During setup, you must provide information about four service accounts. It is recommended that you reuse the same account for each of these. All service accounts must be domain user accounts.

In addition, you must make the action account a local administrator on the collection server.

After installing Client Security, you must grant additional permissions to the service accounts.

For more information, see Creating installation and service accounts.

Record your computer and account information.

During installation, you need to provide or define the following information: server names, installation accounts, service accounts, instance names for Microsoft SQL Server™, report URLs, and the management group name. It can be helpful to write down this information before starting installation.

For more information, see Recording your computer and account information.

Important   If you are installing multiple Client Security deployments, you must use unique computer names for each collection database server and reporting database server, as well as unique Management group names. Unique names allow you to use the Client Security Enterprise Manager tool to aggregate reporting and to manage your Client Security environment from a single Client Security console.