Protecting SharePoint 2010 from Viruses Using Forefront Protection 2010 for SharePoint

2/27/2011 9:51:58 AM
Built in to SharePoint 2010 is a programming application programming interface (API) known as the Antivirus API. This API can be used by any third-party or Microsoft solution to scan all documents that are injected into SharePoint for viruses. Numerous capable third-party solutions on the market today take advantage of this API to protect SharePoint from viruses and threats. In addition to these third-party products, Microsoft has their own offering that provides for antivirus capabilities in SharePoint. This products is known as Forefront Protection for SharePoint (FPSP).

FPSP’s main distinguishing point from its competitors is that it runs as a multiengine antivirus application, allowing for all documents to be scanned by multiple independent antivirus engines from such companies as Kaspersky, VirusBuster, Athentium, and Norman. By scanning with multiple engines all from different competing companies, you have a much better chance of catching individual viruses, especially those “day 0” attack viruses that spread quickly upon initial release.

Although it is not a requirement to install FPSP, it is highly recommended to at least install a third-party antivirus tool. SharePoint 2010 does not have native antivirus capabilities, and client antivirus might not always be up-to-date or can be missing, especially in extranet scenarios.

Installing Forefront Protection for SharePoint

To install Forefront Protection 2010 for SharePoint, copy the installation binaries to a web role server in the farm. The binaries should be installed on all servers with the web role in that particular farm. Installation is quite straightforward, and consists of the following steps:

Start the Setup Wizard, and agree to the licensing terms when prompted. Click Next to continue.

Click Next when prompted to restart services.

Select the appropriate installation folders for program files and data, and then click Next to continue.

If using a proxy server, enter the proxy settings; otherwise, click Next to continue.

Enter the credentials of the SharePoint installation account, as shown in Figure 1. Note the required rights this account will need to have. Click Next to continue.

Figure 1. Installing Forefront Protection for SharePoint.

Select whether to use Microsoft Update (recommended), click Next to continue.

Select whether to join the Customer Experience Improvement Program, and then click Next to continue.

Review and confirm settings, and then click Next to begin the installation.

Wait for the Installation Wizard to finish, and then click the Finish button.

Repeat the installation process on all web role servers within the farm.

Using Forefront Protection 2010 for SharePoint 2010

Once installed, the FPSP console can be opened directly from the Start menu. When opening for the first time, you will be prompted to Activate, which is highly recommended as soon as possible. Note that you do have 120 days to activate, but after that time period, the software will no longer update the antivirus engines, and it will not clean additional viruses.

The Forefront Protection 2010 console, shown in Figure 2, is comprehensive and enables administrators to review quarantine, handle incidents, set up configuration notifications, and monitor the environment.

Figure 2. Viewing the Forefront Protection for SharePoint console.

Two key administrative tasks using Forefront Protection 2010 for SharePoint are key to understanding the product. The first is that the actual antivirus API settings are controlled from within SharePoint Central Admin itself, and those settings are grayed out in the FPSP console, as shown in Figure 3. If you think of FPSP as a bolt-on to the SharePoint Antivirus API, this makes more sense.

Figure 3. Viewing SharePoint Antivirus API settings from within the FPSP console.

The second concept to understand is how to modify the “Intelligent Engine Management” engine, or to be able to manually control which antivirus engines run on the individual server. By default, these settings are automatically controlled from the Advanced Options node under Policy Management – Global Settings, as shown in Figure 4. Modifying these settings enables administrators to be able to change which antivirus engines are running at any one time.

Figure 4. Modifying engine settings from within the FPSP console.

After installing FPSP, it is a good idea to familiarize yourself with the options and functionality that is immediately available in the console. Navigating the console and finding settings is straightforward, and Microsoft has a good help file included in the product. For more information about FPSP and the other Forefront products from Microsoft, refer to http://microsoft.com/forefront.

  •  Protecting SharePoint with Advanced Antivirus and Edge Security Solutions : Securing SharePoint Sites Using Forefront UAG
  •  Developing Applications for the Cloud on the Microsoft Windows Azure Platform : Accessing the Surveys Application - Geo-Location
  •  Developing Applications for the Cloud on the Microsoft Windows Azure Platform : DNS Names, Certificates, and SSL in the Surveys Application
  •  Securing SharePoint Sites with Forefront TMG 2010 (part 2) - Creating a SharePoint Publishing Rule Using Forefront TMG
  •  Securing SharePoint Sites with Forefront TMG 2010 (part 1) - Configuring the Alternate Access Mapping Setting for the External URL
  •  SharePoint 2010 : Outlining the Inherent Threat in SharePoint Web Traffic
  •  SharePoint 2010 : Outlining the Need for the Forefront Edge Line for SharePoint Environments
  •  Collaborating Within an Exchange Server Environment Using Microsoft Office SharePoint Server 2007 : Customizing and Developing MOSS Sites
  •  Collaborating Within an Exchange Server Environment Using Microsoft Office SharePoint Server 2007 : Exploring End-User Features in MOSS
  •  Collaborating Within an Exchange Server Environment Using Microsoft Office SharePoint Server 2007 : Exploring Basic MOSS Features
  •  Collaborating Within an Exchange Server Environment Using Microsoft Office SharePoint Server 2007 : Understanding the History of SharePoint Technologies
  •  Business Intelligence in SharePoint 2010 with PerformancePoint Services : PerformancePoint Services Overview
  •  SharePoint 2010 : Upgrading an Existing Extranet Solution from SharePoint 2007
  •  Exchange Server 2010 : SIP Protocol
  •  Exchange Server 2010 : Unified Messaging Shell Commands
  •  Exchange Server 2010 : Monitoring and Troubleshooting Unified Messaging
  •  Microsoft Content Management Server Development : Managing Channels and Postings with the PAPI - Moving Postings
  •  Microsoft Content Management Server Development : Managing Channels and Postings with the PAPI - Copying Postings
  •  Hosting a Multi-Tenant Application on Windows Azure : Selecting a Single-Tenant or Multi-Tenant Architecture
  •  SharePoint 2010 :Implementing a Partner Extranet Solution (part 2) - Configuring Authentication Providers
    Top 10
    Nikon 1 J2 With Stylish Design And Dependable Image And Video Quality
    Canon Powershot D20 - Super-Durable Waterproof Camera
    Fujifilm Finepix F800EXR – Another Excellent EXR
    Sony NEX-6 – The Best Compact Camera
    Teufel Cubycon 2 – An Excellent All-In-One For Films
    Dell S2740L - A Beautifully Crafted 27-inch IPS Monitor
    Philips 55PFL6007T With Fantastic Picture Quality
    Philips Gioco 278G4 – An Excellent 27-inch Screen
    Sony VPL-HW50ES – Sony’s Best Home Cinema Projector
    Windows Vista : Installing and Running Applications - Launching Applications
    Most View
    Bamboo Splash - Powerful Specs And Friendly Interface
    Powered By Windows (Part 2) - Toshiba Satellite U840 Series, Philips E248C3 MODA Lightframe Monitor & HP Envy Spectre 14
    MSI X79A-GD65 8D - Power without the Cost
    Canon EOS M With Wonderful Touchscreen Interface (Part 1)
    Windows Server 2003 : Building an Active Directory Structure (part 1) - The First Domain
    Personalize Your iPhone Case
    Speed ​​up browsing with a faster DNS
    Using and Configuring Public Folder Sharing
    Extending the Real-Time Communications Functionality of Exchange Server 2007 : Installing OCS 2007 (part 1)
    Google, privacy & you (Part 1)
    iPhone Application Development : Making Multivalue Choices with Pickers - Understanding Pickers
    Microsoft Surface With Windows RT - Truly A Unique Tablet
    Network Configuration & Troubleshooting (Part 1)
    Panasonic Lumix GH3 – The Fastest Touchscreen-Camera (Part 2)
    Programming Microsoft SQL Server 2005 : FOR XML Commands (part 3) - OPENXML Enhancements in SQL Server 2005
    Exchange Server 2010 : Track Exchange Performance (part 2) - Test the Performance Limitations in a Lab
    Extra Network Hardware Round-Up (Part 2) - NAS Drives, Media Center Extenders & Games Consoles
    Windows Server 2003 : Planning a Host Name Resolution Strategy - Understanding Name Resolution Requirements
    Google’s Data Liberation Front (Part 2)
    Datacolor SpyderLensCal (Part 1)