Microsoft Forefront Security for Exchange Server integrates multiple scan engines from industry-leading security firms into a comprehensive, layered solution, helping businesses protect their Microsoft Exchange Server messaging environments from viruses, worms, spam, and inappropriate content. In this post i documented the installation of Microsoft Forefront Security for Exchange 2007 in the form of a tutorial.
To install Forefront Security for Exchange Server on a local server (Edge Server in this illustration)
1. Run the Setup.exe file, which is available on your CD image or from the self-extracting package available at the Microsoft Volume Licensing Download Center or from the Trial Download Center (checks links below..)
2. The initial setup screen is Welcome. Click Next to continue.
3. Read the license at the License Agreement screen and click Yes to accept it.
4. On the Customer Information screen, enter User Name and Company Name, if needed.
5. On the Installation Location screen, select Local Installation.
6. On the Installation Type screen, select Full Installation.
7. Setup checks to see if you have the correct version of the Windows Update Agent. If you do not have the correct version, at the end of the installation you are directed to the Microsoft Update Web site to do the opt-in manually. If you do have the correct version, Setup then checks if Microsoft Update is enabled. If it is not, the Use Microsoft Update dialog box appears, permitting you to enable it.
8. On the Quarantine Security Settings screen, select the desired setting.
* Secure Mode causes all messages and attachments delivered from Quarantine to be re-scanned for viruses and filter matches. This is the default.
* Compatibility Mode enables messages and attachments to be delivered from Quarantine without being scanned for filter matches. (Messages and attachments are always scanned for viruses.) Forefront Security for Exchange Server identifies these messages by placing special tag text in the subject line of all messages that are delivered from Quarantine.
9. On the Engine Updates Required screen, read the warning about engine updates.
10. If you use a proxy server for scanner updates, select Use Proxy Settings and enter the proxy name or IP address and its port on the Proxy Information screen. This ensures that your proxy server is correctly configured from the start. If you are doing a fresh install, you may enter the proxy information. If this is an upgrade, and proxy data is available in the registry, this screen does not appear and the existing data is preserved. Any changes to existing proxy information can be made in General Options.
If a username and password are required for the proxy server, they must be entered through General Options once FSE has been installed. This must be done immediately, otherwise engine updates will fail.
11. If the server you are installing to is an edge server you may be asked if you want FSE to enable Anti-Spam Updates. If you’ve never made any change to the Anti-Spam Updates setting on the Exchange Management Console (that is, the setting is in its default state), you are offered this choice. If you have made a change to that setting, you will not see it. If you do not enable Anti-Spam Updates during FSE installation, you can turn them on by clicking Enable Anti-spam Updates in the Action section of the Exchange Management Console.
If you enable Anti-Spam Updates during the installation and subsequently uninstall FSE, they will be disabled.
12. On the Choose Destination Location screen, either accept the default destination folder for the product, or click Browse to select a different one.
Default: Program Files(x86)\Microsoft Forefront Security\Exchange Server
13. On the Select Program Folder screen, choose a program folder for Forefront. At this point, Setup checks for running services.
Default program folder: Microsoft Forefront Server Security\Exchange Server
14. On the Start Copying Files screen, review the data presented to you. If any changes have to be made, use the Back button to navigate to the screen to be changed. Otherwise, click Next to begin the installation. A progress bar indicates that the files are being copied.
15. After installation is complete, you can start or restart the Exchange Transport Service, depending on whether it was stopped or running when the installation began. For a clean install, the service was probably still running and needs to be recycled. If you are reinstalling the product, the service had to be stopped before FSE could be uninstalled. If the service was running, the Restart Exchange Transport Service screen appears; if the service was stopped, the Start Exchange Transport Service screen appears. In either case, you can start the Transport service automatically so that Forefront Security for Exchange Server can become active. Click Next to have Setup perform this step or click Skip to manually perform this step at a later time. Until the service has been started or restarted, FSE cannot scan mail being sent or received.
16. Depending on whether the Exchange Transport Service is being started or restarted (that is, you clicked Next on the prior screen), the Starting Exchange Transport Service screen or the Recycling Exchange Transport Service screen appears. Wait until the status changes to All services started, before clicking Next to continue.
17. If the Information Store Service was stopped when the install began, the Start Exchange Information Store screen appears. You can start the Information Store service automatically so that Forefront Security for Exchange Server can become active. Click Next to have Setup perform this step or click Skip to manually perform this step at a later time. Until the service has been started, FSE cannot scan mail on the Store. If the Information Store was running when the installation began, this screen does not appear.
18. If the Information Store Service is being started (that is, you clicked Next on the prior screen), the Starting Exchange Services screen appears. Wait until the status changes to All services started, before clicking Next to continue.
19. On the InstallShield Wizard Complete screen, you are advised to view the Readme file (recommended). If you opted to use Microsoft Update and you do not have the correct version of the Windows Update Agent, you are directed to a site to obtain it. Click Finish to complete the installation.
you’re done, installation is complete!
Antivirus scanning on Edge Transport or Hub Transport servers is done by a Forefront AV Agent that is an E12 Transport agent registered with the Edge Transport.exe and loaded by that process.
Antivirus scanning on the Mailbox server for Realtime and Background processing is done by an E12 compatible Forefront VSAPI.dll that is loaded by the Exchange Store.
The actual antivirus scanning of messages is performed by separate Forefront Realtime and Transport processes that provide message scanning isolation from the Exchange Transport and Store processes.
Information about the Forefront Server Technology Adoption Program (TAP) can be found by logging into http://connect.microsoft.com and selecting the Forefront TAP.