Microsoft Forefront [EOL] Reviews

• Web proxy services along with the integrated firewall
• VPN
• Intrusion prevention
• Malware inspection
• URL filtering

The simplicity of managing the product compared to its competitors, like BIG-IP F5 and Citrix NetScaler.

The ease of deploying mobile functionality through the web proxy has significantly improved and encouraged the use of mobile workspaces.

Impossible to give one value because so many things have an effect on the product selection:

1. Price
2. Server platform
3. Amount of built-in integrations (implementation work amount)
4. Requirements for coded integrations (implementation work amount)
5. Implementation work and time
6. Use cases specialties
7. Role management for users
8. Service agreements for vendors/sub-vendors
9. Deprovisioning use cases for selected entities
10. (Real-)time requirements for provisioning events

1. Price / licensing model
2. Implementation speed and work amount for first phase
3. Solid and stable provisioning engine
4. Possibility to code “any” feature requirement.

Having experienced the frustrations of poorly designed/executed interfaces first-hand, one of the most valuable features for me is the graceful, responsive, and compatible web-UI. It works well across all browsers that I’ve tried, and even on mobile browsers. The snort engine, which is the muscle behind the Sourcefire IPS technology, has always been a joy for me to work with. I have almost 10 years of experience with snort and the power, customization, and ease-of-use has yet to be replicated. Lastly, I find great value in the context-sharing behavior across technologies with Sourcefire. Each active technology on the sensor enjoys access to the context of the others, and this has the great benefit of increasing accuracy and efficacy of automated response functions.

The network host/user/application visibility gained by leveraging FireSIGHT have produced collateral benefits that are time/money saving. The helpdesk uses this information often to troubleshoot issues rather than having to set up and configure WireShark or configuring an access-list to log specific traffic. The system gleans so much information from network traffic that it can simultaneously act as an organization’s SIEM and IPAM while performing role its purposed role of comprehensive threat defense.

The way that it automated the provisioning of accounts for employees and students and the quick response time.

One of the biggest pain points was that username changes were not automated and caused problems. Now username changes are just so easy.

To be honest - it hasn't. It was sold and installed for us at a large sum, with questionable implementations. Personally, I could have done something almost as effective with PowerShell scripts.

I've used it for six months.

• Synchronization
• End user functionality
• Portal
• Service
• Self service password reset
• Password management
• Password sync
• Group management via Outlook
• Reporting

It has automated the entire user and group management process, thus reducing manual work and help desk cost to a great extent.

Many of our customers use Forefront Client Security which simplifies administration though a central management console. This is great, as we are able to; monitor installs, virus definition updates and produce reports.All virus definition updates/engine updates can be downloaded and installed automatically, using windows server update services. This is ideal when you have a large network. To date we have not had a virus infecting a desktop with Forefront installed - this is the main reason why we will not use another anti-virus solution.

When using Forefront in a domain network, it is quite difficult to create the group policies needed for definition/engine updates using WSUS.For a managed Anti-Virus, Forefront is one of the best choices. Standard desktops use Microsoft Security Essentials which is free but limited to 10 licences on a small network and cannot be centrally managed.From an IT Support perspective -make sure desktops have user account control enabled just to avoid users running programs that forefront has alerted as dangerous.

We have been using Microsoft Forefront for almost three (3) years now and so far we are very satisfied with it. From a cost perspective, it very economical when packaged with our Microsoft software licenses. Microsoft's new license subscription option for schools even made it more value for money, as we can now install it on all university computers.Performance wise, it's one of the most effective anti-virus solutions we have ever used. It's very effective in cleaning viruses and malware without removing system files. As a result, we can recover servers faster and without the need to do a repair installation. We have used Free, Open source and Kaspersky anti-virus before, but Microsoft Forefront has the best integration between the OS and Anti-virus application.

In our experience, you really need a local Windows Update Server so that product and definintion updates can be easily downloaded. Without it, the client seems to update very slowly and may take a lot of time. Also, you need to have a license agreement with Microsoft for you to be able to use Forefront. It's technically the same as Security Essentials, but you can centrally management Forefront instances installed on different computer on the campus.I would definitely recommend Microsoft Forefront if you have a Microsoft license agreement. It will not only save you on cost, it will also give you an enterprise anti-virus system which can be centrally administered as well.