Barney's Blog

Blog archive

Doug's Mailbag: Forefront and Security Essentials Thoughts

One reader points out some facts Doug may have gotten wrong in his Forefront blog entry:

I'm not sure why you say it comes with a "built-in firewall." To quote the article: "...includes firewall integration and enhanced protection against Internet-borne exploits. With the firewall integration, users now have the option to turn Windows firewall on or off."

I can tell you from personal experience with both the new version of MSE and the new version of FF, there is no additional firewall included.

You also might want to have the author of the article last week on the Forefront 2010 go back and do a little research. No previous version of FF have used SCCM (the first version used SCOM, and version 2, "Stirling" also used SCOM -- but that project has been canceled).

Here's some positive reader praise for Microsoft's Security Essentials:

I use MS Security Essentials (SE) on my three home PCs and love it. I found out yesterday one of our clients, a multinational corporation, will be using SE on all of the PCs/notebooks at their two U.S. locations. I'd guess that is about 250 nodes. I looked into the EULA and discovered it is meant for home use and also for home-based small businesses. I don't think he should be using it for that, but he says it works great.

Another client of ours told me yesterday he will be using ClamWin for his 40-node Windows network that we will also be migrating to Exchange Online soon.

I have installed MS Security Essentials on several consumer-client XP machines, Pro Version and Home Edition. It works very well -- easy to install and configuration is automatic. The GUI interface is easy to understand, even for novices.

It runs more efficiently than other paid antivirus programs (not bloated, slow startups, etc). Also, it found a virus that a very popular antivirus suite did not! I recommend it for home users.

Thank You Microsoft!

I have to say, I am hooked on MSE. I tested it out pretty extensively and researched it to see how its detection rates compared to other major engines. For detection and false-positive rates, it is one of the best in class (at least according to the guys and gals who test virus scanners).

As for how well it works in the real world, I had been a very big fan of McAfee VirusScan Enterprise prior to MSE. I have since been replacing VirusScan with MSE on everything I own and now recommend this to most small customers. I have noticed a LOT less speed slowdowns when using MSE. On VirusScan, I used to have the system get slow when sometimes opening programs. The VirusScan engine was scanning everything being opened. MSE hasn't slowed my machines down yet. Another benefit with MSE is that includes anti-spyware tools. Most virus scanning engines do not do spyware at the same time. MSE does and, from my experience, it has caught things that would have been missed by VirusScan. The updating process being integrated with Windows Update is a bonus, but not game changing. All engines update themselves (or can be set to). I just like it being in Windows Update. Lastly, the price is right. Free, fast and good beats any paid combination there is.

The big issue facing MSE adoption in the enterprise is the lack of centralized console and distribution tools. If Microsoft builds it in to System Center in the near future,e I think a few of those third-party security vendors better find new products. It is typical of Microsoft. The first few revs of a product are garbage. They just seem to persevere until they come up with a product that is a "must have." So far, I am satisfied with MSE and assume it will only get better.

Share your thoughts with the editors of this newsletter! Write to [email protected]. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted on 08/23/2010 at 1:18 PM


comments powered by Disqus

Subscribe on YouTube