Updating forefront

Two keys benefits of employing Desktop Central: To keep it simple, Desktop Central takes you one step closer towards securing your network computers from malwares and spywares in addition to the traditional malicious software like Virus, Trojans and Worms.

As you probably know, Microsoft stopped selling Forefront TMG as well as its subscription based Web Protection Services in December 2011.

It completed successfully, but it did not update the server version on the internal Exchange servers.

I’ve run into multiple issues with this task, so I thought I’d write a post on how to successfully update your Exchange 2010 Edge server to Service Pack 3.

In my scenario, I’m running a single server with the following services: Before we can begin with the Exchange Service Pack upgrade we must first disconnect the Forefront Security service from the Exchange server.

Although you can still purchase Forefront TMG through the OEM loophole, there is no way to purchase a new subscription of Web Protection Services.

This means that Forefront TMG cannot download malware signature or URL filtering updates, and any URL Filtering rules you have in place will not work.

If you’ve worked with Exchange long enough you might remember this, but my first experience with this was when the product was called Antigen. The anti-virus software has hooks into Exchange (VSAPI) that prevent you from upgrade or performing certain tasks without disconnecting it from Exchange.

After updating the Edge server, I verified that the Service Pack was installed on the Edge server, but it was not reporting as updated on all other Exchange servers in the Org and therefore not in AD.

To do this I did the following and it was successful.

Dave is the Local Practice Lead for Infrastructure at Catapult Systems in Austin.

People who write malicious code are well aware of the Operating System lapses of your network computers.

Tags: , ,