Friday, September 28, 2012

Microsoft, What did you do to Forefront?

ForeFront Logo

I am shocked but not surprised by Microsoft's decisions about Forefront as recently announced on September 12th, 2012 (the same same day as Apple's iPhone 5 launch) on their Server and Cloud Blog titled "Important Changes to Forefront Product Map". The following products from the Forefront Product Set will no longer be sold as December 1st, 2012:
    • Forefront Protection 2010 for Exchange Server (FPE)
    • Forefront Protection 2010 for SharePoint (FPSP)
    • Forefront Security for Office Communications Server (FSOCS)
    • Forefront Threat Management Gateway 2010 (TMG)
    • Forefront Threat Management Gateway Web Protection Services (TMG WPS)
Also mentioned in Microsoft's blog post is that Forefront Online Protection for Exchange (FOPE) will be called Exchange Online Protection (EOP) for the next release. EOP can be combined with the new Anti-malware protection built-in to Exchange Server 2013. SharePoint and Lync Servers will continue to offer the built-in security capabilities also Forefront Unified Access Gateway (UAG) and Forefront Identity Manager (FIM) will still be be available.

Mary Jo Foley, from ZDNET, wrote a post called "Microsoft axes many of its Forefront enterprise security products" shortly after the announcement. She also mentioned that Forefront Endpoint Security will be rolled into the new System Center 2012 Endpoint Protection. The comments on her blog post, on Twitter as well as Microsoft's post show the confusion among users about the Forefront changes. People are wondering what will happen to their TMG deployments, will signatures be updated, Windows Server 2012 support, what exactly is the new Anti-malware protection built-in to Exchange Server 2013 and how is Exchange Online Protection different from that offering? Do you have any questions or comments about what your options will be once these changes take effect?

For us, we were considering replacing Internet Security and Acceleration (ISA) servers with Forefront Threat Management Gateway 2010 servers but now we are exploring other solutions I think partly based on this recent news. I will be watching closely to see what Microsoft does with new Forefront offerings. Comments, thoughts and opinions welcomed.