Malicious code is often the primary cause of problems and is one of
the hardest problems to resolve because of the ever-changing threats that are released
daily. These viruses are designed to exploit known vulnerabilities to gain unauthorized
access to systems. Often, the most successful viruses exploit vulnerabilities that are new
and that administrators have not had a chance to update the defi nitions to detect.
Viruses have multiple ways of entering an enterprise, and Forefront will need to be
tested to see if it is correctly detecting and eradicating the threat. Each of the following
points may be a potential pathway for a virus to enter a system, and therefore, needs to
be tested.
?– Exchange Server Forefront protects the Exchange server by using fi lters
and multiple antivirus engines to detect malicious fi les.
?– SharePoint Server Forefront protects SharePoint server by scanning fi les
uploaded and accessed in real time.
?– Client Forefront protects clients by conducting real time and scheduled scans.
?– ISA Forefront protects ISA by securing communication with encryption
and providing end users with secure portal access to resources.
One of the tests that will be conducted is whether Forefront is confi gured to
release defi nition fi les quickly to detect new exploits. Depending on the environment,
you can upload the code with the latest virus signatures and see if it is detected by
Forefront.
Pages:
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513