Windows 7 / Security and Privacy


Forefront is enterprise security software that provides protection from malware in addition to many other threats. Whereas Windows Defender is designed for consumers and small businesses, Forefront is designed to be deployed and managed efficiently throughout large networks.

Forefront products are designed to provide defense-in-depth by protecting desktops, laptops, and server operating systems. Forefront currently consists of the following products:

  • Microsoft Forefront Client Security (FCS)
  • Microsoft Forefront Security for Exchange Server (formerly called Microsoft Antigen for Exchange)
  • Microsoft Forefront Security for SharePoint (formerly called Antigen for SharePoint)
  • Microsoft Forefront Security for Office Communications Server (formerly called Antigen for Instant Messaging)
  • Microsoft Intelligent Application Gateway (IAG)
  • Microsoft Forefront Threat Management Gateway (TMG)

Of these products, only FCS would be deployed to client computers. The other products typically would be deployed on servers to protect applications, networks, and infrastructure.

Enterprise management of anti-malware software is useful for:

  • Centralized policy management.
  • Alerting and reporting on malware threats in your environment.
  • Comprehensive insight into the security state of your environment, including security update status and up-to-date signatures.

Forefront provides a simple user interface for creating policies that you can distribute automatically to organizational units and security groups by using GPOs. Clients also centrally report their status so that administrators can view the overall status of client security in the enterprise.

With Forefront, administrators can view statistics ranging from domain-wide to specific groups of computers or individual computers to understand the impact of specific threats. In other words, if malware does infect computers in your organization, you can easily discover the infection, isolate the affected computers, and then take steps to resolve the problems.

Forefront also provides a client-side user interface. Similar to Windows Defender, Forefront can warn users if an application attempts to make potentially malicious changes, or if it detects known malware attempting to run. The key differences between Defender and Forefront are:

  • Forefront is managed centrally Forefront is designed for use in medium-sized and large networks. Administrators can use the central management console to view a summary of current threats and vulnerabilities, computers that need to be updated, and computers that are currently having security problems. Windows Defender is designed for home computers and small offices only, and threats must be managed on local computers.
  • Forefront is highly configurable You can configure automated responses to alerts, and, for example, prevent users from running known malware instead of giving them the opportunity to override a warning as they can do with Windows Defender.
  • Forefront protects against all types of malware Windows Defender is designed to protect against spyware. Forefront protects against spyware, viruses, rootkits, worms, and Trojan horses. If you use Windows Defender, you need another application to protect against the additional threats.
  • Forefront can protect a wider variety of Windows platforms Forefront is designed to protect computers running Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows 7, and Windows Server 2008. Windows Defender can protect only computers running Windows XP, Windows Vista, and Windows 7.

Like Windows Defender, Forefront supports using Microsoft Update and WSUS to distribute updated signatures to client computers, but Forefront also supports using third-party software distribution systems. For more information about Forefront, visit Also, explore the Microsoft TechNet Virtual Labs at

Note Microsoft offers a third client security solution: Windows Live OneCare. Windows Live OneCare is designed to help protect home computers and small businesses with antivirus protection, antispyware protection, improved firewall software, performance monitoring, and backup and restore assistance.

[Previous] [Contents]