Deploying Forefront Client Security to non domain joined servers on a perimeter network through ISA Server 2006
"On managed environments, one of the main goals is to keep the computer secure from threats. The security usually imposes barriers between what is considered trusted, untrusted, and limited traffic. The untrusted traffic usually is incoming requests from the Internet that are filtered by the firewall where the limited traffic usually comes from a place called perimeter network (also known as DMZ, demilitarized zone, and screened subnet).
Computers located on the perimeter network should not be considered unmanaged because of the fact that they are not joined to the internal domain. Those computers need special attention and same or higher level of care then the internal ones. One important point when we are addressing security on those computers is the installation and maintenance of the antivirus software.
The goal of this article is to explain some of the most common scenarios for deployment of Microsoft Forefront Client Security (FCS) on computers that are located on a perimeter network and are not joined to the production domain, also called the internal domain."
Check out http://technet.microsoft.com/en-us/library/cc752954.aspx for the rest of the article and the details.
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)