Hello. I have been in contact with Microsoft sales and learned that Forefront for Exchange 2010 is discontinued. I asked for names of the replacement products and they say (and I paraphrase) “run your mail through our server farm and we will scrub it clean and deliver it to your on-premise machine for X$s a subscription”.
I am having difficulty understanding this new method of virus/malware protection.
This is the scenario I am used to:
If a piece of malware gets through the Microsoft server farm because a definition for it has not been developed at the time it makes it through, then it resides in my mail database until a client activates it. If I have a piece of software running in conjunction with my mail server, capable of frequently downloading new malware definitions and scanning my mail database then there is a chance that the piece of malware will be detected and removed before a client activates it.
Was Microsoft sales simply unable to locate a replacement product for Forefront 2010 or is there a new method of malware defense that Microsoft designed and endorses that does not involve a server component?
For example, is the strategy we are supposed to adopt simply best effort before it arrives in the on-premise database and install Microsoft end point protection on the clients and just let the clients find the virus/malware when they open the email?
I am really having a difficult time with that method, but if that is what Microsoft’s new design and best practice is, that is certainly what we will do.
I request that someone more knowledgeable than I about Microsoft best practices and design validate that I am understanding properly how Microsoft is having us deal with malware/virus protection at this time.
Thank you.
