There are a couple of TechNet webcasts on deployment of FCS this coming Dec 13’th & 14’th:
Forefront Client Security (aka FCS) product has actually received ICSA Labs certification – http://www.icsalabs.com/icsa/product.php – and that this in fact means it detects 100% against any malware that is “in the wild”. Also the product group is doing some historical catch up cataloguing historic signatures which explains why in some comparisons the product doesn’t look so good in contrast to older products. Since the ICSA denotes functional completeness of scanning existing threats then this basically nullifies any concerns that known active malware will get through. FYI – FCS also is a VB100 award winner (http://www.virusbtn.com/vb100/index )& 2008 Finalist for Global Product Excellence Awards from the folks at Info Security Products Guide http://www.infosecurityproductsguide.com/winners/2008/ – What does this mean beyond the obvious marketing hype value? It’s a very capable and industry class product after all.
At first my impression of FCS was reluctant as the client-side interface has little user options and no context menu integration for scanning new downloads or copied files. However this is actually done in the background anyway so user interaction isn’t needed. That impression coupled with my false impression that its AV capabilities weren’t so capable (see above paragraph) led me to an overall ill feeling at first glance that I’m now rethinking. Perhaps it will have a nice fit in SBS (yet to be sorted out if at all possible) or more likely a managed services practice oversight tool inclusive of all security threats.
For more information on Forefront Client Security, a couple of weeks ago I re-posted some links for FCS: https://duitwithsbs.wordpress.com/2007/10/22/ronaldgs-ramblings-links-to-info-on-forefront-client-security-fcs/