We are happy to announce the availability of Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 (SP2). The service pack is available for download from the Microsoft Download Center.

Here are some of the improvements we are introducing in Forefront TMG SP2: 

• Site activity report – Forefront TMG SP2 includes a new site activity report that enables you to generate a report showing the data transfer between users and specific websites. This report displays the amount of data transferred to and from different websites, for any
  period that you specify, per user. In addition, you can also display the total data transfer to and from a specific website, per user.  

• Improved error pages – Forefront TMG SP2 improves the look and feel of web browser error pages and makes it easier to customize the pages. 

• Kerberos authentication for NLB arrays – Forefront TMG SP2 enables you to allow users to authenticate to a Forefront TMG array with Network Load Balancing (NLB) enabled using the Kerberos version 5 protocol.

Visit our TechNet Library for more information.

 - The Forefront TMG Team

We are happy to announce that Update 1 (UP1) for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 (SP1) was released today. It is now available for download from the Microsoft Download Center as an upgrade from UAG 2010 SP1.

Update 1 enhances UAG’s application publishing scenarios by adding support for:

• Dynamics CRM 2011
• Microsoft Lync 2010 web services
• Office Web Apps with SharePoint 2010

Learn more by visiting our TechNet Library.

- The Forefront UAG Team

We’re pleased to announce the launch of the new Microsoft Server and Cloud Platform website
(http://www.microsoft.com/server-cloud).  

The new site is a comprehensive source for information relating to our private cloud
and virtualization solutions, as well as other solutions based on Windows
Server, System Center, Forefront and related products.  It is designed to
help connect you to relevant information across Microsoft web destinations,
including TechNet, MSDN, Pinpoint and more - making it a great place to
understand what we offer, why you should consider it and how to get started.

Enjoy the new site and stay tuned to the blog for the latest Server & Cloud
Platform updates!

Microsoft is pleased to announce the availability of Forefront Identity Manager 2012 R2 beta.  Some of the key areas we’re enhancing with this release include:

• Credential management with web based password reset
• Historical reporting using integration to the System Center Service Manager data warehouse
• Greater ease of use through enhanced initial load performance, improved diagnostics and and enhanced load and scale performance
• Additional support for Microsoft Outlook 2010, and Microsoft SharePoint Foundation 2010

To join the beta program and download the software, click here.

We are also pleased to announce that the Forefront Identity Manager Community Evaluation Program will commence on the 2nd of August with our first session. Community members are encouraged to attend and new members are certainly welcome.  Community Evaluation Programs are a great technical resource for deeper understanding of Microsoft products and to connect with other users.  With over 2000 people engaged in various CEP programs, you’re able to not only connect directly with key engineering resources from Microsoft, but also a broad community of like-minded users.  Further details on the Community Evaluation Program for the R2 release of Forefront Identity Manager 2010 can be found here.

Cloud computing is as big a transformation, and opportunity, as the technology industry has ever seen. Partners and customers can look to Microsoft for the most comprehensive cloud strategy and offerings, in order to improve their business agility, focus and economics. Today, at the Worldwide Partner Conference, Microsoft announced tools and solutions to help partners capitalize on the opportunities, as well as examples of partners and customers already finding success.

Read more

The 2011 Microsoft Worldwide Partner Conference (WPC) is kicking off today, and with over 12,000 attendees expected, it promises to be an exciting event. The Server and Cloud team at Microsoft has been working furiously over the last few months to make this a successful event for our partners. Over the next few days, our team will provide you regular updates about the announcements and events at WPC. As with all WPCs, there’s a lot going on at the event, so we’d like to highlight some locations and events that our core infrastructure partners will find useful.

• Breakout Sessions: You can find a complete list of the Server and Cloud breakout sessions here. Our sessions cover a variety of topics, ranging from the how the Private Cloud can help expand your business, to a preview of the benefits that the upcoming System Center 2012 release can bring to your infrastructure practice. Each session will have partner speakers featured as well, so be sure to add these sessions to your schedule builder!
• Private Cloud and Platform Servers Booth: Please visit our booth (#1221) in the Solutions Innovation Center. In addition to demos of our latest products, you will find some really exciting offerings there:
  • In partnership with Microsoft, Global Knowledge (2011 Learning Partner of the Year) is offering partners who visit our booth a discount of at least 20% off the list price on qualifying Microsoft Virtualization and Systems Center courses across the world.
  • In partnership with Dell and HP, we shall be running live Private Clouds in our booth. Come see a real private cloud in action!
  • Happy Hour with Server and Tools Execs: Join us at the Server and Tools Lounge (located at LACC West near the entrance close to Staples Center) on Monday, July 11^th from 4:30-6:30.
  • Programs and offers: At WPC, we will be announcing a number of new programs for our partners – be sure to ask our team at the Private Cloud booth about:
    • Private Cloud, Management and Virtualization DPS Program (PVDPS) - click here to find out more
    • Changes to our Management and Virtualization Solution Incentive Program (SIP)
    • The Cloud Assessment Tool
    • The MPN Private Cloud Sales Specialist program

Stay up to date with the latest Server and Cloud information! Follow us on twitter (@MSServerCloud) on our blog (http://blogs.technet.com/b/server-cloud) and “Like” us on Facebook (http://www.facebook.com/Server.Cloud) to get access to WPC 2011 previews. And don’t forget tag your own twitter messages with #hyperv and #WPC11

Please remember that this is your event, and we want to hear from you! Please let us know what you liked, and didn’t like, at WPC 2011.We’ll be back over the next few days with many more updates for you.

Varun Chhabra

Partner Marketing, Windows Server and Management Business Group

Everyone is talking about the Cloud. At next week’s Worldwide Partner Conference, you and 12,000 other partners will be encouraged to take the cloud conversation to the next level from traditional virtualization to cloud-based computing.  As your customer’s trusted advisor, you will best be able to propose solutions when you understand opportunities around private clouds and public clouds.

At WPC 2011, you’ll learn about our Hyper-V based Private Clouds and Windows Azure-based Public Clouds that can be managed by System Center 2012.  Most importantly, you’ll learn how Microsoft can help you ramp up on cloud technologies, generate new revenue streams, and ultimately take your Infrastructure practice to the next level.  

We look forward to seeing you at WPC. Please read on for more event-specific information.

Cheers,

Kevin McCuistion

Director of Partner Marketing, Server and Tools Business

Take Advantage of the Microsoft Virtualization and System Center offer from Global Knowledge

Global Knowledge, 2011 Microsoft Learning Competency Partner of the Year, is offering partners who visit our booth a discount of at least 20% off the list price on qualifying Microsoft Virtualization and Systems Center courses. Make sure to come to our Microsoft Private Cloud and Server Platforms booth #1221 in the Solutions Innovation Center to learn more!

Don’t miss our sessions led by our executives on Tuesday, July 12th.

 Call to Action

• Sign up for Server and Cloud sessions today!
• Visit the Private Cloud and Platform Servers booth (#1221) in the Solution Innovation Center to take advantage of our readiness offer, and to see a Private Cloud solution from HP and Dell in action!
• Join us in the Server and Tools Lounge (located at the entrance to LACC West) for Happy Hour with Top Server and Tools Executives on Monday, July 11th from 4:30 – 5:30pm
• Stay up to date with the latest Server and Cloud information! Follow us on twitter (@MSServerCloud) on our blog (http://blogs.technet.com/b/server-cloud) and “Like” us on Facebook (Facebook.com/Server.Cloud) to get access to WPC 2011 previews. And don’t forget tag your own twitter messages with #hyperv and #WPC11.

An Update Rollup for Forefront Endpoint Protection 2010 is now available here:  Get Update .

 In addition to hotfixes, this Update also includes some important changes to note:

1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool:  Go here.
3. Two new preconfigured policy templates for the following server workloads:

               a.  Microsoft Forefront Threat Management Gateway

               b.  Microsoft Lync 2010

You can find more details in the “What’s New” document on the TechNet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection 2012 beta is here!  We are extremely excited to announce the availability of Forefront Endpoint Protection 2012 Beta.  Customers and Microsoft Partners can download the Beta software immediately here. You can also download the pre-requisite System Center Configuration Manager 2012 Beta 2 here

Forefront Endpoint Protection 2012 continues to deliver on the promise of Forefront Endpoint Protection 2010, simplifying and improving endpoint protection while also greatly reducing infrastructure costs. It builds on System Center Configuration Manager 2012, allowing customers to implement endpoint protection as part of a unified infrastructure for securing and managing physical, virtual, and mobile client environments. This shared infrastructure lowers ownership costs while providing improved visibility and control over endpoint management and security.  

• What’s new in FEP 2012:
  • Support for System Center Configuration Manager 2012
  • Improved real time alerts and reports
  • Role-based management
  • User-centric reports (post beta)
  • Easy migration from FEP 2010/ConfigMgr 2007
  • Support for FEP 2010 client agents

Forefront Endpoint Protection 2012 continues to provide proactive protection against known and unknown threats using multiple technologies in the antimalware engine like behavior monitoring, network inspection system and heuristics.  With cloud based updates through the spynet service, endpoints get updated protection against new threats in real time.  See the benefits of enabling Dynamic Signature Service in FEP here.

You can find more product details on our Website or TechCenter. And for more information about convergence of management and security, please visit our new Windows Optimized Desktop page.

You can now evaluate Forefront Endpoint Protection 2012 beta and System Center Configuration Manager 2012 beta with a community of early adopters.  Join the Community Evaluation Program for System Center Configuration Manager and evaluate the products with guidance from the product team and by sharing of experiences and best practices among a community of peers.

In addition, Microsoft Identify & Security partners can take advantage of the Microsoft Solution Incentive Program. This program rewards partners that identify and sell solutions that include Microsoft Forefront client security. Visit our Hyper-V Enabled Private Cloud page on Microsoft’s Partner Network to get more information on eligible opportunities.  

We hope you will evaluate the early version and give us your feedback!

Forefront Endpoint Protection team

The Microsoft TechEd Twitter Army is looking for recruits to twitter off the show floor during our premier TechEd event running May 16-19 in Atlanta. If you’re going to the show and want your opinions heard, be sure to check in at the Social Media area in the Microsoft Server & Cloud Platform Booth on Monday afternoon at 12:30 pm.  Recruits who do well on the Twitter front lines will compete for an Xbox 360 + Kinnect package and other prizes to be handed out at a private Twitter Army event happening Thursday at 2 pm. Don’t forget, and remember that Uncle TechEd Wants You!

With the recent announcement of the release of Forefront Endpoint Protection 2010, we published a bevy of resources through different channels to prepare the way and bring you up to speed. In the interests of providing the community—our readers—a quick-and-easy way to access these resources, we’ve compiled a digest of items for your handy reference.

Enjoy!

- The Server & Cloud Platform Team

Key Pages & Sites

• Forefront Endpoint Protection Home
• Forefront Endpoint Protection 2010 TechNet TechCenter
• Download Microsoft Forefront Endpoint Protection 2010
• Blog post: Convergence of Desktop Security and Management
• Desktop Security with Windows Optimized Desktop

Videos

• Understanding the Convergence of Security and Management
• Desktop & Datacenter Management and Security Strategy
• Forefront Endpoint Protection 2010 Demos and Interview

Webcasts & Presentations

• Business Insights Webcast: Security and Management Convergence on the Desktop (Level 100)
• Planning and Deploying Forefront Endpoint Protection 2010 with Microsoft System Center Configuration Manager
• Business Ready Security: Protecting Endpoints from Advanced Threats with Microsoft’s Secure Endpoint Solution
• Secure Endpoint: What’s in Microsoft Forefront Endpoint Protection 2010 – A Deep Dive into the Features and Protection Technologies

White Paper

• Convergence of Desktop Security and Management: Forefront Endpoint Protection and System Center Configuration Manager

We are extremely excited to announce that Forefront Endpoint Protection 2010 (FEP) has released to manufacturing!  Customers can access the RTM release on the Microsoft Volume Licensing Service Center (VLSC) starting Jan. 1, 2011 -- or try the evaluation version immediately. 

This is our first – and very significant – step in making the convergence of desktop security and management a reality.  Customers using System Center Configuration Manager 2007 can now quickly and efficiently deploy, configure, manage, update, and report on FEP protections, helping to lower infrastructure costs and improve overall security.  And since both products are included in the Enterprise CAL (ECAL), customers who purchase ECAL automatically get access to all the licenses they need to implement the solution.  To make deployment easier, FEP will even identify and replace the existing antimalware agents you may have previously installed. 

Customers have already begun seeing the advantages of bringing together powerful antimalware protection with their existing infrastructure for deploying, patching, and updating client systems.  A large university medical center that participated in our Technology Adoption Program (TAP) said the following about their experience using FEP in their 50,000 desktop environment: 

“We’re primarily a paperless organization.  We need 100% uptime so that medical records, prescriptions, and all other documentation is available to our healthcare professionals. The single console for Forefront Endpoint Protection 2010 [and System Center Configuration Manager 2007] gives me a view of our whole system and ensures that we can handle threats before they become an issue.”

There are a ton of new features to explore in this new release including award-winning antimalware protection (FEP uses same engine as Microsoft Security Essentials), vulnerability shielding, Windows firewall management, and, of course, integration with System Center Configuration Manager 2007.  You can find more product details on our Web site or TechCenter.    And for more information about convergence, please visit our new Windows Optimized Desktop page.

We hope that you will give FEP a test drive soon!

We are pleased to announce the release of Forefront Unified Access Gateway 2010 SP1, which includes key updates to the product, including: enhanced DirectAccess deployment and operation, improved monitoring and troubleshooting, as well as enhancements to publishing scenarios.  Trial bits can be downloaded here.  In addition, you can view additional details on TechNet to find out what’s new in Forefront UAG 2010 SP1.

Top Features

- The Forefront Team

We’re just back from TechEd in Berlin where Brad Anderson announced the release candidate for Forefront Endpoint Protection (FEP) 2010 during his keynote. During the session, Brad highlighted one of the key focus areas in this release - the convergence of security and management. FEP 2010 is deployed, configured, managed, updated, and reported on through System Center Configuration Manager 2007, allowing customers to streamline their client management and security operations. Using FEP to merge these disciplines, organizations can improve desktop protection and lower operational costs.

Since we’ve posted the release candidate, I’ve heard a lot of great feedback from trial customers (check out the Customer Evaluation Program), TechEd attendees, and TAP participants on the impact this convergence is already having on their businesses. Customers like Riga Stradins University tell us that the consolidated tools, processes, and infrastructure help them enable new efficiencies:

“The integration of management and security makes our IT organization more agile.  We’re more efficient in the way that we use our personnel. We’ve increased the number of people available to respond to security incidents by 20% with no increase in headcount” – Kristaps Cudars, Principle Information Systems Architect

This use of FEP to drive new efficiencies is a persistent theme among the early adopters. With security as part of the console that in many cases they are already using, customers say that their dedicated management personnel can expand their efforts – easily, to help watch over security.

Another interesting comment on efficiency came from Telekom Slovenije. Like many organizations globally, Telekom Solvenije has a single team responsible for desktop management and endpoint security, but the tools they used required completely separate efforts.  Already a Configuration Manager customer, and with a long-term contract for their existing anti-virus solution ending, they applied to join the FEP TAP program:  

"We had separate silos for managing and securing the infrastructure, even though the same team was responsible for both… The integration of FEP with System Center Configuration Manager lets us break down the silos with our organization and increase efficiency” – Dragoslav Radin, Head of the Division for IT Infrastructure Services

These efficiencies, driven by convergence of security and management, not only allow administrators to do their jobs better and more quickly, as we’ve discussed here, but they also lower hardware, maintenance, and training costs through the use of a single, multi-purpose infrastructure.  I hope you will download and try FEP in your environment.  

The Release Candidate of Forefront Endpoint Protection (FEP) 2010 shipped today and is now available for download here.  FEP was built on Configuration Manager 2007 (R2 and R3 supported), so anyone with Configuration Manager deployed now has the unique ability to deliver desktop security on your existing infrastructure. Find out more on the System Center team blog.

-        Forefront Team

Today in Berlin at TechEd Europe Microsoft vice president Brad Anderson announced that the Release Candidate of Forefront Endpoint Protection (FEP) 2010 is now available for download and we are on track to release to manufacturing by the end of 2010! Built on System Center Configuration Manager R2 and R3, FEP gives customers the ability to manage and secure their systems on the exact same infrastructure –  converging the disciplines of client security and management. 

With FEP, desktop antimalware is no longer a discrete set of tools and processes – it is an extension of your existing Configuration Manager deployment, making your endpoint protection:

1. Easier to use.  You view your configuration information (what has/hasn’t been updated, what patches have/haven’t been applied) in the same place as your security information – which makes it easier to identify issues and make smarter decisions to resolve them.
2. Less costly. No more maintaining two sets of hardware, implementing two sets of policies, or training staff on two separate technologies.
3. Extremely effective.  The new detection engine in FEP– with its behavioral detection technologies – has been proven in third-party testing (AV-comparatives, VirusBulletin) to rank among the industry’s best – particularly when detection unknown threats.

In addition to our infrastructure and detection updates, FEP includes some great new features like:

• Windows Firewall management.  Now easier to ensure Windows Firewall is active and working properly on all endpoints across the enterprise.
• Automated agent replacement.  For the most common antimalware solutions, automatically detects and removes existing security agents to streamline deployment.

We encourage you to take a look at the new RC – and if you happen to be at TechEd EMEA, make sure to stop by our booth!

Today, Microsoft announced the acquisition of AVICode, Inc., a market leader in application performance monitoring and diagnostics of .NET applications and services. AVIcode will become a wholly-owned subsidiary of Microsoft and the technology acquired will be rolled into the System Center family of products over time.

As more customers move to cloud-based services, they face additional management complexities. This acquisition represents further Microsoft investment in providing customers with unified management for physical, virtualized and cloud applications, whether they are running in a customer, service provider or Microsoft datacenter. By integrating AVIcode’s product capabilities with System Center, Microsoft will help customers ensure the availability and performance of business-critical applications and services, no matter where they are deployed.

Integration of AVIcode technologies with System Center Operations Manager will help customers close the “management gap” between existing, on-premises applications and those delivered via the cloud, providing a comprehensive view of application performance, end user experience and the ability to respond more quickly to business needs.

Today, customers can immediately benefit from AVIcode capabilities including:

• Simplified management with automatic discovery of application dependencies and requirements.
• Optimized business productivity with always-on, real-time monitoring, and rapid error resolution of business-critical applications.
• Lower cost of managing datacenter services through enterprise-wide standards  to manage custom and disparate applications .

Brad Anderson, corporate vice president of the Management and Security Division, provides more information about this acquisition on the System Center Nexus blog here, and in a recorded video Q&A here.

This month, Identity Lifecycle Manager 2007 beat out IBM and RSA for Information Security Magazine’s 5th annual Readers’ Choice Awards, taking first place for the Identity and Access Management category.  Readers gave it solid marks across the board, particularly for ease of use, integration with associated products and comprehensive and flexible reports.  You may already be aware that Microsoft Forefront Identity Manager 2010 – the successor to Identity Lifecycle Manager 2007 – is available now and dramatically simplifies enterprise identity management through end-user self service capabilities and IT administrator tools to automate tasks.  To see what the buzz is all about, evaluate FIM today. 

Today the team delivered the anticipated Forefront Endpoint Protection 2010 (FEP) public beta to customers.  The successor of Forefront Client Security is built on System Center Configuration Manager (SCCM) 2007 R2, allowing customers to use their existing client management infrastructure to deploy and manage endpoint protection.

The end result? Customers will save capital costs on roll-out and also reduce training costs because administrators won't have to learn yet another management user interface.

FEP supports Windows XP, Windows Server 2003 and all subsequent versions of the Windows client and server operating systems. Other new features include:

• New Antivirus Engine.  Highly accurate and efficient threat detection protects against the latest malware and rootkits with low false positive rate.  
• New behavioral threat detection.  Protection against "unknown" or "zero day" threats provided through behavior monitoring, emulation, and dynamic translation. 
• Windows Firewall management.  Ensures Windows Firewall is active and working properly on all endpoints, and allows administrators to more easily manage firewall protections across the enterprise.
• Dynamic Cloud Updates. On-demand signature updates from the cloud for suspicious files and previously unknown malware

If you are using System Center currently, you can download the SCCM 2007 R2 trial to understand the features and functionality that it provides to administrators for FEP trial purposes. 

We will announce pricing and licensing at a later date and the final product is on track to be available in the fourth quarter of 2010.

Download the Forefront Endpoint Protection 2010 beta here and let us know what you think.  Need more information? Check out the Microsoft Forefront homepage and watch the TechNet Edge video below.

Released last December, TMG is the next generation of Internet Security and Acceleration (ISA) Server 2006.  It is a secure web gateway that allows employees to safely and productively use the Internet without worrying about malware and other threats.  TMG provides multiple layers of continuously updated protections against the latest Web-based threats, including URL filtering, antimalware inspection, and intrusion prevention.  Enhancements in TMG Service Pack 1 (Available for download here):

Improved reporting features

• New user activity reports to monitor Web surfing information
• Improved look and feel for all TMG reports

Enhancements to URL filtering

• User override for access restriction on sites blocked by URL filtering, allowing more flexible and easier deployment of web access policy
• Override for URL categorization at the enterprise level
• Customized site access denial notification pages to fit an organization’s need

Enhanced branch office support

• Simplified deployment of BranchCache at the branch office (for Windows Server 2008 R2 users), using Forefront TMG as the Hosted Cache Server
• Forefront TMG and a read-only domain control can be located on the same server, reducing TCO at branch offices

Support for publishing SharePoint 2010

Below is a FOPE admin screencast by Micah Lanasa on TechNet Edge.  And here you can read about how the International Speedway Corp, which promotes the DAYTONA 500 and other motorsports events, saved $120,000 using FOPE to protect its vital messaging system.

From Micah:

Forefront Online Protection for Exchange is a hosted service that provides a layer of protection to actively help protect inbound and outbound e-mail from spam, viruses, phishing scams, and e-mail policy violations. In this video series I’ll walk you through the Administration Center, which is the service management site for Forefront Online Protection for Exchange.

In this first video I’ll highlight some of the features and tools in the Information tab and the Company subtab. To continue learning about FOPE Administration, watch the next video in the series Forefront Online Protection for Exchange: Administration Center 102.

There are some great opportunities coming up this month to learn about Forefront solutions.

TechNet Simulcast: Forefront Virtual Event
https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032454002&Culture=en-US

Register for the Forefront Virtual event on June 23^rd and 24^th to hear from the product team, ask questions and see great technical demos on FEP, FIM, TMG, UAG, FPSP, FPE, FOPE, and ADRMS + Exchange.

Deployment Webcasts

6/28/2010 11:00:00 AM -Deploying a Microsoft Identity and Access Management Solution (Level 300)

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032453697&Culture=en-US

6/30/2010 8:00AM Best Practices for Deploying a Microsoft Secure Collaboration Solution (Level 300)

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032453700&Culture=en-US

6/22/2010 12:00PM Using a Microsoft Information Protection Solution with RSA Data Loss Prevention

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032453692&Culture=en-US

6/22/2010 9:00:00 AM - TechNet Webcast: Deployment Best Practices for Information Protection

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032453503&Culture=en-US

6/16/2010 10:00:00 AM - Enabling Secure Messaging – FOPE Deployment Best Practices

https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032450259&EventCategory=4&culture=en-US&CountryCode=US

Microsoft has released the Information Card Issuance Community Technical Preview (CTP.)  This will enable IT administrators to easily issue information cards via Active Directory Federation Services 2.0, giving end users a more flexible and secure means of authentication to applications within the enterprise, across company boundaries and into the cloud.  Through this CTP, we hope to gain valuable feedback on our Information Card technologies. 

The CTP will support the following scenarios:

• Administrators can install an Information Card Issuance component on AD FS 2.0 RTM servers and configure Information Card Issuance policy and parameters.

• End users with IMI 1.0- or IMI 1.1 (DRAFT)-compliant identity selectors can obtain Information Cards backed by username/password, X.509 digital certificate, or Kerberos.

• Continued support for Windows CardSpace 1.0 in Windows 7, Windows Vista and Windows XP SP 3 running  .NET 3.5 SP1.

We have also adding two new mechanisms for interaction and feedback on this topic, a dedicated Information Card Issuance Forum and a monitored e-mail alias [email protected].

Watch a video from the Office-SharePoint 2010 launch site about how Del Monte uses Forefront to secure its collaboration environments – including comments from Forrester senior analyst Andrew Chiquith. (Click here or on the image below for the video.)  A written case study about Del Monte is here.

From the case study:

Benefits
By deploying Microsoft Forefront Protection 2010 for SharePoint for protection and Active Directory Domain Services for identity–based access, Del Monte helps increase its collaboration, sharing, and access to information, while better protecting its assets. By strengthening its security capabilities, the company is equipped to aggressively pursue its collaboration strategy, taking full advantage of its investment in Microsoft SharePoint Server 2010.

Enhanced Business Control Without Compromising Flexibility
By using Forefront Protection 2010 for SharePoint, Del Monte benefits from tighter control of its business assets, including its intellectual property, through the use of multiple scanning engines and enhanced file filtering capabilities. Because Del Monte can configure the solution to meet its own business rules and changing security needs, the company retains maximum operational flexibility. “The ability to configure the settings at a granular level enables us to optimize our approach over time, so we can ensure rigorous security across all of our portal resources without negatively impacting productivity,” says Wynn.

Improved IT Management Through Real-Time Health Monitoring
The centralized Administrator Console and dashboard management tools in Forefront Protection 2010 for SharePoint provide the Del Monte IT team with access to consolidated information and analytics, helping to ease security management tasks.

Through these tools, Wynn and others can quickly evaluate the performance of scanning engines and track malware incidents and responses across the company’s entire server system. “Because I can get a comprehensive security status update in a matter of minutes, I can quickly prioritize the issues I need to address across projects and focus more time on achieving business goals,” says Wynn.

From the Microsoft identity blog:

In the category “Best Innovation”, the European Identity Award went to Microsoft for U-Prove. The U-Prove technology, which enables minimal disclosure of identity-related information is considered to be a pioneering effort in enhancing online privacy and security, by analyst firm Kuppinger-Cole & Partners.

In the category “Best Project”, the University of Washington was honored for its identity federation solution in research and education which was developed together with Microsoft and “Live@Edu”.

The University of Washington is delighted to have its work with Microsoft on federation services honored by Kuppinger Cole, said RL "Bob" Morgan, Identity Architect for UW Information Technology and Shibboleth Project core team member.  At UW, we are committed to standards-based federation to extend the value of UW identity to the services our users need. It is great to partner with Microsoft since they too are making a commitment to federation for Windows Live and Live@edu.  Live@edu's support of higher-education federations including InCommon is a key differentiator. Making it all work has many challenges, but it's essential so the higher-ed community can collaborate seamlessly and securely in cloud environments.

Nathan Dors, manager of Identity and Access Management for UW Information Technology, added that the partnership with Microsoft has been very positive. We agree with Microsoft on the importance of being both standards-oriented and pragmatic. Choice of federating technology is key and we appreciate Microsoft's striving to reach parity between AD FS 2.0 and Shibboleth solutions.

Also in the category “Best Project” Thomson Reuters was honored for its solution enabling users to easily and securely access various application services, which is based on Microsoft’s Windows Identity Foundation and Active Directory Federation Services (AD FS 2.0).

We are delighted to be acknowledged by international analyst firm Kuppinger Cole & Partners for our identity project with Treasura. Being able to provide a standards-based solution from Microsoft has enhanced application security and offered greater access control for our identity infrastructure project,” said Jason Shantz, Architect, Thomson Reuters.

And finally, in the category “Best Project” BMW was honored for its identity management solution covering more than 100,000 dealerships and other external users, replacing existing legacy systems. The project was a co-development with Omada and Microsoft.