Introduction to Client Security Enterprise Manager

Applies To: Forefront Client Security

This guide assumes that you have a working knowledge of Microsoft® Windows Server® 2003, Microsoft Operations Manager (MOM), Microsoft SQL Server™ 2005, SQL Server 2005 Reporting Services, and Windows Server Update Services (WSUS). Although some basic information about these products is included in the guide, this guide does not replace the documentation for these products or formal training.

To submit feedback on this guide, contact Microsoft Forefront Client Security Feedback.

This guide describes deployment and use of Microsoft Forefront Client Security Enterprise Manager.

Overview of Enterprise Manager

Standard Microsoft Forefront™ Client Security deployments support up to 10,000 managed computers. To support more than 10,000 managed computers, you must install multiple Client Security deployments. To ease the administrative load for these multiple deployments, you can implement the Client Security Enterprise Manager.

Enterprise Manager allows Client Security administrators to centrally manage multiple Client Security deployments in their enterprise environment.

Enterprise Manager has three main features:

  • Aggregation of reporting and alerting information from multiple Client Security deployments in the enterprise. The aggregated information is then viewable in a single console, and reports can be generated on this aggregated information.

  • Single location for management of Client Security policies.

  • Single location for initiation of enterprise-wide antimalware scanning.

The foundation of Enterprise Manager is the standard Client Security deployments in your enterprise. Enterprise Manager adds the previously mentioned functionality to your standard Client Security deployments.


To implement Enterprise Manager, you must use unique management group names when installing your standard Client Security deployments.


The computer names of the Client Security collection database server and reporting database server must be unique in all down-level Client Security deployments.