Frequently asked questions (Client Security)

Applies To: Forefront Client Security

This topic contains answers to frequently asked questions about Client Security.

What is Microsoft Forefront Client Security?

Client Security provides unified malware protection for business desktops, laptops, and server operating systems. Built on the same Microsoft protection technology already used by millions of people worldwide, Client Security helps guard against emerging malware threats, such as spyware and rootkits, as well as traditional threats such as viruses, worms, and Trojan horses. By delivering simplified administration through central management, and providing critical visibility into threats and vulnerabilities, Client Security helps you protect your business efficiently. Client Security integrates with your existing infrastructure software, such as the Active Directory® directory service, and complements other Microsoft security technologies for enhanced protection and greater control.

Which versions of Microsoft Windows operating systems are supported by Client Security?

Client Security is designed to protect computers running the Windows Vista™, Windows Server® 2008, Windows Server 2003, Windows® 2000 Server, and Windows XP operating systems. For more information, see Client Security System Requirements (

Which Client Security topology should I install?

Your topology decision should be based on several factors, including the number of clients in your environment, your hardware budget, and reporting requirements. Before you install Client Security, it is highly recommended that you read the Client Security Planning and Architecture Guide ( The Planning and Architecture Guide contains detailed information that can help you make your deployment decisions.

How do I prepare my existing network for Client Security?

Before installing Client Security server components, you should verify that the appropriate network ports are open on any server firewall. In some cases, firewalls between Client Security servers should be disabled. For details about preparing for and deploying Client Security, see the Client Security Deployment Guide (

How do I receive malware definitions and other updates?

Malware definition updates are distributed from Microsoft Update. Client Security simplifies the distribution of definition updates to client computers through optimization with WSUS. WSUS enables administrators to automatically approve the latest signatures or to test and approve every update. You can also use any existing software distribution system in your environment. For more information about receiving and distributing definitions, see Distributing definitions and engine updates in the Client Security Administrator's Guide (