locked
Requirements - Suggestion RRS feed

  • Question

  • Would it be possible to setup a version of the FCS without the SQL Enterprise requirements (and perhaps MOM)?

    Perhaps FCS is not meant for the small- to mid-size business market? I do not see references the imply FCS is supposed to be only an enterprise solution other than the SQL Enterprise requirement. Or am I mistaken on this requirement or the very heftier price tag of the SQL Enterprise licenses over the standard version just for operating a anti-virus/malware package?

    I am very interested in FCS; however, I will not be able to sell the switch from Symantec's Anti-Virus package to FCS with the additional requirement of having to purchase SQL Enterprise licenses.

    A version of FCS with reduced reporting that only requires SQL Express (or SQL Server standard at the most), would open FCS to a lot more organizations.

    In fact, why doesn't FCS use Active Directory to store it's settings in individual workstation objects or group objects? And if it does, then could FCS be setup to bypass reports, and have the management piece rely upon reporting from individual workstations to tell it what infections are out there?

    A reduced version of FCS might not be as flashy to show off compared to the current FCS, but at least it could also be used as a stepping stone to the full FCS for companies that do not or can not make the jump to SQL Enterprise.

     

    Tuesday, December 5, 2006 9:35 PM

Answers

  • Hi Jason

    We really hope you can convince your organization to move to FCS!

    Thanks for the feedback on the SQL Standard and it's impact on pricing/costs for customers.  We are definitely hearing the same type of feedback and are spending the cycles to evaluate supporting it by RTM

    As for MOM and SQL, there are actually 4 components in this area

    • SQL Database service (hosts the actual DBs)
    • SQL Reporting services (service to generate the actual reports)
    • MOM Server (handles the data collection from the agents)
    • MOM Reporting (reporting for MOM, which also adds the data warehouse (DWH) database)

    SQL 2005 Enterprise vs Standard is around scalability and other features optimized for performance/etc.  We want to be sure that SQL Standard will meet the requirements in these areas.

    MOM is included as part of the FCS package, so you do not need to purchase a seperate MOM instance for FCS.  When you purchase FCS, you get all the required MOM components (both the MOM Server and MOM Reporting components).  SQL 2005 is not included in the FCS package

    The version of MOM that ships with the FCS Public Beta is timebombed (I believe the end date is June 30th, 2007)

    It sounds like support for SQL standard would meet your FCS-Lite requirements - as above, the main items we are researching for SQL standard support are in the scalability/performance space (as opposed to rendering reports, etc). 

    As for the specific item about receiving alerts via email, you can definitely do this using the notification system in MOM - I'm using it internally and it works very well :-)

    Thanks - look forward to more great questions!

    Chris

    Forefront Client Security PM

    Thursday, December 7, 2006 10:36 PM

All replies

  • Hello!

    Lots of good questions and comments in the post, so I'll tackle them in order

    Q1 - Is it possible to setup FCS without SQL 2005 Enterprise

    A1 - We are targeting support for SQL 2005 Standard edition at RTM.  Would support for SQL 2005 Standard be valuable?  Would this solve the requirement of the SQL licensing issue?

    Q2: Is it possible to setup FCS without MOM

    A2:  Yes, but you will lose the built in reporting/alerting system.  Since we use the OnePoint DB to store all your configuration information, you would need to install the Collection Role (along with the Management and Distribution roles), but you wouldn't need to install the MOM agents on the clients (use the /NOMOM switch)

    You would be able to create and deploy policies, but you would not have any reporting or alerts.  You'd be unable to track policy and signature deployment status or find out if any malware was detected or if you had missing patches or other vulnerabilities.  You would be able to actively protect your client computers from spyware and viruses.

    Q3: Use AD to store settings for individual workstations

    A3:  This is an interesting suggestion for an "FCS-lite".  We gather lots of information from the event logs on a continuous basis, and storing all that over a long period in AD would probably be pretty cumbersome.  Also, I'd be worried about backup and recovery and general performance of my DC's. 

    Is the primary ask for FCS-lite to work around the SQL 2005 Enterprise requirement?  Or are there other infrastructure components that you'd like to see us leverage in a future edition?

    Thanks

    Chris

    Forefront Client Security PM

    Wednesday, December 6, 2006 12:03 AM
  • Can you help me with an example of what you'd like to see stored in the Active Directory as far as FCS settings goes?

    Because the computer object already exists and AM and SSA act in the context of the machine account (for reporting purposes), what would you put in the directory that you could then from the FCS perspective?  We do store policy elements in the directory as GPO's and replicate those via the domain naming contexts. 

    We'd love to hear what you are thinking here as it is these suggestions that drive future improvements into the product.

     

     

    Wednesday, December 6, 2006 6:35 AM
  • Thank you for the response, Chris. Those responses have given me hope that I can persuade my organization to switch to FCS.

    "A1 - We are targeting support for SQL 2005 Standard edition at RTM.  Would support for SQL 2005 Standard be valuable?  Would this solve the requirement of the SQL licensing issue?"

    Support for SQL 2005 Standard would be greatly valuable. We have licenses for, and are currently operating SQL 2005 Standard servers right now. I feel that this would allow most mid-size, and some small-size organizations utilize FCS. I know it opens the door to pretty much any organization that can purchase software under educational pricing. I had in the past year received quotes for SQL 2005 Standard, which even under education came to $2,600 for a per-cpu, per-year license (If I remember correctly, the per-cpu is cheaper than per-user/connection after 25-30 CALs). The enterprise license was $12,000 per-cpu, per-year. For non-educational pricing those prices jump to about $7,000 for the standard and $17,000 for the enterprise. In either case a savings of $10,000 per-cpu, per-year is very valuable. The prices I listed are based on quotes I received from CDW-G, and Zones back in February, 2006.

    "A2:  Yes, but you will lose the built in reporting/alerting system.  Since we use the OnePoint DB to store all your configuration information, you would need to install the Collection Role (along with the Management and Distribution roles), but you wouldn't need to install the MOM agents on the clients (use the /NOMOM switch)"

    At this point, I think I need to do some extra research into MOM. I have basically been associating the reporting features with MOM, and also as the basis for the SQL 2005 Enterprise requirement for its reporting services. As a result, I figured if FCS could be setup without MOM, that it would also eliminate the SQL 2005 Enterprise requirement.

    On a related topic, I was looking over the FCS requirements again, and I do not see MOM listed as a requirement. Is the MOM included with the FCS Public Beta install a reduced- or full-version of MOM that will also be included with FCS at release? In other words, if we want the reporting/alerting system, do we need to purchase MOM separately?

    "A3:  This is an interesting suggestion for an "FCS-lite".  We gather lots of information from the event logs on a continuous basis, and storing all that over a long period in AD would probably be pretty cumbersome.  Also, I'd be worried about backup and recovery and general performance of my DC's."

    I was considering removing that piece regarding using AD, as I knew that you were using group policies for most or all of the configuration. I agree that AD would definitely not be best solution for storing log data, especially since SQL 2005 Express is a free download, a "FCS-lite" could utilize that for logging purposes.

    "Is the primary ask for FCS-lite to work around the SQL 2005 Enterprise requirement?  Or are there other infrastructure components that you'd like to see us leverage in a future edition?"

    My main concern is the SQL 2005 Enterprise requirement. I would not be the least bit concerned if I could not generate reports if that is what it took to get FCS working with SQL 2005 Standard or Express. I would be disappointed with not being able to receive alerts via email if it could not be done with Standard or Express, but I would push for anything that matches or exceeds Symantec Anti-Virus Corporate abilities.

    Thank you taking the time to read my concerns/suggestions, and to respond.

    Jason DeVries

    Wednesday, December 6, 2006 3:21 PM
  • Thank you for the response, Steve.

    I was considering editing or removing that section after I re-read it as I knew most or all settings were applied via Group Policies, and logging would definitely not work well being stored in AD. That does not leave much of anything else to store in AD

    I can only think of storing computer-specific over-rides/configuration changes in the AD objects versus creating a group policy for settings for a single computer. However, when I think about that, I recognize that it starts complicating the management components and that it would be a rare occasion to setup a single computer with a special configuration. So an extra group policy or two for single computers with special configurations should not be an issue.

    Basically, I let my mind wander from the main point of looking for ways around the SQL 2005 Enterprise requirement.

     

    Wednesday, December 6, 2006 3:37 PM
  • Hi Jason

    We really hope you can convince your organization to move to FCS!

    Thanks for the feedback on the SQL Standard and it's impact on pricing/costs for customers.  We are definitely hearing the same type of feedback and are spending the cycles to evaluate supporting it by RTM

    As for MOM and SQL, there are actually 4 components in this area

    • SQL Database service (hosts the actual DBs)
    • SQL Reporting services (service to generate the actual reports)
    • MOM Server (handles the data collection from the agents)
    • MOM Reporting (reporting for MOM, which also adds the data warehouse (DWH) database)

    SQL 2005 Enterprise vs Standard is around scalability and other features optimized for performance/etc.  We want to be sure that SQL Standard will meet the requirements in these areas.

    MOM is included as part of the FCS package, so you do not need to purchase a seperate MOM instance for FCS.  When you purchase FCS, you get all the required MOM components (both the MOM Server and MOM Reporting components).  SQL 2005 is not included in the FCS package

    The version of MOM that ships with the FCS Public Beta is timebombed (I believe the end date is June 30th, 2007)

    It sounds like support for SQL standard would meet your FCS-Lite requirements - as above, the main items we are researching for SQL standard support are in the scalability/performance space (as opposed to rendering reports, etc). 

    As for the specific item about receiving alerts via email, you can definitely do this using the notification system in MOM - I'm using it internally and it works very well :-)

    Thanks - look forward to more great questions!

    Chris

    Forefront Client Security PM

    Thursday, December 7, 2006 10:36 PM