Managing More than 10,000 Clients


  • Hi All,

    I work in an environment that consists of nearly 100,000 clients. We are looking at Forefront Client Security as a possible enterprise anti-virus solution. Our computers are located in a very tight geographical area and we would like to be able to centrally control all management and reporting. We read about the cap at 10,000 clients per Client Security Deploment. Is it possible to create several management and reporting points and have then all roll their databases up a heirarchy to a central repository? This way we would be able to use one console to manage the enterprise as well as use one reporting site for up to date information. Any help is appreciated. Thanks.

    Tuesday, May 15, 2007 7:54 PM

All replies

  • Hello!

    The FCS team is investigating a tool that will provide a level of central mgmt/reporting for multiple FCS deployments.  Since the plans aren't yet finalized, I don't have any more complete information, but will post an update to this thread as it becomes available




    Forefront Client Security PM

    Wednesday, May 16, 2007 10:17 PM

    I work in an environment with around 33,000, spread across almost 2000 sites, Is this 10,000 client limit hard coded or it is just a suggestion that you don't go over this?  What happens when you have 10,000 clients and you get another 1, how does the system handle that?
    Tuesday, October 02, 2007 2:12 AM
  • The 10,000 is a very good recommendation.  We have only about 8,000 clients running FCS, but I was involved in a conference call with a company that has approx 24,000 clients on FCS.  They said that once you go over 10,000 clients you begin to see the performance of the hit on some of the servers.  I believe that the MOM and Management server were the hardest hit, but I can't find my notes from the call.  They are using two 5 server topology and are beginning to setup a third for load balancing.

    Friday, October 05, 2007 6:58 PM
  • Hi folks

    The recommended solution for customers with more than 10k machines is to host multiple FCS deployments (1 "pod" per 10k) and then centrally manage them via the upcoming Enterprise Manager). 


    For folks that are considering the Enterprise Manager, please ensure that each FCS deployment has a unique Management Group name.  This is a requirement for the Enterprise Manager




    Forefront Client Security PM

    Sunday, October 07, 2007 4:16 PM
  • Here is documentation for using Enterprise Manager and 10,000-100,000 clients:


    Client Security Enterprise Manager

    The Client Security Enterprise Manager tool allows you to aggregate reporting and management of up to 10 Client Security down-level deployments. This allows you to manage up to 100,000 client computers from a single Client Security console.

    There are two components to the Enterprise Manager installation:

    • The Enterprise Manager server component
    • The Enterprise Manager down-level component

    These components are installed on top of Client Security installations. Before installing Enterprise Manager, you must read the Enterprise Manager documentation.

    You can download the Client Security Enterprise Manager installer from the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkID=98850).

    Mike Crowley  A+, Network+, Security+, MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator

    Sunday, June 21, 2009 4:48 PM