How to Install Forefront Protection 2010 for SharePoint



Forefront Security for SharePoint has been revamped and renamed to Forefront Protection 2010 for SharePoint. Forefront Protection 2010 for SharePoint will work with the following SharePoint products: SharePoint Server 2010, MOSS 2007 SP1 or later, and Microsoft SharePoint Foundation version 3.0 SP1 or later. Check out the overview and list of new features from my previous post.

Account Requirements

“The user account used to install FPSP must have administrator privileges on the local SharePoint server, and be a member of the administrators group within SharePoint Central Administration. The FPSP installation process also collects account information to be used for the Microsoft Forefront Server Protection Controller for SharePoint service. This account must have SharePoint administrator privileges as well as read/write access to the SharePoint configuration and content databases.” (from TechNet)

The Install

Accept the license agreement and click Next.

This screen informs you of services that may need to be stopped and started during installation, click Next.

Review the installation folders, change if desired, and click Next.

If you use a proxy server for engine and definition updates, then enter that information here. Click Next.

Enter the domain account and password that satisfies the account requirements mentioned at the beginning of this post, then click Next.

Decide if you would like to join the Customer Experience Program, and then click Next.

Verify installation settings; take note that an engine update will start 5 mins after installation.

Scroll down and note that 5 random engines have been chosen, which can be changed after installation. Click Next and the installation will begin.

During the installation process, you will see a few command prompts open and close as the installer runs some necessary STSADM commands. You will be brought back to this screen for final configuring of the product.

Once the installation has completed, click Finish. That’s it, you’re all done! Now, let’s fire up the console.

Start > All Programs > Microsoft Forefront Server Protection > Forefront Protection for SharePoint Console

HUGE update in UI from the previous version! You are immediately given a dashboard showing the scan summaries and health monitors of the SharePoint farm – very helpful!

Want to verify your installation and see if it properly catches viruses? Follow this procedure provided by Microsoft.


Sponsors *Trusted SharePoint Ads Only!*

Packaged Enterprise Search
for SharePoint.View a quick online demo here!

Free Outlook Sidebar!
Access SharePoint from Outlook w/ Sidebar. Download Now!

SharePoint Migration Tools
Sharegate: No-Brainer Migration Tools for SharePoint. $375.

SharePoint Usage Reports
Usage reports, collaboration and audit for SharePoint.

8 Tips to Increase SharePoint Adoption
Download Free Whitepaper


Subscribe to our RSS feed and social profiles to receive updates.

13 Comments on “How to Install Forefront Protection 2010 for SharePoint”

  1. Reza Says:

    Looks nice! Does this need to be installed on each WFE? Is there a way to deploy it or automate the install without having to login to each WFE? Also how would we handle management across parent/child farms? Thanks!


    • sptwentyten Says:

      Thank you! Yes, FPSP needs to be installed on each WFE in the farm. If you have Systems Center Configuration Manager (SCCM), you can deploy FPSP that way. Check out this site for details on that: You might also be able to do it with some sort of remote PowerShell session. Check out this link on how to install FPSP with the command prompt: I’m not sure on the management across parent/child farms. However, FPSP does support exporting and importing configuration settings. So, once you get one setup the way you like it, you can export/import those settings onto another server. FPSP also ships with a management pack for Microsoft System Center Operations Manager 2007, which you can use to monitor the health of your FPSP systems.


      • installer Says:

        Okay … you said all the WFEs … but do you do the initial install on Workstation, or could you put it on the same box that SharePoint was configured from? I’m little confused on this install process and I read the links on technet but it doesn’t really say “which” servers to put it on.

        so i have
        1 Server: Central Admin
        2 Server: WFE 1
        3 Server: WFE 2
        4 Index Server
        5 SQL Cluster

        From your reply, it sounds like we need to pick the one of the first WFE as the install, then install on the second one or deploy/export settings ????

  2. Reza Says:

    I was looking for something like “Forefront Server Security Management Console” for the new Protection 2010 products. I think they are calling it “Forefront Protection Manager” and it can be used to easily manage a multiple server deployment. We have about 30-40 MOSS servers so we are hoping to minimize any manual tinkering with the keyword lists, templates, etc. We tried the previous version of ForeFront with the aforementioned Server Security console and it still required you to go in and touch each template on each server, so it wasn’t a viable solution.


  3. Naveed Says:

    I have a MOSS 2007 server farm, with 2 Web Front end servers on NLB and there is 1 Application/Index server.

    Do i need to install ForeFont Protection for SharePoint on both the Web Front end servers?
    If yes, then what will be the Installation type? Will this result in two management consoles on each Web front end servers?

    Please help with this query…thanks in advance….


  4. sharepointexpertswebtek Says:

    Wow, I’ve definitely learned the techniques in this comprehensive tutorial.
    Thank you for sharing this information.


  5. T Newcomb Says:

    Does this replace the OS level AV on the boxes or do you still need the OS level AV.


  6. Thuan (@nnthuan) Says:

    If you are installing FPSP on multiple servers, you can install and configure FPSP on a single SharePoint server and then export and import these configuration settings to additional SharePoint servers (keeping in mind that each FPSP installation must be performed individually on that server first). For more information, see “Exporting and importing configuration settings” in the Forefront Protection 2010 for SharePoint Operations Guide.


  7. Thuan (@nnthuan) Says:

    I wrote an article on how to create an infected document and upload to SharePoint document library. FPSP then prevented that document. Check it out :



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: