Elczar Adame's Shared Points on SharePoint

Archive for July, 2008

WSS 3.0 and MOSS 2007 Infrastructure Updates


 
WSS 3.0 and MOSS 2007 Infrastructure Updates
 
This includes infrastructure updates for Windows SharePoint Services 3.0, Microsoft Office SharePoint Server 2007, and other Office System technologies. It primarily contains latest Enterprise Search features and performance updates.
 
1. KB951695 – Infrastructure Update for Windows SharePoint Services 3.0 (Download x86 and x64)
2. KB951297 – Infrastructure Update for Microsoft Office Servers including Microsoft Office SharePoint Sever 2007 (Download x86 and x64)
 
Installation instructions for Windows SharePoint Services 3.0 Infrastructure Update and Microsoft Office SharePoint Server 2007 Infrastructure Update are available for download. Moreover, details and links of related articles are available at Microsoft SharePoint Team Blog.
 
Thanks!
 
 
 
 
Advertisements

SharePoint File Filtering in ForeFront


 

SharePoint File Filtering in ForeFront

The Forefront Security for SharePoint file filter feature gives you the ability to filter files with a specific type, extension, or names. Like in keyword filter feature, as we have explored in my previous article, the file filter can be configured to perform actions on the file such as delete, quarantine, notify, and report the detected file. A demonstration video is available for download in a limited number of days.

1.      Let us start by opening out ForeFront Server Security Administrator. In the shuttle navigator let us click Filtering, and then the File icon. Below is the illustration.

Filter

1.      In the upper pane of the File Filtering window, for demonstration purposes, let us select SharePoint (Manual Scan Job).

2.      In the File Names pane let us click Add, then type “*.docx”, and the press enter.

Electively, we can configure to filter files based on their size by specifying the size in kilobytes, megabytes, or gigabytes. Example: *.doc=>150KB.

3.      A .docx file may not have an OPENXML file type. In the File Types list box, ForeFront has provided us the facility to specify the file type associated to the selected File Name. For demonstration purposes, let us check the All Types checkbox at the bottom of the File Types list.

4.      Let us make sure that the File Filter is set to Enabled. And then, for our purpose, let us set the Action to Skip: Detect Only.

In my previous piece, I have briefly described the various Action options we could set for our filter.

5.      Let us uncheck the Send Notification and check the Quarantine Files option. And to confirm the configuration, let us click Save.  Below is the illustration.

Final

To check the filter we have defined, let us create a Word document, and then upload it in a document library in our SharePoint site. Subsequently, let us open our ForeFront Server Security Administrator, and in the Operate shuttle navigator, let us click the Quick Scan icon. Select the corresponding Web application in the explorer pane, select corresponding File Scanners, set the Bias field to Favor Certainty – notwithstanding that it is not used in file filtering, and the Action field to Skip: Detect Only. Lastly, uncheck the Send Notifications option, and check the Quarantine Files. Below is the illustration.

Scan

In my previous blog, I have tried to tabulate the possible Bias settings.

And there we go! Let us just click the Run button and the malicious document we have uploaded will be detected and it will be logged in the Quarantine under the Report shuttle navigator.

Hoping this piece would help.

Keyword Filter Installer in ForeFront for SharePoint


 

Keyword Filter Installer in ForeFront for SharePoint

In my previous piece, I have attempted to provide a guideline on the basic steps in creating and configuring keyword filter in Microsoft ForeFront Security for SharePoint. To assist us in filtering for profanity, list instances in various languages are included with the product. This is an elective module and must be installed separately.

This post will guide us in installing the component and importing it our filter list. Likewise, a demonstration video is available for download in a limited number of days.

1.       We will start by executing the KeywordInstaller.msi in the installation folder. By default it is located at C:\Program Files\Microsoft Forefront Security\SharePoint.

2.       During the installation, we will be prompted to select the keyword language. For demonstration purposes, we will select English Keywords. Below is the illustration.

Language

3.       Upon installation, let us verify the English Profanity List.txt file at C:\Program Files\Microsoft Forefront Security\SharePoint\Data\Example Keywords.

4.       Now it is time for us to import the list into our filters. In the Filtering section of the shuttle navigator of our ForeFront Server Security Administrator, click the Filter Lists icon.

5.       In the List Types pane, as illustrated below, select Keywords.

6.       Let us click the Add button in the List Names pane. For demonstration purposes, let us name our new list as Prohibited, and then press Enter.

7.       With the Prohibited list selected, let us click the edit button. Notice that the Edit Filter List dialog box will appear.

8.       In the same dialog box click Import. Let us open our English Profanity List.txt file.

9.       In the Import List dialog box, as illustrated below, click Move All Item to Include In Filter list box. And then click OK.

Import

10.   In the Edit Filter List dialog click OK. And there we are! Just click the Save button and we successfully installed and imported the profanity filter list.

Hoping this would help.

 

SharePoint Keyword Filtering in ForeFront


 

SharePoint Keyword Filtering in ForeFront

With the aid of Microsoft ForeFront Server Security for SharePoint we could easily identify unwanted and prohibited contents in our SharePoint web application, including Word, Excel, PowerPoint, and other document types. By defining keyword filters, we can sort out documents based on words, phrases, and sentences.

This paper attempts to guide us on the two major steps in creating keyword filter in Microsoft ForeFront Security for SharePoint: creation and configuration of keyword list. Likewise, a demonstration video is available for download in a limited number of days.

Keyword List Creation

1.      Let us start by opening our Microsoft ForeFront Server Security for SharePoint.

2.      In the Filtering section of the shuttle navigator, click the Filter Lists icon.

3.      In the List Types pane, as illustrated below, select Keywords.

Types

4.      Let us click the Add button in the List Names pane. For demonstration purposes, let us name our new list as Prohibited, and then press Enter.

5.      With the Prohibited list selected, let us click the edit button. Notice that the Edit Filter List dialog box will appear.

6.      In the Edit Filter List dialog box, as illustrated below, let us click the Add button in the Include In Filter section. For demonstration purposes, let us type a word Malevolent, and then press Enter.

We can include a word, a phrase, or an expression in a filter list. In an expression, a query contains operators that separate text tokens, including _AND_, _NOT_, _ANDNOT_, et al. There must be a space between an operator and a keyword. Example: Malicious<space>_AND_<space>Horrible.

The Help file of ForeFront provides us comprehensive channel in formulating a filter expression. In addition, to aid us in filtering for profanity, filter lists in various languages are included with the product. I will try to provide you a guide on this in my subsequent paper.

Moreover, we can create our filter list offline in Notepad or a similar text editor and then import it to an appropriate filter list. And with same token, we can export our existing filter list to Notepad using the Forefront Server Security Administrator.

 

List

7.      Finally, let us click the Add button. We will have now a keyword Malevolent defined under a keyword list Prohibited.

Keyword List Configuration

The next step is to configure the keyword list we have created.

1.      Still in the Filtering section of the shuttle navigator, click the Keyword icon. Below is the illustration.

Keyword

2.      In the top pane, for demonstration purposes, let us select the SharePoint (Manual Scan Job) as a scan job for which we will enable our Prohibited keyword filter list.

3.      In the Keyword Fields section, let us select Text/HTML/Word/PowerPoint Documents. And in the Filter Lists section, let us select Prohibited filter list.

4.      In the right section of our keyword window, set the Filter field to Enabled, the Action field to Skip: Detect Only, uncheck the Send Notification, and check the Quarantine.

The Maximum Unique Keyword Hits in the Filter Lists section enables us to specify the number of times a keyword much match for the action to be taken.

The following table describes the Action options we could set of each keyword list:

Skip: Detect Only

Logs the messages that meet the filter criteria. However, if Delete Corrupted Compressed, Delete Corrupted Uuencode Files, or Delete Encrypted Compressed Files is selected in General Options, as illustrated below, a match to any of those conditions will cause the item to be deleted.

Block: Prevent Transfer

Prevents the transfer of a file that meets the filter criteria. This action is for Realtime scans only.

Delete: Remove Infection

Deletes the contents of the file and replaces it with the Deletion Text. This action is for Manual scans only.

 

General

5.      To confirm the configuration, let us click Save.

To check the filter we have defined, let us create a Word document having a word Malevolent in its content, and then upload it in a document library in our SharePoint site. Subsequently, let us open our ForeFront Server Security Administrator, and in the Operate shuttle navigator, let us click the Quick Scan icon. Select the corresponding Web application in the explorer pane, select corresponding File Scanners, set the Bias field to Favor Certainty – notwithstanding that it is not used in file filtering, and the Action field to Skip: Detect Only. Lastly, uncheck the Send Notifications option, and check the Quarantine Files. Below is the illustration.

Scan

The bias setting directs the number of engines are needed to provide you with an acceptable probability that our SharePoint Web application is protected. It only applies to virus scanning and not used in file filtering. Below are the possible bias settings:

Maximum Performance

For fastest performance, it scans with only one of the selected engines.

Favor Performance

Fluctuates between scanning with one of the selected engines and half of them.

Neutral

For a balance security and performance, scans with at least half of the selected engines.

Favor Certainty

Scans with all available selected engines. If an engine is not available because it is being updated, it continues to scan with all of the remaining engines.

Maximum Certainty

Scans with all of the selected engines. If an engine is not available because it is being updated, files are queued until the engine is once again ready to scan them.

 

And there we go! Let us just click the Run button and the malicious document we have uploaded will be detected and it will be logged in the Quarantine under the Report shuttle navigator.

Hoping this piece would help.

 

 

Extending and Mapping SharePoint Web Application


 

Extending and Mapping SharePoint Web Application

These past few days I have received several inquiries on how to extend SharePoint Web application to both internal and external users, and a related inquiry on how to access a forms-authentication-based SharePoint Web application in Microsoft Office SharePoint Designer 2007. The answer to both questions is the same: extend and map our SharePoint Web application.

Extending SharePoint Web Application

Microsoft has provided us in the SharePoint 3.0 Central Administration a facility to extend and map our SharePoint Web application.

1.      Let start by opening our SharePoint 3.0 Central Administration. In the Application Management tab, under the SharePoint Web Application Management section, click Create or Extend Web Application. As illustrated below, we will be redirected to Create or Extend Web Application page.

Extend

2.      On the same page, let us click Extend an Existing Web Application. It will create a separate IIS Web Site that exposes the same content and reuses the content database from an existing Web application. This is typically used for extranet deployment where different users access content using different domains.

 

Moreover, since forms-authentication-based SharePoint Web application could not be accessed in Microsoft Office SharePoint Designer 2007, we could set the Authentication Providers settings of our extended Web site to Windows while our default Web application remains its forms authentication configuration.

 

3.      In the Extend Web Application to Another IIS Web Site page, as illustrated below, let us select the existing Web application we want to extend. For demonstration purposes, we will pick the default Web application to be extended.

 

If necessary let us change the default settings. In this piece, we will name our extended Web application as PointExtended, the port is set to 3000, and Zone to Intranet.

Intranet

4.      There we go, by clicking the OK button we have already extended our existing SharePoint Web application.

Mapping SharePoint Web Application

1.      In our SharePoint 3.0 Central Administration, in the Operations tab, under the Global Configuration section, let us click Alternate Access Mappings.

2.      As illustrated below, we will be redirected to Alternate Access Mappings page where our extended web application has already reflected.

 

Mapping

3.      Click the corresponding Web application to have the facility of configuring URL Protocol, Host and Port, and the Zone.

And we have already extended and mapped our SharePoint Web application. I am hoping this would help.

Installing Microsoft ForeFront for SharePoint


 

Installing Microsoft ForeFront for SharePoint

Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007 require an antivirus solution that can prevent the spread of viruses and malicious content in the portal, that traditional antivirus technology cannot offer. Microsoft ForeFront for SharePoint is the solution!

 

Thanks to Maria Green, an IT Pro Evangelist, Microsoft Asia Pacific for sponsoring me in the IT PRO Momentum program which provides me access to the resources in exploring this technology.

Some of its noteworthy features are:

1. Multiple Scan Engines
2. Realtime Scan Job
3. Manual Scan Job
4. File Filtering
5. Keyword Filtering
6. Event Notification
7. Reporting and Statistics
8. File Scanner Updating
9. Engine Update Notification
10. ForeFront Server Security Administrator

This paper would provide us installation guidance for Microsoft ForeFront for SharePoint.

1.       Upon running the installer, the first set of screens that will prompt us are the Welcome, License Agreement, and the Customer Information screens.

2.       The next screen of the InstallShield Wizard, as illustrated below, is the Install Location where we need to select from local or remote installations.  It simply shows that Microsoft ForeFront Server Security for SharePoint supports both local and remote installations.

Location

3.       The next screen of the wizard is the Installation Type. Here we could choose between Client and Full Installation. Choosing the Client option would install administration console only, while with Full Installation it will install all antivirus components and administration console. Below is the illustration.

Type

4.       After the Installation Type is the Engines screen where we are going to select among the integrated scan engines in ForeFront.  The Microsoft Antimalware Engine is mandatory and we could integrate another four engines if necessary. Below is the illustration.

Engines

 

5.       The subsequent screens are Engine Updates Required, Choose Destination Location, and Select Program Folder.

6.       Following is the SharePoint Database Account Information screen where you are going to specify an account for SharePoint database access. As stated on the screen, the account must be a member of the local Administrator group on both SharePoint and database servers. Below is the illustration.

Account

7.       Just follow the wizard, and then click the Finish button on the InstallShield Wizard Complete. To open the ForeFront Server Security Administration, click Start > All Programs > Microsoft ForeFront Server Security > SharePoint Security > ForeFront Server Security Administrator. And that is it!

 

Microsoft ForeFront Security for SharePoint


 

Microsoft ForeFront Security for SharePoint 

 

Microsoft ForeFront Security for SharePoint offers incorporated scan engines and content security features for Microsoft Office SharePoint Server 2007 and Windows SharePoint Service 3.0 environment, including malevolent code, confidential information, and unsuitable content.

A trial copy of Microsoft ForeFront Security for SharePoint with Service Pack 2 is available for download. Moreover, Microsoft has provided us comprehensive guide on product evaluation, deployment, and operations, including user guide and best practices guide.

 

Tag Cloud