About templates

• Scan job templates: a Transport Scan Job template, a Realtime Scan Job template, and a Manual Scan Job template.
• Notification templates for each of the default notifications.
• Scanner update templates for each scan engine that is installed on the current system.

To create and distribute configuration templates to multiple servers

You will first need to configure the template file on one instance of FSE and then distribute the template to your other FSE installations.  You can either configure the Default template or create a new template.  For this example, we will create a new template, but configuring the Default template is done in the same way.

1. Click File, click Templates, and then click New. The New Template dialog box appears.
2. Select the Type of template you would like to create (Transport, Realtime, Manual, or Filter Set).
3. Give the template a Name (For example, Transport scan template), and then click OK. The new template is created and becomes a choice in the list in the top pane and in the Template list in the bottom pane of the Template Settings work pane.
4. From the list in the top pane, select your new template. If the templates are not visible, you can display them by clicking File, selecting Templates, and then clicking View Templates.
5. Click the appropriate work pane to configure the template. For example, if you have created a Transport template, select Antivirus Job in the SETTINGS section of the Shuttle Navigator and configure the template as you would a Transport scan job. Click Save when you are done.

To manually copy the template

 

1.       On the server where you created the new template, open the data folder C:\Program Files (x86)\Microsoft Forefront Security\Exchange Server\Data and copy the template.fdb file to a shared folder on your network.

2.       On the server where you would like to deploy the new template, re-name the existing template.fdb (For example, old_template.fdb) in case you need to roll-back to that template file for any reason. After you have re-named the original template file, access the shared folder where you saved the new template and copy the template.fdb file to the data folder: C:\Program Files (x86)\Microsoft Forefront Security\Exchange Server\Data

3.       Open the Forefront Server Security Administrator on the server where you just saved the template.

4.       In the SETTINGS section of the Shuttle Navigator, select Templates.

5.       In the list in the top pane, select the scan job to associate with the template you have just saved. For example, select the Transport scan job.

6.       In the lower work pane, select the desired template from the Template list.

7.       Click Load From Template.

8.       Click Save. The scan job’s settings are reconfigured to those in the selected template.

To use FSSMC to distribute the template

To deploy Forefront Security template files to remote servers, you must configure a template package and then create and run a deployment job for the target servers.

Creating a template package

1. Click Packages in the Job Management section of the Navigation Area. The Manage Packages work pane appears.
2. Click Add. The Add Package work pane appears.
3. Enter a name for the package in the Package Name field.
4. Enter the path to the Template file (Template.adb or Template.fdb) in the File to Upload field or use the Browse button to navigate to the file.
5. Click Add. The template file is uploaded to the FSSMC database and the Configure Template Package work pane appears.
6. Select Template Options to indicate which templates to deploy. (The templates are all found in the Template file you just uploaded.) Choose Select All to deploy all the templates or select as many of the individual templates as needed. The choices are:
   • Select All
   • Update Scan Job and Antivirus Settings
   • Update File Filter Settings
   • Update Notification Settings
   • Update File Scanner Updates Path and Proxy Server Settings
   • Update Content Filter Settings
   • Update Filter Lists
7. Click Finish to complete the package configuration and add the new package to the Package Names list in the Manage Packages work pane.
8. Create a deployment job for the new package.

Configuring the Template Deployment Job

1. Click Jobs in the Job Management section of the Navigation Area. The Manage Jobs work pane appears.
2. Select Deployment Jobs and click Create. The Deployment Job work pane appears.
3. Name the deployment job in the Job Name field. Job names may contain alphanumeric characters only.
4. Select the package to be deployed in the Select Package field. Either select an existing package from the list (in this case, the template file that you uploaded previously), or upload and configure a new package using the Add Package button.
5. Schedule the deployment, if desired. If you do not schedule the installation (by selecting Do Not Schedule Deployment), you must manually start the deployment job after you complete the configuration.
6. Enter the e-mail address of someone who should receive the success or failure notification following the deployment. Type an address in the E-mail recipients field and click Add to have the address appear in the Destination addresses section. You may enter multiple addresses, one at a time. After addresses have been added to the Destination addresses section, each has associated Edit, Delete, and Test buttons. If you modify the address, the Edit button changes to Update. Click Update to save your change. There is no confirmation when you click Delete.
7. Click Next. The Assign Job work pane appears.
8. Assign the job by selecting the target servers or server groups.
9. Click Finish to complete the job configuration. It will be added to the Manage Jobs work pane, under the Deployment Jobs section.
10. If you have not scheduled the job, you can run it by selecting it on the Manage Jobs work pane, and then clicking Run Now. The Run Job Now work pane appears. Click Run to start the job.