Mon - Fri 9:00 AM – 5:00 PMClosed on weekends

MicrosoftForefrontEOL_SQYou’ve probably heard that Microsoft Forefront, including MS Forefront Protection 2010 for Exchange Server, will be discontinued.  Instead, Microsoft has launched a new product line called Exchange Online Protection. Can existing Microsoft Forefront Protection customers simply migrate to the new Exchange Online Protection solution? Unfortunately for many the answer will be ‘no’. The new Exchange Online Protection solution is a paradigm shift that is likely to be incompatible with the majority of Microsoft Forefront Protection for Exchange Server customers.

Microsoft Forefront Protection for Exchange is an on-premise solution. Hosted solutions may be popular, but people who decide to go for on-premise solutions do so for a variety of good business reasons. Exchange Online Protection on the other hand is a hosted email security solution.


When your vendor changes direction in such a way that their product line becomes incompatible with your business needs, you need to consider a few things:

  • Do you keep using the existing product line?
  • Do you change your business strategy so you’re able to use their new product?
  • Do you stop using the old product and not replace it with anything else?
  • Do you switch vendors?

It’s easy to dismiss the points ‘use the existing product line’ or ‘simply stop using a solution altogether’. Using an old product will not offer you the level of protection your business requires – especially in the case of Microsoft Forefront Protection for Exchange. The protection it provides is dependent on content updates which will be stopped as soon as the product line is discontinued. Likewise, a company’s change in direction does not remove the risks their previous product line used to address. Those risks which were mitigated using the old software didn’t reach their EOL with the old product line, they still exist and are a risk.

This brings us to the crux of the matter.

Should you change business strategy or vendor?

Both are viable options of course but changing business strategy might be tricky to implement.

For some organizations it makes more sense to go for an on-premise solution. In most cases, the choice to opt for an on-premise solution is based on the need to mitigate risks by limiting the exposure of important data. Emails can contain confidential information and when using hosted solutions to process that data a business opens itself to various risks, such as a disgruntled employee using the content (without having permission to do so) and making money from it.

So is switching vendor the right answer?

Switching vendors can still be risky. You have no guarantees that vendor will not change direction in the future and there is a new product that needs to be installed and mastered by your IT team. That said, it’s not all bad. Other vendors can offer you the same feature set you are already accustomed to. Some might also offer features over and above what Microsoft Forefront had, thus making your security model more robust. Perhaps most importantly, you’re not exposing your business to new risks just to keep the old risks associated with using an Exchange Server mitigated. That, in my opinion, is a major advantage.

If you’re a MS Forefront user you should be considering your options. GFI MailEssentials is a robust anti-spam and email filtering solution that protects your network from email-borne threats. Click here for more information