Migration to Forefront from AVD, how?

Current environment:
1. Mcafee AVD, 4 locations: a. HQ 70 nodes, b. Shanghai branch 5 nodes, c:
Ho Chi Minh City 10 nodes, d: Hanoi, 2 nodes. Shanghai branch is connected
to HQ through site-to-site VPN. The Vietnam offices are networks by
themselves, not connected to HQ.
2. ePO servers installed and running in HQ, WSUS 3.0 servers also running at
HQ. Clients at Vietnam are not served by ePO or WSUS server

For Vietnam it is quite straight forward, I can just ask them to uninstall
Mcafee Viruscan, then do manual installation /nomon for the Forefront Client
Security.
For HQ I have a constraint, I can only have the Forefront Management Console
up and running after Forefront Security for Exchange is installed and
running (on Exchange 2007). This is because I need the reused server which
currently is running antispam, to be used as the Forefront Management
Console.

From the documentations I have read so far, Forefront cannot do
uninstallation of Mcafee viruscan and epo agent during installation of
Forefront Client security. I might be wrong, though. I am thinking of
removing the viruscan and the epo agent from ePO console, then do manual
installation of Forefront Client Security to the clients. I have no problem
doing this a standalone installation (that means no specified policy and
asigned WSUS), however, if I do this, is there any problem with managing and
deployment from Forefront Management Console later? Is there any problem if
I change the WSUS server later (thinking of letting the Forefront Management
Console be a WSUS server itself)? Or, can I temporary set up a machine to be
the Forefront Management Console, do the deployment, then change the
configuration somewhere (where?) later to make forefront client aware of the
changes of Management Console and the WSUS server?

Or, is there another better solution?

Any advice is very much appreciated

Sing Chung