Jump to content


anyweb

using System Center 2012 Configuration Manager - Part 6. Adding the Endpoint Protection role, configure Alerts and custom Antimalware Policies.

Recommended Posts

sure, but if you want to check the compliance status of your ADR deployment on let's say all your Configuration Manager Servers, how are you planning on doing that ? if you are pointing at the All Desktops and Servers collection you won't get this granularity...

 

compliance of a deployment.png

Share this post


Link to post
Share on other sites

Hello,

 

As a follow up to my previous message, I am no longer going to run SCCM12 on Windows2012, and go back to my 2008r2 machine.

 

Anyways, as a result, on my 2008r2 machine, my SCCM12 will not auto-deploying definition files for EndPoint. As a result, my users keep getting Window Update popups every time a new definition file is ready to be installed. Any ideas?

Share this post


Link to post
Share on other sites

EndPoint Protection can uninstall the following products automatically, however you'll have to configure the client settings in order to make this change.

 

Select True (Configuration Manager with no service pack) or Yes (Configuration Manager SP1) to uninstall existing antimalware software.

 

 

Endpoint Protection uninstalls the following antimalware software only:

  • Symantec AntiVirus Corporate Edition version 10

  • Symantec Endpoint Protection version 11

  • Symantec Endpoint Protection Small Business Edition version 12

  • McAfee VirusScan Enterprise version 8

  • Trend Micro OfficeScan

  • Microsoft Forefront Codename Stirling Beta 2

  • Microsoft Forefront Codename Stirling Beta 3

  • Microsoft Forefront Client Security v1

  • Microsoft Security Essentials v1

  • Microsoft Security Essentials 2010

  • Microsoft Forefront Endpoint Protection 2010

  • Microsoft Security Center Online v1
  • Like 1

Share this post


Link to post
Share on other sites

This has been configured for a few months for me. Checking in the \\sccm\sources\WindowsUpdates\EndpointProtection\ directory, it's full of definition updates, dating back to November. Over 1900 items and 2GB of data. Is SCCM supposed to delete expired definitions or do I need to do something else to manage that?

Share this post


Link to post
Share on other sites

yes, if you want to target one computer with specific settings for that computer only then simply create a collection for that one computer, place the computer in that collection and target that collection with a custom antimalware policy

 

it seems a bit overkill though, why the need ?

Share this post


Link to post
Share on other sites

I am trying to understand why you have created so many ADRs, other than compliance reporting.

As far as I can tell, there are no settings in the ADR itself that would make much difference when deploying to various clients.

(I do see that a number of collections are needed to manage the different antimalware policies.)

 

Would it make sense to create a different set of collections (fewer in number) just for the ADRs?

This would result in a few more collections, but fewer ADRs...

 

Or is there something else, that I am not yet understanding, that would make using the policy-related collections for ADRs also the best way to structure this?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.