Information Technology Reference
In-Depth Information
This section covers the following topics:
■
System Center Endpoint Protection
■
Implement Endpoint Protection
■
Antimalware policies
■
Windows Firewall policies
■
Policy management
■
Monitoring Endpoint Protection status
■
Configuring alerts
System Center Endpoint Protection is an antimalware client. Prior to the release of System
Center 2012, this client was part of the ForeFront suite of products. When you deploy the
Configuration Manager Endpoint Protection feature, an Endpoint Protection client installs on
Configuration Manager client computers. You can use the Endpoint Protection client to:
■
Detect and remediate malware, rootkit, network, and spyware vulnerabili-
ties
The Endpoint Protection client provides protection by performing scheduled
scans on a computer or by enabling real-time protection. Both these methods monitor
file and program activity on a computer. The client can use Network Inspection System
to inspect network traffic for the most commonly used protocols, such as HTTP, Server
Message Block (SMB), and Simple Mail Transfer Protocol (SMTP).
■
Automatically download antimalware definitions and engine updates
You can
deploy policies that define how often antimalware definitions are updated and how a
client obtains the updates.
■
Manage Windows Firewall settings
Endpoint Protection provides basic manage-
ment of Windows Firewall for the domain, private, and public profiles. Settings include
enabling or disabling the firewall; notifying the user when Windows Firewall blocks a
new program; and blocking all incoming connections, including those in the list of
allowed programs.
Integrating Endpoint Protection with Configuration Manager provides the following
benefits:
Flexible source locations for client updates
You can use a variety of source loca-
tions for definition updates. You can configure Endpoint Protection to:
■
Obtain updates that Configuration Manager or Windows Server Update Services
(WSUS) distributes.
■
Allow direct connection to Microsoft Update and the Microsoft Malware Protection
Center.
■
Obtain updates from a Universal Naming Convention (UNC) file share.
■
