Information Technology Reference
In-Depth Information
MORE INFO
MANAGING POLICIES
You can learn more about managing policies at
http://technet.microsoft.com/en-us/library
Configuration Manager provides extensive functionality, enabling you to monitor the status
of the Endpoint Protection client. You can use Configuration Manager to perform the follow-
ing monitoring tasks:
■
Ensure that computers have successfully installed the Endpoint Protection client.
■
Determine the status of the antimalware definition files on computers.
■
Determine which types of malware have been detected, how many computers have
been affected, and the remediation status.
Table 4-5 describes the methods to monitor Endpoint Protection status and compliance.
TABLE 4-5
Endpoint Protection monitoring methods
Method
Description
System Center 2012 R2 Endpoint
Protection Status
The Monitoring workspace has a node named Endpoint Protection
Status. Under this node is another node, named System Center 2012 R2
Endpoint Protection Status. This node provides information such as:
■
Endpoint Protection client status.
■
Malware remediation status.
■
Top 5 malware by number of computers.
■
Operational status of clients.
■
Definition status on computers.By default, All Systems is
selected to show status information. If you want to view the sta-
tus of other collections, you must select a collection for which
you want to view status information. You can select collections
that are listed only when:
You have deployed an antimalware policy to a collection.
■
You enable View This Collection In The Endpoint Protection
Dashboard on the Alerts tab of the device collection's
properties.
■
Malware Detected
The Monitoring workspace also has a node named Malware Detected.
This node provides a summary of detected malware, including infor-
mation such as Collection, Threat Name, Computers Infected, and
Computers Remediated.