You are previewing Microsoft System Center 2012 Endpoint Protection Cookbook.
O'Reilly logo
Microsoft System Center 2012 Endpoint Protection Cookbook

Book Description

Install and manage System Center Endpoint Protection with total professionalism thanks to the 30 recipes in this highly focused Cookbook. From common tasks to automated reporting features, all the crucial techniques are here.

  • Master the most crucial tasks you’ll need to implement System Center 2012 Endpoint Protection

  • Provision SCEP administrators with just the right level of privileges, build the best possible SCEP policies for your workstations and servers, discover the hidden potential of command line utilities and much more in this practical book and eBook

  • Quick and easy recipes to ease the pain of migrating from a legacy AV solution to SCEP

  • In Detail

    Microsoft System Center 2012 Endpoint Protection (previously known as Forefront Endpoint Protection 2012) protects client and server operating systems against threats with leading malware detection technologies. Built on Configuration Manager, it provides a unified infrastructure for client security and compliance management and "Microsoft System Center 2012 Endpoint Protection Cookbook" will help you get to grips with vital tasks for implementing this security tool.

    With the release of System Center 2012 Endpoint Protection, Microsoft is continuing its commitment to offering a cutting edge, enterprise- ready Anti-Virus solution. With its practical and easy to follow recipes, "Microsoft System Center 2012 Endpoint Protection Cookbook" fully prepares you for a simple, headache-free migration.

    This hands-on, practical cookbook will have you equipped with the knowledge to install and manage System Center 2012 Endpoint Protection like a pro in no time by following step by step recipes.

    You’ll gain insight into a wide range of management tasks, such as building your SCEP infrastructure, deploying SCEP clients and building the perfect AV policies for your workstation and servers. You’ll also benefit from a complete SCEP walk-through in a bonus appendix chapter.

    With "Microsoft System Center 2012 Endpoint Protection Cookbook" in hand, you will have the confidence to tackle essential tasks like deployment, policy and much more for SCEP.

    Table of Contents

    1. Microsoft System Center 2012 Endpoint Protection Cookbook
      1. Table of Contents
      2. Microsoft System Center 2012 Endpoint Protection Cookbook
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers and more
          1. Why Subscribe?
          2. Free Access for Packt account holders
          3. Instant Updates on New Packt Books
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. Getting Started with Client-Side Endpoint Protection Tasks
        1. Introduction
        2. Locating and interrupting client-side SCEP logs
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more…
            1. More details about the MPLog
            2. Other useful client-side logs
            3. NisLog.txt
        3. Performing manual definition updates and checking definition version
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Alternate definition sources
            2. Microsoft Update opt-in
        4. Manually editing local SCEP policy using the user interface
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Utilizing MpCmdRun.exe
          1. Getting Ready…
          2. How to do it…
          3. How it works…
          4. There's more...
            1. Using MpCmdRun to pull definition updates from an alternate source
            2. Using MpCmdRun to de-quarantine a false positive
            3. MpCmdRun logging
      9. 2. Planning and Rolling Installation
        1. Introduction
        2. Creating role-based SCEP administrators
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Creating auto deployment rules for SCEP definitions
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Enabling the Endpoint Protection role
          1. Getting ready
          2. How to do it...
          3. How it works...
      10. 3. SCEP Configuration
        1. Introduction
        2. Modifying SCEP default client settings
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Creating, modifying, and deploying a SCEP policy
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's More…
            1. Understanding policy precedence
            2. Server policy templates
        4. Setting up SCEP alerts
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Configuring reports
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's More…
            1. Accessing reports without the SCCM console
            2. Delivering reports to smartphone users
      11. 4. Client Deployment Preparation and Deployment
        1. Introduction
        2. Preparing your environment for SCEP
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Creating an effective deployment plan
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Deploying SCEP clients with SCCM 2012
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Verifying that SCEP policies are being applied correctly
          1. Getting ready
          2. How to do it...
          3. How it works...
        6. Performing a manual FEP client installation
          1. Getting ready
          2. How to do it...
          3. How it works...
      12. 5. Common Tasks
        1. Introduction
        2. Checking that your SCCM server has up-to-date SCEP definitions
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Performing SCEP operational tasks using the SCCM console
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Using SCEP reports to verify task completion
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Utilizing the SCEP dashboard
          1. Getting ready
          2. How to do it...
        6. Using MpCmdRun remotely
          1. Getting ready
          2. How to do it...
          3. How it works...
      13. 6. Management Tasks
        1. Introduction
        2. Verifying that SCEP clients are installed on all systems
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Changing control with SCEP policies
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Using SCEP policy templates
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Merging client policies
          1. Getting ready
          2. How to do it...
          3. How it works...
        6. Responding to SCEP alerts
          1. Getting ready
          2. How to do it...
          3. How it works...
      14. 7. Reporting
        1. Introduction
        2. Using the system-based SCEP reports
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Utilizing the user-based SCEP reports
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Providing access to reports
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Building custom reports
          1. Getting ready
          2. How to do it...
          3. How it works...
      15. 8. Troubleshooting
        1. Introduction
        2. Resolving client-side definition update issues
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Fixing SCCM client health issues
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Resolving false positives
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Dealing with infections that SCEP cannot resolve
          1. Getting ready
          2. How to do it...
          3. How it works...
      16. 9. Building an SCCM 2012 Lab
        1. Introduction
        2. Installing SCCM 2012 and SCEP in a standalone environment
          1. Getting ready
          2. How to do it...
          3. How it works...
      17. A. Appendix
        1. Integrating SCEP with SCOM 2012
        2. Client deployment checklists
        3. List of SCEP logfiles
        4. Using Windows Intune Endpoint Protection
      18. Index