FEP 2010 with Configuration Manager 2007 – Part 2
Alright, so here’s part 2 of my series just to get you started with using FEP 2010 on your SCCM console.
The first thing you will realise as soon as you open up your SCCM console and expand Collections, you will see a hierarchy of collection with its parent collection called FEP Collections. Underneath it you’ll find sub-collections each categorizing the state of the client like Definition Status, Deployment Status, Protection Status and Security Status just to name a few. Computers will end up in various collections depending on its state, for example if the virus definition is 5 days old, then it’ll end up in the collection where all computers that have its virus definition of up to 7 days old.
Next you’ll find 3 new packages that you did not create; FEP Deployment, Operations and Policies. One of the first things you need to do is to get the FEP client (which is the anti-virus engine) out to your computers. Just make sure you populate the DPs with the package and then create an advertisement to your target collection.
You’ll get a new node on the left pane for ForeFront Endpoint Protection where you’ll get a dashboard view of the different status as well as areas where you can configure email alerts; yeah finally a form of alerting! SMTP works fine for me.
Here is where you can configure your SMTP settings for alerting purposes.
Now to alerting. You can set a rule to send out an alert whenever the same malware/virus is detected probably signalling a virus outbreak. Here you’ll set the number of computers detected with the same virus before an alert is sent out.
And whenever a computer has been detected with a virus, an alert can be sent out notifying the administrator.
You might want to know if the same virus has been detected on a computer repeatedly within a certain interval; before being 24 hours.
And you might want to also know if multiple viruses are hitting a computer over a certain interval.
Here’s what I like. You can execute a quick/full scan on a client computer from the console.
And yes it works by creating an advertisement in the background that will then execute on the client computer. Of course you can schedule the advertisement to re-occur, daily/weekly or whatever.
That’s it! That’s all for my overview of the FEP 2010 integration with Configuration Manager 2007. Please let me know if you have questions.