A few days ago we released three new Endpoint Protection reports. Together these reports give you a great insight into how well your Endpoint Protection clients are doing. Endpoint Protection – Dashboard System Health – Endpoint Protection System Health – Malware Detection (System Health reports are sold together) These reports are also available bundled together with Jonathan Lefebvre Endpoint Protection Management Guide at a discounted price. SCCM Endpoint Protection Dashboard This report shows you useful information about endpoint protection on a single page. The boxes at the top show current status as well as a trend for the last 30 days for each of the 5 categories a client can be in (Protected-Inactive-At Risk-Unprotected-Infected) . The two At Risk and Unprotected categories shows a breakdown of the subcategories that make up the these two states. If you bought the System Health – Endpoint Protection reports you can click on a number and it will drill-trough to a filtered … Read More
List of SCCM Endpoint Protection Agent Versions
We have compiled a list of SCCM Endpoint Protection agent versions, build numbers and cumulative updates. Anti-Malware platform updates are cumulative, meaning that the latest one includes the previous one. If you are new to System Center Endpoint Protection, see our complete guide which covers it all. We documented a few years back… since the SCCM 2012 RTM release. If we missed some versions, please let us know and we will update this post. This post will be updated as new releases are made available. **Updated 2017/04/10** How to get your SCCM Endpoint Protection Agent Version Numbers An easy and built-in way to evaluate Endpoint Protection version of the agent is to use the Software Update Compliance information: Open the SCCM console, go to Software Library / Software Update / All Software Updates Click on Add Criteria and check: Product & Update classification Select Product: Forefront Endpoint Protection 2010 Update Classification: Critical Updates … Read More
SCCM Endpoint Protection on Windows 10 Creators Update 1703
System Center Endpoint Protection and Windows Defender both have a history of changes since they came out years ago. When Windows 10 came out more changes were made to Endpoint Protection and Windows Defender as we covered in a previous post. The latest Windows 10 Creators Update (1703), also bring its share of changes for Windows Defender, which then impact Endpoint Protection on the end-user side. If you are new to System Center Endpoint Protection, see our complete guide which covers it all. In this post, we will look at what changed for Endpoint Protection and Windows Defender in the Windows 10 Creators Update (1703). What’s new for Endpoint Protection on Windows 10 Creators Update? First thing first. The name! Microsoft as once again renamed Windows Defender. The new name is Windows Defender Antivirus. This is due to the rising of Advanced Threat Protection (ATP) and the idea that Windows Defender … Read More
SCCM Endpoint Protection Management Guide
SCCM Endpoint Protection is not the simplest SCCM tasks to put in place. Over the years, we trained many SCCM administrator using a simple approach and deployment strategy. We created this complete SCCM Endpoint Protection Guide based on our knowledge and experience. This e-book is a best-practice guide on how to plan, configure, manage and deploy Endpoint Protection with SCCM. This e-book aims to help SCCM administrator understand the basic concept of each part of the Endpoint Protection management. Many Endpoint Protection settings require customization based on your environment, this document describes a typical case that can be used in any organization as a good starting point for efficient malware protection. The guide will help you achieve theses tasks: Install Endpoint Protection point role Setup your SCCM server to respond to your Endpoint Protection clients Configure Software Update point to support Endpoint Protection Enable the right product in your software update … Read More
Managing Windows 10 Endpoint Protection with SCCM 2012
Windows 10 is out since July 29th, now you want to manage Windows 10 Endpoint Protection with SCCM 2012. You have probably noticed that Windows 10 comes natively with Windows Defender. Instead of Endpoint Protection, it is now the default anti-malware managed by SCCM 2012. Actually, the Endpoint Protection agent is installed locally in Programs & Features but it’s using the Windows Defender UI with a thin layer of Endpoint Protection to manage policies and malware definitions. If you have already deployed Windows 10 in your environment, you might have encountered an issue where your Endpoint Protection policies are applied but the malware definitions are not updated. Some have found a way to work around this problem by extracting the Endpoint Protection installer and make Endpoint Protection malware definitions automatically update. Unfortunately, this TechNet article is the only official documentation but it’s mentioning only Windows 10 Technical Preview, no word about Windows 10 RTM. Might only be a matter of updating their documentation. For … Read More
Endpoint Protection Policy is not Applied
This post explains what to do when Endpoint Protection policy not applied Symptom The policy was applied to a specific collection and all members of the collection were failing to apply the policy Monitoring / Endpoint Protection Status / System Center 2012 R2 Endpoint Protection Status / Operational State 12 clients are failing to apply the custom policy. Clicking on the “Antimalware policy application failed” brings us to the list of machine. On the bottom, clicking on the “Antimalware Policy” tab shows the error : 0x80004005 – Failed to generate Antimalware policy file Let’s look at the EndpointProtectionAgent.log on one of the affected client. Failed to generate AM policy XML with error code 0x80004005 State 2 and ErrorCode -2147467259 and ErrorMsg Failed to generate Antimalware policy file You can see that my policy “Endpoint Protection CTX 4.5, 6.0 & 6.5” is failing. Error 4005 would make me think about “Access Denied” error … Read More