Windows 10 is out since July 29th, now you want to manage Windows 10 Endpoint Protection with SCCM 2012.
You have probably noticed that Windows 10 comes natively with Windows Defender. Instead of Endpoint Protection, it is now the default anti-malware managed by SCCM 2012. Actually, the Endpoint Protection agent is installed locally in Programs & Features but it’s using the Windows Defender UI with a thin layer of Endpoint Protection to manage policies and malware definitions.
If you have already deployed Windows 10 in your environment, you might have encountered an issue where your Endpoint Protection policies are applied but the malware definitions are not updated.
Some have found a way to work around this problem by extracting the Endpoint Protection installer and make Endpoint Protection malware definitions automatically update.
Unfortunately, this TechNet article is the only official documentation but it’s mentioning only Windows 10 Technical Preview, no word about Windows 10 RTM. Might only be a matter of updating their documentation.
For now, we will take the Windows 10 Technical Preview documentation and apply it to our Windows 10 RTM. It consists in enabling Windows Defender from the products tab in Software Update Point component properties.
SCCM 2012 Windows 10 Endpoint Protection Configuration
Prerequisite
- Have a functional Software Update Point
Enabling Windows Defender Product
- Go to Administration / Sites Configuration / Sites
- Select your most top site on which Software Update Point role is installed
- Go on Configure Sites Components from the top ribbon
- In the drop down menu, click on Software Update Point
- In the Software Update Point Components Properties window, go on the Products tab
- Check Windows Defender under the Windows section, and then click on OK
- Ensure that you have also Windows 10 checked
Synchronizing Software Updates
- Go to Software Library / Software Updates / All Software Updates
- On the top ribbon, click on Synchronize Software Updates
Verification
- Go to Software Library / Software Updates / All Software Updates
- In the Search field, look for Windows Defender
- Validate that make sure you have Windows Defender definition updates in the result list
From there, you deploy Windows Defender definitions like you would normally do with your existing Windows updates. To enhance your process, you could also configure an Automatic Deployment Rule (ADR) to automate the package creation and deployment.
We will update this post when Microsoft officially release their updated documentation.
John Doe
11.18.2015 AT 01:14 AMHasan
10.27.2015 AT 12:18 AMJonathan Lieng
11.03.2015 AT 09:29 PMOla Holtberget
10.06.2015 AT 08:20 AMOla Holtberget
10.07.2015 AT 04:49 AMFred
10.02.2015 AT 06:40 AMMrRoboto
10.08.2015 AT 11:27 AMBrad
09.09.2015 AT 11:39 AMChris
09.08.2015 AT 08:14 AMBenoit Lecours
09.15.2015 AT 08:04 AMNicolas Pilon
09.09.2015 AT 11:25 AM