Contact Us Get Free Products
Search icon Contact Us Get Free Products
SCCM/MECM SCEP

SCCM Endpoint Protection Management Guide

Jonathan LefebvreApril 07 20171 Min Read

Contributor of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM consultant, working in the industry for more than 10 years. He developed a strong knowledge of SCCM and MDT to build automated OS deployment solution for clients, managed large and complexe environment, including Point of Sale (POS) related projects.

Jonathan Lefebvre

Table of Content
SCD Collaborators

SCCM Endpoint Protection is not the simplest SCCM tasks to put in place. Over the years, we trained many SCCM administrator using a simple approach and deployment strategy. We created this complete SCCM Endpoint Protection Guide based on our knowledge and experience.

This e-book is a best-practice guide on how to plan, configure, manage and deploy Endpoint Protection with SCCM. This e-book aims to help SCCM administrator understand the basic concept of each part of the Endpoint Protection management.

Many Endpoint Protection settings require customization based on your environment, this document describes a typical case that can be used in any organization as a good starting point for efficient malware protection.

The guide will help you achieve theses tasks:

  • Install Endpoint Protection point role
    • Setup your SCCM server to respond to your Endpoint Protection clients
  • Configure Software Update point to support Endpoint Protection
    • Enable the right product in your software update point to enable definition updates
  • Configure automatic deployment rules for Definition Updates
    • Automate your process, less effort, more results
  • Configure Endpoint Protection Agent policies
    • Ensure that your agents are configured correctly
  • Deploy the Endpoint Protection Agent
    • Plan a best-practice deployment strategy based on our experience
  • Manage Endpoint Protection clients
    • Day-to-day operational tasks to maintain client health

This guide does not explain how to setup your Software Update Point.

This guide does not cover Windows Defender Advanced threat.

Download and own this SCCM Endpoint Protection Management Guide in a single PDF file.

The PDF file is a 67 pages document that contains all information to manage endpoint protection with SCCM. Use our products page or use the button below to download it.

Download

SCCM Endpoint Protection Document screenshots

SCCM Endpoint Protection Guide
SCCM Endpoint Protection Guide
SCCM Endpoint Protection Guide
Endpoint Protection SCCM CB SCCM Current Branch SCEP System Center Endpoint Protection
SCD Collaborators
Comments (10)

Alexander

09.04.2019 AT 12:56 AM
Hello, i am preparing installation and configuration of SCEP. Now i saw that on prereq page from MS there stands "Server 2016 or later" is required for activation of Endpoint Protection Point. Does this guide require an update? https://docs.microsoft.com/en-us/sccm/core/plan-design/configs/site-and-site-system-prerequisites#bkmk_2012EPPpreq
Hide replies 1

Jonathan Lefebvre

09.30.2019 AT 08:25 AM
Hi Alexander, Thanks for sharing this info. We are looking into this as to why this requirement, what is the impact(if any), but so far the guide still works as-is. thanks. Jonathan
Hide replies 0

Ahmed Essam

03.27.2018 AT 09:27 AM
HI, I've about 4000 clients not get updates from sccm, is there logs should use to troubleshoot
Hide replies 1

Len A Paone

02.10.2020 AT 02:59 PM
If you are still on CM2012, its a dead-horse. YOu can longer deploy the software updates or virus definitions as of January 2020. You must purchase ESU MAK keys and migrate all your clients to a Current Branch infrastructure.
Hide replies 0

adamsebolka

10.02.2017 AT 09:38 AM
Is this update to date to reflect 1706?
Hide replies 1

Jonathan Lefebvre

10.02.2017 AT 09:44 AM
Hi Adam, yes this guide is still accurate for SCCM CB 1706. These task haven't changed: Install Endpoint Protection point role Configure Software Update point to support Endpoint Protection Configure automatic deployment rules for Definition Updates Configure Endpoint Protection Agent policies Deploy the Endpoint Protection Agent Manage Endpoint Protection clients Jonathan
Hide replies 0

mkueffner

09.27.2017 AT 12:37 PM
Hi, I have a quick question. On page 20, "A new Software Update Package should be used for SCEP", the screenshot shows a UNC path to package source. Do we create a new share or does this point to something that should already exist? Thank you, Mark
Hide replies 1

Jonathan Lefebvre

09.27.2017 AT 12:56 PM
Hi Mark, If you have a UNC path for different sources for SCCM (driver, OS, package, Software update) you can use that share. Having a specific (and new) folder to store SCEP definition updates is the way to do it. Hope this answer your question Jonathan
Hide replies 0

Tim Jeffries

08.10.2017 AT 10:18 AM
I bought another report and have yet to receive it yet. I want to buy more of these reports but I don't know if you guys are even in business or what's happening. You definitely processed my card but no product.
Hide replies 1

Jonathan Lefebvre

08.15.2017 AT 09:39 AM
Hi Tim, Most of us are on summer holidays now. Will look into this asap. Please provide us more detail in an email at [email protected] Thanks Jonathan
Hide replies 0
Related posts
Jonathan LefebvreApril 04 20258 Min Read
SCCM SQL 2022 Install Guide

Download and own this SCCM Installation Guide in a single PDF file. The PDF file is a 162...

SCCM/MECM
Jonathan LefebvreApril 04 20259 Min Read
Step-by-Step SCCM 2503 Upgrade Guide

Microsoft has released the first SCCM version for 2025 as the release cadence is now reduced to 2...

SCCM/MECM
Benoit LecoursMarch 15 202513 Min Read
Complete list of SCCM/Intune Windows 11 upgrade plan and options

As the expiration date of Windows 10 approaches quickly, It’s time to plan your journey to...

Intune SCCM/MECM Windows 11
Request a Quote

Please fill out the form, and one of our representatives will contact you in Less Than 24 Hours. We are open from Monday to Friday.

Consulting Services

Subscription

PatchMyPC

Reports and Guides

I'm interested in working with you

Consulting services and time banks are used for generic requests. All others are fixed-price plans.

Never share sensitive information (credit card numbers, social security numbers, passwords) through this form.
Request Sent

Thank you for subscribing to our newsletter or requesting a quote. You will receive our next month's newsletter. If you have requested a quote, we will get in touch with you as soon as possible.

Comment Sent

Thank for your reply!

Error

Something went wrong!