Chapter 16. Managing anti-malware with ConfigMgr
Dealing with malware is part and parcel of administering any environment of any size. Because of its prominence as a desktop operating system, Windows has always been a popular target for malware, and the responsibility for ensuring that appropriate countermeasures are deployed and maintained often falls to desktop and server administrators.
ConfigMgr has the ability to natively act as the center of your anti-malware solution, using System Center Endpoint Protection (or SCEP, for short). SCEP used to be Forefront Endpoint Protection (or FEP), which was a separate product, but this was integrated into ConfigMgr 2007 via a manual installation process. ConfigMgr 2012 and later bring both products together seamlessly, using skills and investments that you’ve already made in your environment.
Anti-malware on Windows 10 is handled differently from previous versions of Windows. With Windows 8.1 and earlier (including Server 2012 R2), SCEP installs as a discrete application that’s managed via ConfigMgr. On Windows 10, the SCEP installation process integrates with Windows Defender, which is already present on the operating system. In this chapter, as shown in figure 16.1, you’ll take control of Windows Defender and manage it directly using ConfigMgr, and then get a feel for reporting and incident management.