Chapter 16. Managing anti-malware with ConfigMgr

 

Dealing with malware is part and parcel of administering any environment of any size. Because of its prominence as a desktop operating system, Windows has always been a popular target for malware, and the responsibility for ensuring that appropriate countermeasures are deployed and maintained often falls to desktop and server administrators.

ConfigMgr has the ability to natively act as the center of your anti-malware solution, using System Center Endpoint Protection (or SCEP, for short). SCEP used to be Forefront Endpoint Protection (or FEP), which was a separate product, but this was integrated into ConfigMgr 2007 via a manual installation process. ConfigMgr 2012 and later bring both products together seamlessly, using skills and investments that you’ve already made in your environment.

Anti-malware on Windows 10 is handled differently from previous versions of Windows. With Windows 8.1 and earlier (including Server 2012 R2), SCEP installs as a discrete application that’s managed via ConfigMgr. On Windows 10, the SCEP installation process integrates with Windows Defender, which is already present on the operating system. In this chapter, as shown in figure 16.1, you’ll take control of Windows Defender and manage it directly using ConfigMgr, and then get a feel for reporting and incident management.

Figure 16.1. By the end of this chapter, your anti-malware will be up and running.

16.1. Enabling System Center Endpoint Protection

 
 

16.2. Using anti-malware policies

 
 
 

16.3. Dealing with malware outbreaks

 

16.4. Labs

 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest