Forefront Endpoint Protection Blog

All the latest news and information on Forefront Client Security, Forefront Endpoint Protection and System Center Endpoint Protection 2012
Translate This Page
Search Form
Actions
Tags
Blog - Link List
Related Sites
Archive
Archives

May, 2010

TechNet Blogs > Forefront Endpoint Protection Blog > May, 2010
Sort by: Most Recent | Most Views | Most Comments
Excerpt View | Full Post View
  • Forefront Endpoint Protection Blog

    Keeping FCS up to date

    Posted over 3 years ago
    by
    • 0 Comments

    FCS antimalware updates are classified in WSUS as critical updates. Therefore, if you want to automatically approve these updates you must create a rule for the Forefront Client Security product and the Critical Updates category in WSUS.

    There are two items to note:

    1. Antimalware client updates (not definition updates, but the program updates published periodically) have an End User License Agreement (EULA) that must be manually accepted. You must accept the EULA for these updates before the can be auto approved.

      You must approve the latest update, after which all subsequent updates will be auto approved.
    2. Microsoft has in the past, and may in the future, publish other FCS client updates or FCS server component updates in the Critical Updates category. If you create an auto approval rule any new updates in this category will also be auto-approved.

    To configure the auto approval rule, use the following steps (WSUS 3.0):

    1. In WSUS, in the tree, click Options, and then in the details pane, click Products and Classifications.
        image
    2. In the Products and Classifications dialog box, on the Products tab, in the Products list, ensure Forefront Client Security is selected.
        image
    3. On the Classifications tab, under Classifications, ensure Critical Updates is selected, and then click OK.
        image 
    4. In the details pane, click Automatic Approvals.
    5. In the Automatic Approvals dialog box, on the Update Rules tab, click New Rule.
        image
    6. On the Add Rule dialog box, under Step 1, click the checkboxes for the following items:
      • When an update is in a specific classification
      • When an update is in a specific product
        image
    7. Under Step 2, click the any classification link, click the checkbox for Critical Updates, and then click OK.
    8. Under Step 2, click the any product link, click the checkbox for Forefront Client Security, and then click OK.
      • You can optionally scope the approval rule to a set of computers by clicking the all computers link and then selecting one or more groups of computers to be recipients of the rule.
    9. Under Step 3, type a name for the rule, and then click OK.

    To approve an antimalware update that requires a EULA acceptance, or if you don’t want to create an auto approval rule (as above),  you must manually approve antimalware updates. For more information about manually approving updates, see Approving the Updates in the WSUS Operations guide.

    The latest antimalware client update as of this blog publication date is 979536; you can search for the update using the following steps:

    1. In the WSUS console, in the tree, right-click the Updates node and then click Search.
        image
    2. In the Search dialog box, on the Updates tab, type the name of the KB article and then click Find Now.
        image
    3. In Update Title list, right-click the name of the discovered update, and then click Approve.

    You can also create an update view, using the following steps;

    1. In the WSUS console, in the tree, right-click the Updates node and then click New Update View.
    2. On the Add Rule dialog box, under Step 1, click the checkboxes for the following items:
      • Updates are in a specific classification
      • Updates are in a specific product
    3. Under Step 2, click the any classification link, click the checkbox for Critical Updates, and then click OK.
    4. Under Step 2, click the any product link, click the checkbox for Forefront Client Security, and then click OK.
    5. Under Step 3, type a name for the rule, and then click OK.
    6. The update view is created, listing all the available updates that satisfy the criteria you specified: image
  • Forefront Endpoint Protection Blog

    And we’re back!

    Posted over 3 years ago
    by
    • 0 Comments

    Update completed! How do you like our new digs?

  • Forefront Endpoint Protection Blog

    Pardon our dust….

    Posted over 3 years ago
    by
    • 0 Comments

    The system on which the TechNet and MSDN blogs run is in the process of being upgraded. With this upgrade comes lots of new features, and new ways for us to engage with you, and for you to track and view the blogs.

    However, until the upgrade is complete, comments (way down on the bottom of the page) are disabled. This prevents any of your comments from being lost during the migration. You can still use the e-mail author link (off to the right, under This Blog – Email) to contact us.

    For more information about this migration, see Sean Jenkin’s blog. Sean is the PM for the TechNet and MSDN blogs, and is posting information about the new features and the status of the update…

    Thanks for reading, and stay tuned for a new look and new features… :D

Page 1 of 1 (3 items)