Hey folks!
I wanted to let you know that we have guidance for migrating from FCS v1 to FEP 2010 here (http://technet.microsoft.com/en-us/library/gg477033.aspx).
The process involves the following high level steps:
Thanks!
Kim Ditto-Ehlert Senior Technical Writer
If you are using Forefront Endpoint Protection (FEP) 2010, you may have tried running one of the three default FEP reports and noticed that not all areas or sub-reports display properly. You may see an error in processing the reporting data or retrieving the data, similar to the error displayed below:
Error while trying to run the Antimalware Activity Report:
We found this error was due to the installed version of Microsoft SQL Server not being up-to-date with the latest Cumulative Update package. Cumulative Update packages contain hot fixes that address issues in the currently installed version of Microsoft SQL Server which may be versions ranging from Release to Manufacturing (RTM), Service Pack (SP), or Feature Release (R).
In digging into the details of the error related to FEP reports not displaying properly, we found the following errors in the System Center Configuration Manager Console and/or in the %drive%:\Program Files (x86)\Microsoft Configuration Manager\Logs\SRSRP.log file, reporting Error ID 7403 related to the health of SRS Reporting Point thread:
STATMSG: ID=7403 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_SRS_REPORTING_POINT" SYS= SITE= PID=2880 TID=5572 GMTDATE=Wed Oct 21 17:57:26.302 2009 ISTR0="HACM01" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_SRS_REPORTING_POINT 10/21/2009 10:57:26 AM 5572 (0x15C4) Failures reported during periodic health check by the SRS Server . Will retry check in 57 minutes SMS_SRS_REPORTING_POINT 10/21/2009 10:57:26 AM 5572 (0x15C4)
In the two environments we discovered this issue, Microsoft SQL Server 2008 and SQL Server 2008 R2 were running, but had NOT had the Cumulative Update package installed. As soon as this update was installed, the FEP reports began displaying properly.
At the time of this blog, these are the most current Cumulative Update Packages for Microsoft SQL Server 2008 and 2008 R2. However, you should do a Bing search to ensure you are always installing the latest version.
Forefront Endpoint Protection 2012 beta is here! We are extremely excited to announce the availability of Forefront Endpoint Protection 2012 Beta. Customers can download the Beta software immediately here. You can also download the pre-requisite System Center Configuration Manager 2012 Beta 2 here.
Forefront Endpoint Protection 2012 continues to deliver on the promise of Forefront Endpoint Protection 2010, simplifying and improving endpoint protection while also greatly reducing infrastructure costs. It builds on System Center Configuration Manager 2012, allowing customers to implement endpoint protection as part of a unified infrastructure for securing and managing physical, virtual, and mobile client environments. This shared infrastructure lowers ownership costs while providing improved visibility and control over endpoint management and security.
Forefront Endpoint Protection 2012 continues to provide proactive protection against known and unknown threats using multiple technologies in the antimalware engine like behavior monitoring, network inspection system and heuristics. With cloud based updates through the spynet service, endpoints get updated protection against new threats in real time. See the benefits of enabling Dynamic Signature Service in FEP here.
You can find more product details on our Website or TechCenter. And for more information about convergence of management and security, please visit our new Windows Optimized Desktop page.
You can now evaluate Forefront Endpoint Protection 2012 beta and System Center Configuration Manager 2012 beta with a community of early adopters. Join the Community Evaluation Program for System Center Configuration Manager and evaluate the products with guidance from the product team and by sharing of experiences and best practices among a community of peers.
We hope you will evaluate the early version and give us your feedback!
Forefront Endpoint Protection team
Using a CNAME (alias) DNS record for the server name when installing the Configuration Manager site database server components is supported in Configuration manager setup. However, it is not allowed by FEP and causes errors during setup.
A workaround for this issue is to avoid using the CNAME and change the site database server name in Configuration manager to the name of the site database server that is listed in Active Directory. Use the following steps to work around this issue.
When using a CNAME, you experience a FEP installation failure during the Reporting Services database installation. The FEP installation user interface displays a generic failure error. When reviewing the ServerSetup_<date_time>.log file, an error similar to the following is logged –
[2/7/2011 3:02:38 PM][Verbose] Successfully retrieved site info: Site server: SCCMSVR. Site Name: CONTOSO Development Site. Site Code: TEST. Site DB server: DB1. DB Name: CONFIGMANAGER_TEST. DB Instance: MSSQLSERVER. SRS Computers: SCCMSVR.CONTOSO.COM [2/7/2011 3:02:38 PM][Verbose] Machine account resolver received machine name 'DB1' [2/7/2011 3:02:38 PM][Verbose] Successfully connected to Domain Controller. LDAP path: 'LDAP://contoso.com' [2/7/2011 3:02:38 PM][Verbose] Successfully constructed AD search filter. Filter: '(&(objectclass=computer)(objectCategory=computer)(cn=DB1))' [2/7/2011 3:02:38 PM][Verbose] Successfully constructed AD search filter. Filter: '(&(objectclass=computer)(objectCategory=computer)(dnsHostName=DB1))' [2/7/2011 3:02:38 PM][Verbose] AD query result is empty [2/7/2011 3:02:38 PM][Verbose] Unexpected exception while resolving machine account. Domain Controller: 'DB1'. Exception: Microsoft.Forefront.EndpointProtection.Configure.Utility.ActiveDirectoryUtilitiesException: Setup cannot resolve the fully qualified domain name for the following computer in Active Directory. [2/7/2011 3:02:38 PM][Verbose]> Verify the following: the computer name is correct, the local computer is connected to the domain, the specified computer is a member of the same domain as the local computer, the specified computer is connected to the domain. Computer name: DB1 [2/7/2011 3:02:38 PM][Verbose]> at Microsoft.Forefront.EndpointProtection.Configure.Utility.ActiveDirectoryUtilities.GetMachineAccount(String comuterName) [2/7/2011 3:02:38 PM][Normal] The SQL Server computer cannot be found in Active Directory. Please verify that the provided computer name is valid, and that the computer is properly joined to the domain. If the specified computer is a SQL Server cluster, make sure that you have specified the cluster's SQL Network Name, and that the cluster is properly joined to the domain using 'Cluster Administrator'. SQL Server computer name: DB1. Error message: Failed to resolve machine account for DB1. Exception: Setup cannot resolve the fully qualified domain name for the following computer in Active Directory. [2/7/2011 3:02:38 PM][Normal]> Verify the following: the computer name is correct, the local computer is connected to the domain, the specified computer is a member of the same domain as the local computer, the specified computer is connected to the domain. Computer name: DB1