Forefront Endpoint Protection Blog

All the latest news and information on Forefront Client Security, Forefront Endpoint Protection and System Center Endpoint Protection 2012

Browse by Tags

Related Posts
  • Blog Post: Scanning email archives

    Continuing in the registry key series, let’s talk about DisableEmailScanning . By default, the antimalware engine included with FCS will not scan email archives (email archives are file-based containers that contain email messages). FCS is an enterprise-level product – and in an enterprise...
  • Blog Post: Setting a process exclusion in your network

    Trust me, one of these days you will need to exclude a process from being scanned by FCS. Or maybe you already crossed that bridge. You added a process exclusion using the GUI, it worked like a charm. As you need to have this exclusion set on all your systems, you opened the FCS console and edited...
  • Blog Post: Scanning reparse points

    Next in our series: how to enable scanning of reparse points , also known as junctions , or mount points . (For more information about what exactly reparse points, junctions and mount points are , see http://msdn.microsoft.com/en-us/library/aa365006(VS.85).aspx and http://msdn.microsoft.com/en...
  • Blog Post: Checking for definition updates when starting

    Next up in our registry key series: enabling definition updates upon service start. By default (out of box), the FCS client will check for definition updates: Before starting a scan At the configured interval Manually However, there is a registry key available that you can use to...
  • Blog Post: Definition updates: scan on update and update on startup

    Hi folks, There have been some questions about these two areas of definition updates, so I wanted to clarify this a bit. Whenever FEP does a definition update, a silent rescan of all running processes and loaded modules is performed. If there is malware running that is now detected by the new definitions...
  • Blog Post: Wildcards in path exclusions: FCS

    Since the August 2009 antimalware engine update we support wildcards in path exclusions for on-demand scans (quick/full/custom scan). It is important to note that Wildcards in path exclusions will not work for Real Time Protection and will be ignored (this does not apply to extension exclusions)....
  • Blog Post: Miscellaneous Real Time agent keys

    The final installment in our series on registry keys for FCS is a big one – there are a lot of registry keys that can be used to control the behavior of the FCS real-time protection agent. The following tables describe the keys (these are in addition to the ones described here and here , in...
  • Blog Post: Setting definition update keys via policy

    Next up in our registry key series: setting definition update keys via policy. On the FCS TechNet library, the following registry key is described: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0 Description Registry Key New value when...
  • Blog Post: Scanning removable drives

    In response to a recent question via this blog, I’d like to explain a setting for antimalware scanning in Forefront Client Security that you can configure via a registry key. FCS scans removable drives at certain times. When you insert a removable drive, the boot sector of that drive is scanned...