Starting with System Center 2012 Configuration Manager, Forefront Endpoint Protection (FEP) has now been integrated into Configuration Manager and is called System Center 2012 Endpoint Protection. From your feedback, we have heard that some FEP customers who are now using System Center 2012 Endpoint Protection are having problems finding the information they need to install and configure Endpoint Protection. This blog post answers the questions we’ve been hearing about the documentation. A thank you to Diana Smith (a Microsoft Senior Support Escalation Engineer), for her help in working with us to get the right information to you.
Where is the documentation for Endpoint Protection?
The main documentation for Endpoint Protection is located in the Endpoint Protection in Configuration Manager section in the Assets and Compliance in System Center 2012 Configuration Manager guide. In this section, you’ll find most of the information you’ll need to configure, use and monitor Endpoint Protection. However, because Endpoint Protection is integrated with Configuration Manager, you’ll also need to look at other sections in the Documentation Library. For instance, we collect together all the client settings for Configuration Manager features in one topic to make them easier for you to find. Many of the questions in this blog post will help you to find the information you want.
Where do I find information about the hardware and operating system requirements for the Endpoint Protection client?
The Endpoint Protection client has the same hardware and software requirements as the Configuration Manager client (with a few exceptions, such as specific Windows Embedded operating systems). You’ll find these requirements in the Computer Client Requirements section of the Supported Configurations for Configuration Manager topic in the Documentation Library.
Where do I find information about how to configure the Endpoint Protection point site system role?
Use the topic How to Configure Endpoint Protection in Configuration Manager.
Where can I find a reference of settings I can use to configure Endpoint Protection?
Like other Configuration Manager features, Endpoint Protection uses Configuration Manager client settings to specify details about how the feature works. For more information, see the Endpoint Protection section in the About Client Settings in Configuration Manager topic.
Where can I find a list of antimalware software that Endpoint Protection can uninstall?
Uninstalling existing antimalware software is a client setting option, so you’ll find the list of software and versions in the Endpoint Protection section in the About Client Settings in Configuration Manager topic.
Where can I find information about the log files used by Endpoint Protection?
You’ll find information about the Endpoint Protection log files in the Endpoint Protection section of the Technical Reference for Log Files in Configuration Manager topic.
I search for ‘SCEP’ and don’t find anything. Why?
We hear that customers are often using the search term ‘SCEP’ (System Center Endpoint Protection) to search for content. SCEP is an acronym that we do not use for this product. Try searching for ‘Configuration Manager Endpoint Protection’ instead.
What about the Endpoint Protection client. Where can I find information about that?
The Endpoint Protection client is used by a number of Microsoft products. For this reason, the documentation for the client is not contained in the Configuration Manager Documentation Library. You’ll find this content in the topic Endpoint Protection Client Help.
Where do I find the documentation for Endpoint Protection for Mac computers and Linux and UNIX servers?
The documentation for these Endpoint Protection clients is supplied with the installation media for each version. These clients do not ship with System Center 2012 Configuration Manager but are available for volume license customers to download.
If you have any questions or comments about the Endpoint Protection documentation or any of the Configuration Manager documentation, you can email us at firstname.lastname@example.org.
This posting is provided "AS IS" with no warranties and confers no rights.
About the search term SCEP and Endpoint Protection:
SCEP yields few results, FEP a bit more. Endpoint Protection gives me almost exclusively posts about Symantec products. I think the community would be better off using the SCEP term (which you do use several places on the SCCM2012 disk and docs).
Thanks for pointing this out. I've made a change to the blog post based on your feedback. Try searching for 'Configuration Manager Endpoint Protection'. That yields much more relevant results.
Thanks again for the feedback.
I have error in my system Center Server 2012 , Endpoint Protection cannot download definition and cannot update clients .
Documentation on the differences between the scanning process for a file scanned with real-time protection and the on-demand scan?
Is there a list of update servers/IPs that System Center Endpoint Protection standalone client uses for updates? We're considering it for DMZ servers that don't generally have HTTP outbound access, so we would need to add exceptions. We tried forefrontdl.microsoft.com, but that doesn't cover it. These are standalone, non-domain joined, non-System Center managed systems. Thanks!
And for Mac OSX: technet.microsoft.com/.../jj591553.aspx
"SCEP is an acronym that we do not use for this product."
As of version 220.127.116.11...
- EppSetup.log has a line that says "Internal brand name is 'SCEP 2012'"
- MSSecurityClient_Setup__epp_Upgrade.log has several lines that include "PRODUCT_SKU=SCEP 2012"