ForeFront Endpoint Protection Overview
Transcript of ForeFront Endpoint Protection Overview
ConfigMgr Reporting
ConfigMgr Console
ConfigMgr Agent
FEP Reports
Forefront Endpoint Protection
2010 WMI
ConfigMgr DB
FEP Warehouse
ConfigMgr Server
DCM
ConfigMgr 2007 SP2/R2 or Later Forefront Endpoint Protection 2010
FEP UI
Managed Computer
Registry
Event log ConfigMgr Software Distribution
FEP Extensions
!
Secondary Site Secondary Site Secondary Site
CENTRAL SITE
Primary Site Primary Site Primary Site
FEP Console Extensions
FEP Server Extensions FEP Reports
FEP Console Extensions
FEP Server Extensions FEP Reports
FEP Console Extensions
FEP Server Extensions FEP Reports
Hierarchical Deployment for Distributed Management
FEP REPORTS
Decentralized Management and Reporting ! Enables distributed management
of endpoint security ! Minimum impact on the Config
Manager sites performance
Decentralized Policy Management with Centralized Reporting ! Consolidated reporting on the central
site for enterprise wide visibility
Policy configuration
!
! Third-party detection
Silent removal of third-party products
FEP client installation
Signature update
Flexible deployment and migration ! Deploy across Windows client and Windows Server ! Support for FEP pre-installation on golden image ! Support for standalone unmanaged deployment
without Configuration Manager Easy migration from existing solutions and automatic removal of existing clients ! Symantec ! McAfee ! TrendMicro ! Forefront Client Security
Forefront Endpoint Protection Windows 7
Data Execution Prevention
Address Space Layout Randomization
Windows Resource Protection
Set levels for critical security alerts, including:
! ! ! !
Receive notifications of malware activity
FEP
PRIMARY SITES
Central Administration Site
Built-in migration from FEP 2010: !
!
Simplified installation using existing infrastructure !
!
!
! FEP Objects replicated to sites
FEP Reporting
Client data up
Replacement of 3rd party during install !
!
• Create new policies • Modify default policies • Modify custom policies • Modify Precedence
• Assign policy to collection
• Operate policy roll out
!
! !
! New York Beijing Istanbul London Paris
Microsoft Update
Software Update Point Site Server
DP DP DP DP DP