Endpoint Protection in System Center 2012 Configuration Manager allows you to manage antimalware policies and Windows Firewall security for client computers in your Configuration Manager hierarchy.

Important
You must be licensed to use Endpoint Protection to manage clients in your Configuration Manager hierarchy.

When you use Endpoint Protection with Configuration Manager, you have the following benefits:

Endpoint Protection installs its own client in addition to the Configuration Manager client. The Endpoint Protection client has the following capabilities:

Note
The Endpoint Protection client can be installed on a server that runs Hyper-V and on guest machines with supported operating systems. To prevent excessive CPU usage, Endpoint Protection actions have a built-in randomized delay so that they do not occur simultaneously on all guest machines that are hosted by the server.

In addition, Endpoint Protection in Configuration Manager allows you to manage Windows Firewall settings in the Configuration Manager console.

For an example scenario that shows how you might configure and manage Endpoint Protection and the Windows Firewall, see Example Scenario for Protecting Computers From Malware by Configuring Endpoint Protection in Configuration Manager.

Managing Malware with Endpoint Protection

Endpoint Protection in Configuration Manager allows you to create antimalware policies that contain settings for Endpoint Protection client configurations. You can then deploy these antimalware policies to client computers and monitor them in the System Center 2012 Endpoint Protection Status node in the Monitoring workspace, or by using Configuration Manager reports. See List of Antimalware Policy Settings for a list of the settings that you can configure.

For more information about how to create, deploy, and monitor antimalware policies, see How to Create and Deploy Antimalware Policies for Endpoint Protection in Configuration Manager and How to Monitor Endpoint Protection in Configuration Manager.

For information about how to remediate malware that is found on client computers, see How to Manage Antimalware Policies and Firewall Settings for Endpoint Protection in Configuration Manager.

Managing Windows Firewall with Endpoint Protection

Endpoint Protection in Configuration Manager provides basic management of the Windows Firewall on client computers. For each network profile, you can configure the following settings:

  • Enable or disable the Windows Firewall.

  • Block incoming connections, including those in the list of allowed programs.

  • Notify the user when Windows Firewall blocks a new program.

Note
Endpoint Protection supports managing the Windows Firewall only.

For more information about how to create and deploy Windows Firewall policies for Endpoint Protection, see How to Create and Deploy Windows Firewall Policies for Endpoint Protection in Configuration Manager.

Endpoint Protection Workflow

Use the following diagram to help you understand the workflow to implement Endpoint Protection in your Configuration Manager hierarchy.



Endpoint Protection process flow

What’s New in Configuration Manager

What’s New in Configuration Manager SP1

See Also