Products = Forefront/System Center Endpoint Protection Site Configuration, Sites, Software Update Point, Classifications = Definition Updates * Download definition updates in Software Updates Sources - Updates distributed from Configuration Manager (that's the only box ticked) * Create a custom anti-malware policy (Antimalware Policy 1) If I click on the at risk, PC1 shows as managed, PC2 shows as failed (see above) On SCCM console, Monitoring, Security, SCEP Protection Status, I see 2 PCs in the collection with 2 at risk When I go into Defender on PC1, it shows the settings are controlled by admin On test PC1, I manually uninstall the current AV and reboot. Use RCT to force policy checking - it doesn't uninstall our current AV. This is deployed to my test collection (Endpoint protection test PCs) Suppress any required restarts after Endpoint client install: Yesĭisable alternate sources for initial definition update: No * Created custom Client Settings (called Endpoint protection) with the following:Īutomatically remove previously installed: YesĪllow Endpoint proection clientinstall outside maintenance windows: No * Created a test collection with a couple of Windows 10 PCs (called Endpoint Protection test PCs) I've followed assorted guides to configuring our SCCM setup so that it has Endpoint configured, and the definitions set to download via Automatic Deployment Rule. Like others, I've started looking at SCEP as an alternative to our current AV.
0 Comments
Leave a Reply. |