Archive

Archive for the ‘FEP datawarehouse’ Category

How to move the FEP Databases and the CM Site Database

by Jeramy Skidmore

You can move the Configuration Manager site database and associated Forefront Endpoint Protection (FEP) databases after setup has completed to a different SQL Server computer system by:

  1. Backing up the FEP data warehouse (FEPDW_<sitecode>)
  2. Backing up the Configuration Manager Site Database (SMS_<sitecode>)
  3. Uninstalling the FEP reporting component
  4. Restoring the site database and FEP data warehouse to their new locations
  5. Relocating the site database via Configuration Manager setup
  6. And then reinstalling the FEP Reporting component

Detailed steps follow.

clip_image001Note

Configuration Manager 2007 does support moving the site database from a remote SQL Server to the local site server computer if the site server computer is running a supported version of Microsoft SQL Server. For a list of supported SQL Server versions, see Configuration Manager Supported Configurations.

clip_image001[1]Note

FEP hosts two databases, the FEP database (FEPDB_sitecode) and the FEP data warehouse (FEPDW_sitecode). The FEP database serves as a proxy database for extracting data from the Configuration Manager site database. It does not need to be backed up or moved, and will be recreated when the FEP Reporting component is reinstalled.

To move the databases

Important: You will require access to the FEP 2010 installation media in order to successfully complete these steps.

  1. Back up the site database on the current site database server and restore it on the new site database server computer using the SQL Server Management Studio. For more information, see How to Move the Site Database.
  2. Back up the FEP data warehouse (FEPDW_sitecode) on the current FEP Reporting SQL Server and restore it to the new Reporting SQL Server. (If you have a remote reporting database and are not moving the FEP reporting database, you can skip this step.)

    clip_image001[2]Note

    Ensure that the database access permissions are the same on the new databases as they are on the original databases.

  3. On the site server, in Add/Remove programs, uninstall Microsoft Forefront Endpoint Protection 2010 Reporting.
  4. Ensure the primary site server computer account has administrative privileges over the new site database server computer.
  5. Close any open Configuration Manager console connections to the site server.
  6. On the primary site server computer, use the hierarchy maintenance tool (Preinst.exe) to stop all site services by using the following command: Preinst /stopsite.
  7. On the primary site server computer, click Start, click All Programs, click Microsoft System Center, click Configuration Manager 2007, and click ConfigMgr Setup, or navigate to the .\bin\i386 directory of the Configuration Manager 2007 installation media and double-click Setup.exe.
  8. Click Next on the Configuration Manager Setup Wizard Welcome page.
  9. Click Perform site maintenance or reset this site on the Configuration Manager Setup Wizard Setup Options page.
  10. Select Modify SQL Server configuration on the Configuration Manager Setup Wizard Site Maintenance page.
  11. Enter the appropriate SQL Server name and instance (if applicable) for the new site database server as well as the site database name on the Configuration Manager Setup Wizard SQL Server Configuration page.
    Configuration Manager Setup performs the SQL Server configuration process.
  12. Restart the primary site server computer, and verify the site is functioning normally.
  13. On the site server, run serversetup.exe from the FEP installation media.
  14. On the Installation Options step, choose Advanced Topology.
  15. On the Advanced Toplogy step, ensure that FEP 2010 Reporting and Alerts is selected.
  16. On the Reporting Configuration step, provide the proper computer, instance, and database name for your SQL implementation. Ensure the Reuse existing database check box is selected.
  17. Proceed through setup. This process will recreate the FEP database alongside the relocated site database, and recreate the SQL jobs necessary to move information from the site database into the FEP databases. The FEPDB will be repopulated according to the information stored in the site database.

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection

Reporting Workbooks

February 4th, 2011 Comments off

Hello!

A while back we posted a reporting workbook for the Forefront Endpoint Protection Security Management Pack. This workbook allows you to connect to your FEP Security Management Pack database and create custom reports based on the data contained within the database.

We have a new addition to this – a workbook you can use to create custom FEP reports. This new workbook works in much the same way as the one previously released. You must first connect the workbook to your FEP database, and then you can use the worksheets to generate custom reports based on the data contained within the database.

In order to make it easier for you to find both workbooks, I’ve attached a zip file that contains both of them to this blog article (if you already downloaded the one for the FEP Security Management Pack, it has not changed). Each workbook has instructions on the first worksheet on how to connect it to your database.

Enjoy!

FEP Capacity Planning Worksheet

January 19th, 2011 Comments off

Greetings!

Attached to this blog post is the FEP Datawarehouse Space Capacity Planning worksheet. You can use this worksheet to help estimate the amount of disk space needed based on the following values:

  • Number of client computers in your FEP 2010 deployment
  • The number of days to retain data (the retention period)
  • The average number of Configuration Manager collections to which each client computer belongs
  • The average number of detections per client computer, per day

After you enter in your values in the yellow area, the calculated results appear in the next set of rows. Each row contains information about average record sizes, number of records per computer per day, total size of the record type in the database, and the percent of the total space used by the record item.

The final row in the spreadsheet, in green, gives you the total estimated size of the FEP Datawarehouse, given the values you supplied.

Enjoy!