Archive

Archive for the ‘fep operations’ Category

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection

Monitoring Forefront Endpoint Protection 2010 – FEP operational reports

November 11th, 2010 Comments off

In an earlier post we mentioned the integration of FEP with Configuration Manager and described the FEP dashboard, which is an extension to the Configuration Manager console. Another aspect of this integration is the FEP troubleshooting reports, which make usage of Configuration Manager reporting framework.

To begin with, each operation going from the server to FEP clients (or vice versa) is performed by Configuration Manager. It is only natural that troubleshooting should use the information kept in the Configuration Manager database and surface that to administrators trying to troubleshoot FEP operations.

Two main tasks performed by administrators are client roll out (deployment) and policy distribution. These two tasks use the Configuration Manager software distribution capabilities (a SW package being advertised to a collection).

FEP provides two troubleshooting scenarios, which can be found at the bottom of the FEP dashboard.

clip_image003

Figure 1 – Links to FEP troubleshooting reports

  • Deployment Overview: Identify deployment success ratio, which FEP client versions are found in the org, as well as errors reported while trying to roll out FEP to clients.
  • Policy Distribution Overview: Identify distribution success ratio, which policies are actually applied on clients, as well as errors reported while trying to apply policies.

The third link brings administrators to a single report where all of the Configuration Manager related activity is presented (including network data) for a single computer. This is useful when administrator is trying to work out a problem on a specific computer.

Deployment Overview report

After opening the deployment overview report, an administrator immediately sees the deployment status for each collection in his Configuration Manager deployment. This is extremely useful since the FEP dashboard is not filtered by collections.

Next, the administrator can select a collection and drill down to see more deployment details.

Note: Like any Configuration Manager report, an administrator may click the icon on the left (clip_image005) to drill down for more.

Tip: In order to generate a report for the entire organization, simply select the “all systems” collection

clip_image007

Figure 2 – FEP Deployment overview

After the report has been filtered by collection, the administrator is presented with breakdown of FEP versions found, as well as deployment states and failures.

Having computers grouped by their deployment state (or failure) enables an administrator to troubleshoot a single computer and apply the fix to all computers facing the same symptom.

clip_image009

Figure 3 – FEP Deployment for a specific collection

Finally, the administrator can drill down to a specific computer and see FEP related data such as deployment activities, policy distribution and network related data.

clip_image011

Figure 4 – Computer details report

Policy Distribution Overview

Since policy distribution is similar to client roll out (both use the Configuration Manager software distribution capabilities), troubleshooting follows the same concepts and uses similar reports.

clip_image013

Figure 5 – FEP Policy Distribution Overview

Ziv Rafalovich,
Senior Program Manager