Archive

Archive for the ‘definition’ Category

Definition updates: scan on update and update on startup

Hi folks,

There have been some questions about these two areas of definition updates, so I wanted to clarify this a bit.

Whenever FEP does a definition update, a silent rescan of all running processes and loaded modules is performed. If there is malware running that is now detected by the new definitions, that malware is detected within a few seconds of performing the update. There is no action needed on your part after new definitions are downloaded – this silent rescan happens automatically.

Additionally, the FEP client can be configured to check for definition updates automatically on service start. The behavior is the same as described in Checking for definition updates when starting (yes, that particular blog article deals with FCS, but the FEP behavior is the same). The registry key already exists in the FEP ADMX, which you can download as part of the FEP2010grouppolicytools-<locale>.exe here. For full documentation about all the values in the ADMX, see the FEP ADMX Reference.

Thanks!

Categories: ADMX, definition, FEP, Registry Settings, update Tags:

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection

Forefront Endpoint Protection 2010 Update Rollup 1

 By Adwait Joshi

Hello,

An Update Rollup for Forefront Endpoint Protection 2010 is now available here: http://go.microsoft.com/fwlink/?LinkId=223229 .

 In addition to hotfixes, this Update also includes some important changes to note:

  1. Support for Windows Embedded 7 platforms:  With this update, the FEP client software is supported on certain Windows Embedded 7 platforms (including Windows Thin PC) and Windows Server 2008 Server Core.  For more information about the additional support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client Computer.
  2. Signature Update Automation Tool used with Configuration Manager Software Update:  This tool automates downloading FEP definition updates using Configuration Manager 2007 Software Updates.  This is a command line tool that uses Configuration Manager APIs to get new definitions from Microsoft Update via the Configuration Manager software update feature, distribute the content to distribution points, and deploy the updates to Endpoint Protection clients on a recurring schedule.  The automation of the tool is done through the Windows task scheduler. To download the tool, see http://go.microsoft.com/fwlink/?LinkID=221205
  3. Two new preconfigured policy templates for the following server workloads:
    1. Microsoft Forefront Threat Management Gateway
    2. Microsoft Lync 2010

You can find more details in the “What’s New” document on the  Technet site.  Please check out this KB article for a full list of fixes included in this Update Rollup.

Thanks,

Adwait Joshi

Sr. Technical Product Manager

Forefront Endpoint Protection