Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Forefront Client Security on non-ad machines.

Posted on 2010-11-30
4
Medium Priority
?
341 Views
Last Modified: 2012-05-10
We're looking to replace our McAfee EPO with MS Forefront Client Security.   I'm hoping to retain the functionality of our EPO with it's various reports and management of clients.  It looks like the FCS Console does all the same stuff, but  I can't figure out how to get the non-ad joined machines to report to our Forefront Console and get its updates from our WSUS server.  

I guess I expected it to be as easy as install the client with the /nomom option and edit appropriate registry keys to 'point' at our console server.

and ideas?
0
Comment
Question by:MU-IT
  • 2
  • 2
4 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 34241350
Modify the script found here

http://msmvps.com/blogs/athif/pages/Manually-Configure-WUA.aspx


============ START Script Code===========
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://YOUR-WSUS-SERVER"
"WUStatusServer"="http://YOUR-WSUS-SERVER"
"TargetGroupEnabled"=dword:00000001
"TargetGroup"="IT Department"
"ElevateNonAdmins"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000a
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000001
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:0000003c
"RescheduleWaitTimeEnabled"=dword:00000001
"RescheduleWaitTime"=dword:0000000f
"DetectionFrequencyEnabled"=dword:00000001
"RebootWarningTimeoutEnabled"=dword:00000001
"RebootWarningTimeout"=dword:0000001e
"UseWUServer"=dword:00000001
"NoAUShutdownOption"=dword:00000000
"NoAUAsDefaultShutdownOption"=dword:00000000
============ END Script Code===========

0
 

Author Comment

by:MU-IT
ID: 34241450
Ok, We use similar to point our non-ad machines to WSUS, and it works well... but how does that script do anything for the Forefront Client Security Console?
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 1500 total points
ID: 34241513
Not entirely sure about the console, but they would at minimum get their definition updates from the WSUS server
0
 

Author Closing Comment

by:MU-IT
ID: 34701906
not 100% what I wanted, but as good as it gets in non-ad environments, I guess.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question