• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 573
  • Last Modified:

ForeFront Frustrations

I am taking a serious look at MS ForeFront EPP as a possible replacement for our current antimalware solution. I'm doing this primarily because we have an EA with MS and that happens to be included in our CORE EA.  

After trudging through the mess that is the setup of SCCM and FF, if it wasn't for the fact that it's "Free" for me, I would have abandoned this a couple of days ago as too convoluted to install or fool with.

However, on to my issues.  I have SCCM 2007 installed and pointed to a SQL server. I have FEP installed as well. I have created a test collection in SCCM and have assigned one PC to it. I have created and configured a policy. I have assigned that policy to that collection that has just the one PC as a member.

So far, I don't see any evidence either on the PC or in FEP that the policy has been distributed to the PC.

So I have two questions.  First, any idea what I may have missed?  Second, is there an overarching document that outlines all of the things that have to be configured in SCCM in order for FEP to work?  Both of these apps are new to me and so I am slogging my way through them.
0
jhyiesla
Asked:
jhyiesla
  • 7
  • 5
  • 2
3 Solutions
 
jhyieslaAuthor Commented:
As a piece of additional info, I found a technet video on deploying the FEP package.  Ahha I thought that's what I am missing. I walked through the video with my setup and followed step by step. But when I was done there again was no indication that the package was being deployed to my PC.
0
 
raeldriCommented:
Does the targeted pc have the SCCM client installed? what are the SCCM logs showing? execmgr.log  should show the different packages being run on the clients
0
 
jhyieslaAuthor Commented:
No, the PC does not have the SCCM agent installed.  I didn't even know that FEP required SCCM until I went to install it and we did not have SCCM installed anywhere on our network.  I should have guessed that MS wouldn't just create a standalone program, they'd bolt FEP onto something else, incorrectly assuming that it would already be installed in an environment.

Both of these products are totally new for us and I can't seem to find a single document that would walk me through the FEP process from beginning to end; assuming SCCM and FEP already installed.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
raeldriCommented:
FEP can function without SCCM you just lose all the central reporting which makes it so useful and powerful.

take a look at the stickied posts over at http://www.windows-noob.com/forums/index.php?/forum/54-configuration-manager-2007/

There is a lot to configure inside of SCCM to get a functional environment ensure SCCM is functioning before pushing forward with the FEP part of it. The time spent in configuring SCCM for your environment will provide many benefits with many useful reports or software deployment or even OSD
0
 
Keith AlabasterEnterprise ArchitectCommented:
Just for your reference, as of this year, FEP transitions into part of the System Centre 2012 suite.

http://www.microsoft.com/en-us/server-cloud/system-center/endpoint-protection-2012.aspx
0
 
jhyieslaAuthor Commented:
raeldri, I don't see how FEP can function without SCCM, since SCCM is a requirement for the product and in fact it's a bolt on to SCCM.  If you can show me where the documentation is for that, I'd appreciate it.  However as Keith_ points out, it looks like FEP is just going to be fully integrated into the 2012 product. Since I am in no huge rush for this, I amy just opt to wait and load up the new product.

Anyone have any idea of release date on that?  Seems that it's still in a RC status.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Still not been published although the public release was actually a few days ago - 1st April.
http://rcpmag.com/articles/2012/04/02/system-center-2012-released-to-volume-licensees.aspx
0
 
jhyieslaAuthor Commented:
yeah, we're an EA customer and I just checked our volume licensing site and it's there.  I think I'l going to abandon the 2007 I've set up and just install the new Datacenter version and go from there.

Thanx...
0
 
Keith AlabasterEnterprise ArchitectCommented:
No problem. EA customer as well - downloading as i type :)
0
 
jhyieslaAuthor Commented:
Looks like I don't need everything, but I'm downloading it all anyway.
0
 
jhyieslaAuthor Commented:
Thanx for all the help.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Welcome :)
0
 
jhyieslaAuthor Commented:
A personal opinion.. :)

I don't think the new one is any less frustrating. Downloaded it, but installing is a nightmare. It doesn't like the version of SQL2008 that we're running, even though the SCCM 2007 was fine with it and when I installed SQL 2008 Express on the SCCM server, it didn't like  the service login account, even though the service account was the default one that the installer choose AND was one of the ones that the error message said was OK.

If some other third party anti-malware product was this arcane, inane, and difficult to install, they would be out of business.
0
 
Keith AlabasterEnterprise ArchitectCommented:
<smiles> Have you ever taken a look at Service Manager - that is bizarre as well :)
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 7
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now