ForeFront Frustrations

I am taking a serious look at MS ForeFront EPP as a possible replacement for our current antimalware solution. I'm doing this primarily because we have an EA with MS and that happens to be included in our CORE EA.  

After trudging through the mess that is the setup of SCCM and FF, if it wasn't for the fact that it's "Free" for me, I would have abandoned this a couple of days ago as too convoluted to install or fool with.

However, on to my issues.  I have SCCM 2007 installed and pointed to a SQL server. I have FEP installed as well. I have created a test collection in SCCM and have assigned one PC to it. I have created and configured a policy. I have assigned that policy to that collection that has just the one PC as a member.

So far, I don't see any evidence either on the PC or in FEP that the policy has been distributed to the PC.

So I have two questions.  First, any idea what I may have missed?  Second, is there an overarching document that outlines all of the things that have to be configured in SCCM in order for FEP to work?  Both of these apps are new to me and so I am slogging my way through them.
LVL 28
jhyieslaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jhyieslaAuthor Commented:
As a piece of additional info, I found a technet video on deploying the FEP package.  Ahha I thought that's what I am missing. I walked through the video with my setup and followed step by step. But when I was done there again was no indication that the package was being deployed to my PC.
0
raeldriCommented:
Does the targeted pc have the SCCM client installed? what are the SCCM logs showing? execmgr.log  should show the different packages being run on the clients
0
jhyieslaAuthor Commented:
No, the PC does not have the SCCM agent installed.  I didn't even know that FEP required SCCM until I went to install it and we did not have SCCM installed anywhere on our network.  I should have guessed that MS wouldn't just create a standalone program, they'd bolt FEP onto something else, incorrectly assuming that it would already be installed in an environment.

Both of these products are totally new for us and I can't seem to find a single document that would walk me through the FEP process from beginning to end; assuming SCCM and FEP already installed.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

raeldriCommented:
FEP can function without SCCM you just lose all the central reporting which makes it so useful and powerful.

take a look at the stickied posts over at http://www.windows-noob.com/forums/index.php?/forum/54-configuration-manager-2007/

There is a lot to configure inside of SCCM to get a functional environment ensure SCCM is functioning before pushing forward with the FEP part of it. The time spent in configuring SCCM for your environment will provide many benefits with many useful reports or software deployment or even OSD
0
Keith AlabasterEnterprise ArchitectCommented:
Just for your reference, as of this year, FEP transitions into part of the System Centre 2012 suite.

http://www.microsoft.com/en-us/server-cloud/system-center/endpoint-protection-2012.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jhyieslaAuthor Commented:
raeldri, I don't see how FEP can function without SCCM, since SCCM is a requirement for the product and in fact it's a bolt on to SCCM.  If you can show me where the documentation is for that, I'd appreciate it.  However as Keith_ points out, it looks like FEP is just going to be fully integrated into the 2012 product. Since I am in no huge rush for this, I amy just opt to wait and load up the new product.

Anyone have any idea of release date on that?  Seems that it's still in a RC status.
0
Keith AlabasterEnterprise ArchitectCommented:
Still not been published although the public release was actually a few days ago - 1st April.
http://rcpmag.com/articles/2012/04/02/system-center-2012-released-to-volume-licensees.aspx
0
jhyieslaAuthor Commented:
yeah, we're an EA customer and I just checked our volume licensing site and it's there.  I think I'l going to abandon the 2007 I've set up and just install the new Datacenter version and go from there.

Thanx...
0
Keith AlabasterEnterprise ArchitectCommented:
No problem. EA customer as well - downloading as i type :)
0
jhyieslaAuthor Commented:
Looks like I don't need everything, but I'm downloading it all anyway.
0
jhyieslaAuthor Commented:
Thanx for all the help.
0
Keith AlabasterEnterprise ArchitectCommented:
Welcome :)
0
jhyieslaAuthor Commented:
A personal opinion.. :)

I don't think the new one is any less frustrating. Downloaded it, but installing is a nightmare. It doesn't like the version of SQL2008 that we're running, even though the SCCM 2007 was fine with it and when I installed SQL 2008 Express on the SCCM server, it didn't like  the service login account, even though the service account was the default one that the installer choose AND was one of the ones that the error message said was OK.

If some other third party anti-malware product was this arcane, inane, and difficult to install, they would be out of business.
0
Keith AlabasterEnterprise ArchitectCommented:
<smiles> Have you ever taken a look at Service Manager - that is bizarre as well :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server Apps

From novice to tech pro — start learning today.