Solved

How can I install the System Center Endpoint Protection client manually on master image?

Posted on 2014-02-11
3
796 Views
Last Modified: 2014-05-28
Hello,

I want to install EndPoint Protection 2012 on our master image for imaging purposes. Now, here is a tricky scenario. We will use one master image for domain and non-domain computers. I want to install EndPoint protection client on the master image in a way that if I deploy it on non-domain computers, it should look for internet in regards to updates, but if I deploy it on a domain machine, it should look for our SCCM 2012 SP1 server.

Is this possible?
0
Comment
Question by:TAMUQITS
  • 2
3 Comments
 
LVL 3

Accepted Solution

by:
Helao Mwapangasha earned 500 total points
Comment Utility
Hi TAMUQITS

It is possible, you can download the ISO for FEP from MS volume licensing center, install it as a stand alone. This will mean that if a box is not on  the domain and it get the base image deployed to it, it can source updates for FEP from MS update. If a box get the gold image deployed to it and it is on the domain, Group policy and SCCM client settings should take over the behavior of FEP.

I would deploy two boxes and test, one on the domain and the other as standalone using the same Gold image.

http://www.css-security.com/blog/how-to-perform-a-manual-fep-client-installation/
http://blogs.msdn.com/b/minfangl/archive/2011/11/15/manage-fep-agents-with-or-without-sccm.aspx
0
 

Author Comment

by:TAMUQITS
Comment Utility
Hi  Helao,

Thank you for your reply. In fact, I want to clarify a couple of things. First, we got SCCM 2012 SP1 with EndPoint Protection license; so, FEP is no more. Now it is called System Center EndPoint Protection (SCEP) which is integrated in SCCM 2012 itself.

I have already seen the first link that you shared. But my question is if I deployed the same master image (where SCEP client is installed manually) to domain computer, will it start pulling policy from our SCCM 2012 server.
0
 
LVL 3

Expert Comment

by:Helao Mwapangasha
Comment Utility
Hi TAMUQITS

Thanks for the clarification. In my experience it should be able to, because as long as it is in a OU that is part of SCCM discovery and you have set the option to auto deploy the SCCM agent to new discovered computers, the SCCM policies should apply to SCEP
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Many companies are making the switch from Microsoft to Google Apps (https://www.google.com/work/apps/business/). Use this article to learn more about what Google Apps has to offer and to help if you’re planning on migrating to Google Apps. It is …
User Beware!  This is a rather permanent solution to removing your email from an exchange server.  The only way to truly go back is to have your exchange administrator restore your mailbox from backups.  This is usually the option of last resort.  A…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now