Solved

How can I install the System Center Endpoint Protection client manually on master image?

Posted on 2014-02-11
3
832 Views
Last Modified: 2014-05-28
Hello,

I want to install EndPoint Protection 2012 on our master image for imaging purposes. Now, here is a tricky scenario. We will use one master image for domain and non-domain computers. I want to install EndPoint protection client on the master image in a way that if I deploy it on non-domain computers, it should look for internet in regards to updates, but if I deploy it on a domain machine, it should look for our SCCM 2012 SP1 server.

Is this possible?
0
Comment
Question by:TAMUQITS
  • 2
3 Comments
 
LVL 3

Accepted Solution

by:
Helao Mwapangasha earned 500 total points
ID: 39852511
Hi TAMUQITS

It is possible, you can download the ISO for FEP from MS volume licensing center, install it as a stand alone. This will mean that if a box is not on  the domain and it get the base image deployed to it, it can source updates for FEP from MS update. If a box get the gold image deployed to it and it is on the domain, Group policy and SCCM client settings should take over the behavior of FEP.

I would deploy two boxes and test, one on the domain and the other as standalone using the same Gold image.

http://www.css-security.com/blog/how-to-perform-a-manual-fep-client-installation/
http://blogs.msdn.com/b/minfangl/archive/2011/11/15/manage-fep-agents-with-or-without-sccm.aspx
0
 

Author Comment

by:TAMUQITS
ID: 39852609
Hi  Helao,

Thank you for your reply. In fact, I want to clarify a couple of things. First, we got SCCM 2012 SP1 with EndPoint Protection license; so, FEP is no more. Now it is called System Center EndPoint Protection (SCEP) which is integrated in SCCM 2012 itself.

I have already seen the first link that you shared. But my question is if I deployed the same master image (where SCEP client is installed manually) to domain computer, will it start pulling policy from our SCCM 2012 server.
0
 
LVL 3

Expert Comment

by:Helao Mwapangasha
ID: 39852640
Hi TAMUQITS

Thanks for the clarification. In my experience it should be able to, because as long as it is in a OU that is part of SCCM discovery and you have set the option to auto deploy the SCCM agent to new discovered computers, the SCCM policies should apply to SCEP
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question