Solved

How can I install the System Center Endpoint Protection client manually on master image?

Posted on 2014-02-11
3
846 Views
Last Modified: 2014-05-28
Hello,

I want to install EndPoint Protection 2012 on our master image for imaging purposes. Now, here is a tricky scenario. We will use one master image for domain and non-domain computers. I want to install EndPoint protection client on the master image in a way that if I deploy it on non-domain computers, it should look for internet in regards to updates, but if I deploy it on a domain machine, it should look for our SCCM 2012 SP1 server.

Is this possible?
0
Comment
Question by:TAMUQITS
  • 2
3 Comments
 
LVL 3

Accepted Solution

by:
Helao Mwapangasha earned 500 total points
ID: 39852511
Hi TAMUQITS

It is possible, you can download the ISO for FEP from MS volume licensing center, install it as a stand alone. This will mean that if a box is not on  the domain and it get the base image deployed to it, it can source updates for FEP from MS update. If a box get the gold image deployed to it and it is on the domain, Group policy and SCCM client settings should take over the behavior of FEP.

I would deploy two boxes and test, one on the domain and the other as standalone using the same Gold image.

http://www.css-security.com/blog/how-to-perform-a-manual-fep-client-installation/
http://blogs.msdn.com/b/minfangl/archive/2011/11/15/manage-fep-agents-with-or-without-sccm.aspx
0
 

Author Comment

by:TAMUQITS
ID: 39852609
Hi  Helao,

Thank you for your reply. In fact, I want to clarify a couple of things. First, we got SCCM 2012 SP1 with EndPoint Protection license; so, FEP is no more. Now it is called System Center EndPoint Protection (SCEP) which is integrated in SCCM 2012 itself.

I have already seen the first link that you shared. But my question is if I deployed the same master image (where SCEP client is installed manually) to domain computer, will it start pulling policy from our SCCM 2012 server.
0
 
LVL 3

Expert Comment

by:Helao Mwapangasha
ID: 39852640
Hi TAMUQITS

Thanks for the clarification. In my experience it should be able to, because as long as it is in a OU that is part of SCCM discovery and you have set the option to auto deploy the SCCM agent to new discovered computers, the SCCM policies should apply to SCEP
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Microsoft OS looks great, is easier than ever to upgrade to, it is even free.  So what's the catch?  If you don't change the privacy settings, Microsoft will, in accordance with the (EULA) you clicked okay to without reading, collect all the…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question