Editing a Policy

Applies To: Forefront Endpoint Protection

Forefront Endpoint Protection policies contain settings that control the configuration options of the Forefront Endpoint Protection client software. You can customize the settings of the Forefront Endpoint Protection policy to meet your requirements.

To edit an existing policy

  1. In the Configuration Manager console, expand System Center Configuration Manager, expand Site Database, expand Computer Management, expand Forefront Endpoint Protection, and then click Policies.

  2. Double-click the policy that you want to edit.

  3. In the Properties dialog box, change the options as appropriate for your organization, and then click OK.

The following table summarizes the settings available on each page of the policy properties.

Property page Setting


  • Policy name

  • Description

  • Assigned collections (read-only)

  • Properties (read-only)


  • Scheduled scan

  • Default actions

  • Real-time protection

  • Excluded files and locations

  • Excluded file types

  • Excluded processes

  • Advanced

  • Overrides

  • Microsoft SpyNet


  • Definition update interval

  • Definition update location

  • Definition update order

Windows Firewall

  • Manage Windows Firewall

  • Firewall profile configuration


It is recommended that you clear the Enable protection against network-based exploits check box for policies assigned to servers. This option is on the Antimalware tab under Real-time protection.


The following items can be added to the list of Excluded files and locations, however the Forefront Endpoint Protection client software will ignore these entries:

  • \\

  • \

  • *

  • *.*

  • ?:

  • *\

  • \\\\

  • \\?\