Using Device Manager 2011 with Forefront Endpoint Protection 2010

  • Article

11/9/2011

After you install Device Manager 2011, you can use Device Manager 2011 to install the Endpoint Protection client software and run Endpoint Protection tasks on your devices.

If you want to install the Endpoint Protection client software without using Device Manager 2011, see Deploying Manually on TechNet.

To install Endpoint Protection client software

  1. In Configuration Manager console, expand Computer Management, expand Software Distribution, expand Packages, and then expand Microsoft Corporation FEP – Deployment 1.0.

  2. Under Programs, right-click Install, select Properties, and then select the Environment tab.

  3. Under Run mode, select Run with administrative rights, and then clear the Allow users to interact with this program check box. Click Apply, and then click OK.

  4. Under Programs, right-click Uninstall, select Properties, and then select the Environment tab.

  5. Under Run mode, select Run with administrative rights, and then clear the Allow users to interact with this program check box. Click Apply, and then click OK.

  6. Create an advertisement with write filter handling that installs the Endpoint Protection client software by following the steps in Adding Write Filter Support to Advertisements on TechNet:

    • Before you exit the New Advertisement Wizard, on the Schedule page, set the advertisement as a Mandatory Assignment.
    • Under Program rerun behavior, select Always rerun program.

To run Endpoint Protection tasks

  1. In Configuration Manager console, expand Computer Management, expand Software Distribution, expand Packages, and then expand Microsoft Corporation FEP – Operations 1.0.

  2. Under Programs, right-click Full Scan, select Properties, and then select the Environment tab.

  3. Under Run mode, select Run with administrative rights, and then clear the Allow users to interact with this program check box. Click Apply, and then click OK.

  4. Repeat steps 2 and 3 for Quick Scan and Update Definitions.

  5. Create an advertisement with write filter handling that runs the Endpoint Protection tasks Full Scan, Quick Scan, and Update Definitions by following the steps in Adding Write Filter Support to Advertisements on TechNet:

    • Before you exit the New Advertisement Wizard, on the Schedule page, set the advertisement as a Mandatory Assignment.
    • Under Program rerun behavior, select Always rerun program.

    Note

    Before you run the Update Definitions task on your devices, read and follow the instructions found in Configuring Definition Updates in the Endpoint Protection documentation on TechNet.

See Also

Concepts

Using Device Manager 2011 and Forefront Endpoint Protection 2010 to Help Protect Your Devices