microsoft virtual academy sp1. real time endpoint protection operations from console simplified...
TRANSCRIPT
Endpoint Protection in System Center 2012 SP1 Jason GithensSenior Program Manager LeadMicrosoft Corporation
Microsoft Virtual Academy SP1
System Center 2012 Endpoint Protection Service Pack 1Real time Endpoint Protection operations from console
Simplified Administration
Single administrator experience for simplified endpoint protection and
management
Simplified, 3X delivery of definitions through software updates
Malware-driven operations from the console
Client-side merge of antimalware policies
Integrated optimizations for Windows Embedded clients
New and improved Endpoint Protection client
Real-time Operations• EP operations to
clients in <1 minute• Monitor one-time
operations• Available EP
operations:• Run Definition Updates• Run Quick Scan• Run Full Scan• Allow threats• Exclude paths and/or files• Restore files quarantined by threat
Real-time Administrative Actions
Administrator
“Dial tone”• Active TCP Session
with the MP• Client Checking for
urgent tasks
1
2
In administrative console selects “Run Full Scan” on a collection
“Call is placed”• Client via this TCP
connection is told there are urgent tasks to run
• Client then connects to the MP to get policy
• Client runs the Full Scan Task
4
Client
Task = “Run Full Scan”
• A task is created• MP is told that new
urgent task has been requested
3
Site Server and MP
Malware Driven OperationsAdmin can easily view and take follow up actions on
specific malware by type, and remediation status
Demo
Real time Administrative Actions
Client-side merge• Create granular policies for specific
scenarios and have those merged on the clients
• Removes overhead of redundant policies• Policies still honors relative priority, and
merge when possible (exclusions, for example)
Improved software update integration• Architectural changes to support 3X a day• Category-based scans from clients• Delta synchs between SUP and WSUS
• Architectural changes to simplify SUP setup• Simplify SUP setup (add multiple SUPs as needed, no NLB or active
SUP requirements)• Source top-level SUP from internal WSUS server (removes WU/MU-
based catalog dependency)
Windows Embedded Optimizations• Endpoint Protection client installation can
honor maintenance windows• Endpoint Protection client installation can
install in the overlay, or disable write filters and commit the changes
• Definition update deployments through SUM can commit changes or write in overlay
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.