system center: endpoint protection fundamentals howard a. carter iii senior consultant microsoft...
TRANSCRIPT
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS
Howard A. Carter III
Senior Consultant
Microsoft Consulting Services
September 21, 2013TechGate 2013 – Reston, VA
AGENDA
• Business Needs and IT Challenges
• Microsoft Solution
• System Center 2012 Endpoint Protection• Unified Infrastructure• Simplified Administration
• Summary
• Resources
BUSINESS NEEDS AND IT CHALLENGES
Business NeedsAgility and Flexibility
IT NeedsLower operational costs
How can IT maintain user productivity and protect against evolving threats
How can IT reduce complexity and scale back infrastructure requirements
MICROSOFT SOLUTIONONE INFRASTRUCTURE FOR DESKTOP
MANAGEMENT AND PROTECTION
Centralized management and protection
Improved visibility and response to threats
Reduced cost and complexity
Unified Infrastructure
Reduce the cost of maintaining secure
endpoints with unified management
and security infrastructure
SYSTEM CENTER 2012 ENDPOINT PROTECTION
Unified server setup
Easy client install and migration
Automated deployment of updates using ConfigMgr infrastructure
UNIFIED SERVER SETUP
Integrated setup with Configuration Manager• Simply enable new site
role for Endpoint Protection
Consolidated infrastructure • No separate database
installation requirements
Single Infrastructure
ENDPOINT PROTECTION
ROLE
CONFIGMGR CENTRAL
ADMINISTRATION SITE
CONFIGMGR& EP
REPORTING
Signature update
Policy configuration
EP client installatio
n
Silent removal
of third-party products
EP enabled in the console-
EP installation starts on the
device
EP agent installer deployed with
ConfigMgr Client
SIMPLIFIED CLIENT SETUPEase of client setup and deployment• No separate deployment needed for endpoint protection client• Endpoint Protection agent installer deployed with Configuration Manager client setup
Flexible administrative control• Administrator can force or suppress any required reboots• Configurable option for automatic removal of existing AV client
Easy migration from existing solutions and automatic removal of existing clients• Symantec• McAfee• TrendMicro• Forefront Client Security or Forefront Endpoint Protection
Client Installation Flow
SIGNATURE UPDATE DISTRIBUTION
Ensures always up-to-date security regardless of the client location• Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share)
Easier distribution process• Automatic deployment rules within ConfigMgr console
Minimizes WAN impact • Uses distribution points and reduced definition size
MICROSOFT UPDATE
ON THE ROADFallback to
online update
Corporate Network
Updates distributed through ConfigMgr, WSUS or Windows File Share
DELTA UPDATE SIZE: 50-2048 KBUPDATE FREQUENCY: 3 TIMES/DAY
DEMO
Add the Endpoint Protection Role
Configure Antimalware polices
Update Client Settings
SYSTEM CENTER 2012 ENDPOINT PROTECTION
Single interface for client management and security
Simple policy administration with best practice templates
Improved alerting and reporting, with real-time and user-centric data views
Simplified Administration
Single administrator experience for simplified endpoint protection and
management
SINGLE INTERFACE FOR CLIENT MANAGEMENT AND SECURITY
Single interface for client management and security• Dashboard integrated with
ConfigMgr console
Quick identification and remediation of client security issues• Dashboard focused on actionable
events
Flexibility to separate security admin role• Role-based administration• Access to only relevant security
information
SIMPLE POLICY ADMINISTRATION WITH TEMPLATES
Simplified management for antimalware policies• Templates for different
security needs• Options to configure
settings granularly
Centralized management for Windows firewall• Profile-based firewall
policy from the same dashboard
MONITORING CLIENT SECURITY
Quick alerts and event notification in the console
• Uses high speed data channel to notify events in real time
• Integrated monitoring for client health and antimalware status
• Email subscription for alerts
RICH REPORTING AND ANALYSIS
Rich reporting on client security
• SQL Reporting Services-based reports on many categories
• User-centric reports enable identification of commonly impacted users
• Customizable reports
DEMO
Client Side Console Actions
Monitoring & Reporting
System Center 2012 Configuration Managerhttp://technet.microsoft.com/enus/evalcenter/hh667640.aspx?wt.mc_id=TEC_105_1_33
Windows Intunehttp://www.microsoft.com/en-us/windows/windowsintune/try-and-buy
Forefront / EndPoint Team Bloghttp://blogs.technet.com/b/clientsecurity/
FOR MORE INFORMATION
QUESTIONS
Thank You
An email will be sent to all attendees on Monday, September 23 announcing location of slides received from presenters.