SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS

Howard A. Carter III

Senior Consultant

Microsoft Consulting Services

September 21, 2013TechGate 2013 – Reston, VA

AGENDA

• Business Needs and IT Challenges

• Microsoft Solution

• System Center 2012 Endpoint Protection• Unified Infrastructure• Simplified Administration

• Summary

• Resources

BUSINESS NEEDS AND IT CHALLENGES

Business NeedsAgility and Flexibility

IT NeedsLower operational costs

How can IT maintain user productivity and protect against evolving threats

How can IT reduce complexity and scale back infrastructure requirements

MICROSOFT SOLUTIONONE INFRASTRUCTURE FOR DESKTOP

MANAGEMENT AND PROTECTION

Centralized management and protection

Improved visibility and response to threats

Reduced cost and complexity

Unified Infrastructure

Reduce the cost of maintaining secure

endpoints with unified management

and security infrastructure

SYSTEM CENTER 2012 ENDPOINT PROTECTION

Unified server setup

Easy client install and migration

Automated deployment of updates using ConfigMgr infrastructure

UNIFIED SERVER SETUP

Integrated setup with Configuration Manager• Simply enable new site

role for Endpoint Protection

Consolidated infrastructure • No separate database

installation requirements

Single Infrastructure

ENDPOINT PROTECTION

ROLE

CONFIGMGR CENTRAL

ADMINISTRATION SITE

CONFIGMGR& EP

REPORTING

Signature update

Policy configuration

EP client installatio

n

Silent removal

of third-party products

EP enabled in the console-

EP installation starts on the

device

EP agent installer deployed with

ConfigMgr Client

SIMPLIFIED CLIENT SETUPEase of client setup and deployment• No separate deployment needed for endpoint protection client• Endpoint Protection agent installer deployed with Configuration Manager client setup

Flexible administrative control• Administrator can force or suppress any required reboots• Configurable option for automatic removal of existing AV client

Easy migration from existing solutions and automatic removal of existing clients• Symantec• McAfee• TrendMicro• Forefront Client Security or Forefront Endpoint Protection

Client Installation Flow

SIGNATURE UPDATE DISTRIBUTION

Ensures always up-to-date security regardless of the client location• Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share)

Easier distribution process• Automatic deployment rules within ConfigMgr console

Minimizes WAN impact • Uses distribution points and reduced definition size

MICROSOFT UPDATE

ON THE ROADFallback to

online update

Corporate Network

Updates distributed through ConfigMgr, WSUS or Windows File Share

DELTA UPDATE SIZE: 50-2048 KBUPDATE FREQUENCY: 3 TIMES/DAY

DEMO

Add the Endpoint Protection Role

Configure Antimalware polices

Update Client Settings

SYSTEM CENTER 2012 ENDPOINT PROTECTION

Single interface for client management and security

Simple policy administration with best practice templates

Improved alerting and reporting, with real-time and user-centric data views

Simplified Administration

Single administrator experience for simplified endpoint protection and

management

SINGLE INTERFACE FOR CLIENT MANAGEMENT AND SECURITY

Single interface for client management and security• Dashboard integrated with

ConfigMgr console

Quick identification and remediation of client security issues• Dashboard focused on actionable

events

Flexibility to separate security admin role• Role-based administration• Access to only relevant security

information

SIMPLE POLICY ADMINISTRATION WITH TEMPLATES

Simplified management for antimalware policies• Templates for different

security needs• Options to configure

settings granularly

Centralized management for Windows firewall• Profile-based firewall

policy from the same dashboard

MONITORING CLIENT SECURITY

Quick alerts and event notification in the console

• Uses high speed data channel to notify events in real time

• Integrated monitoring for client health and antimalware status

• Email subscription for alerts

RICH REPORTING AND ANALYSIS

Rich reporting on client security

• SQL Reporting Services-based reports on many categories

• User-centric reports enable identification of commonly impacted users

• Customizable reports

DEMO

Client Side Console Actions

Monitoring & Reporting

System Center 2012 Configuration Managerhttp://technet.microsoft.com/enus/evalcenter/hh667640.aspx?wt.mc_id=TEC_105_1_33

Windows Intunehttp://www.microsoft.com/en-us/windows/windowsintune/try-and-buy

Forefront / EndPoint Team Bloghttp://blogs.technet.com/b/clientsecurity/

FOR MORE INFORMATION

QUESTIONS

Thank You

An email will be sent to all attendees on Monday, September 23 announcing location of slides received from presenters.

techgate@hotmail.com