SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services TechGate 2013 – Reston, VA September 21, 2013 AGENDA • Business Needs and IT Challenges • Microsoft Solution • System Center 2012 Endpoint Protection • Unified Infrastructure • Simplified Administration • Summary • Resources BUSINESS NEEDS AND IT CHALLENGES Business Needs Agility and Flexibility IT Needs Lower operational costs How can IT maintain user productivity and protect against evolving threats How can IT reduce complexity and scale back infrastructure requirements MICROSOFT SOLUTION ONE INFRASTRUCTURE FOR DESKTOP MANAGEMENT AND PROTECTION SYSTEM CENTER 2012 ENDPOINT PROTECTION Unified Infrastructure Unified server setup Easy client install and migration Reduce the cost of maintaining secure endpoints with unified management and security infrastructure Automated deployment of updates using ConfigMgr infrastructure UNIFIED SERVER SETUP Integrated setup with Configuration Manager • Simply enable new site role for Endpoint Protection Consolidated infrastructure • No separate database installation requirements Single Infrastructure ENDPOINT PROTECTION ROLE CONFIGMGR CENTRAL ADMINISTRATION SITE CONFIGMGR & EP REPORTING SIMPLIFIED CLIENT SETUP Ease of client setup and deployment • No separate deployment needed for endpoint protection client • Endpoint Protection agent installer deployed with Configuration Manager client setup Flexible administrative control • Administrator can force or suppress any required reboots • Configurable option for automatic removal of existing AV client Easy migration from existing solutions and automatic removal of existing clients • • • • Symantec McAfee TrendMicro Forefront Client Security or Forefront Endpoint Protection Client Installation Flow EP agent installer deployed with ConfigMgr Client EP enabled in the console- EP installation starts on the device Silent removal of third-party products EP client installation Policy configuration Signature update SIGNATURE UPDATE DISTRIBUTION Ensures always up-to-date security regardless of the client location • Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share) Easier distribution process • Automatic deployment rules within ConfigMgr console Minimizes WAN impact • Uses distribution points and reduced definition size Corporate Network MICROSOFT UPDATE DELTA UPDATE SIZE: 50-2048 KB UPDATE FREQUENCY: 3 TIMES/DAY ON THE ROAD Fallback to online update Updates distributed through ConfigMgr, WSUS or Windows File Share DEMO Add the Endpoint Protection Role Configure Antimalware polices Update Client Settings SYSTEM CENTER 2012 ENDPOINT PROTECTION Simplified Administration Single interface for client management and security Simple policy administration with best practice templates Single administrator experience for simplified endpoint protection and management Improved alerting and reporting, with real-time and usercentric data views SINGLE INTERFACE FOR CLIENT MANAGEMENT AND SECURITY Single interface for client management and security • Dashboard integrated with ConfigMgr console Quick identification and remediation of client security issues • Dashboard focused on actionable events Flexibility to separate security admin role • • Role-based administration Access to only relevant security information SIMPLE POLICY ADMINISTRATION WITH TEMPLATES Simplified management for antimalware policies • • Templates for different security needs Options to configure settings granularly Centralized management for Windows firewall • Profile-based firewall policy from the same dashboard MONITORING CLIENT SECURITY Quick alerts and event notification in the console • • • Uses high speed data channel to notify events in real time Integrated monitoring for client health and antimalware status Email subscription for alerts RICH REPORTING AND ANALYSIS Rich reporting on client security • • • SQL Reporting Services-based reports on many categories User-centric reports enable identification of commonly impacted users Customizable reports DEMO Client Side Console Actions Monitoring & Reporting FOR MORE INFORMATION System Center 2012 Configuration Manager http://technet.microsoft.com/enus/evalcenter/hh667640.aspx?wt.m c_id=TEC_105_1_33 Windows Intune http://www.microsoft.com/en-us/windows/windowsintune/try-andbuy Forefront / EndPoint Team Blog http://blogs.technet.com/b/clientsecurity/ QUESTIONS An email will be sent to all attendees on Monday, September 23 announcing location of slides received from presenters.