EndPoint Protection Fundamentals

advertisement
SYSTEM CENTER: ENDPOINT PROTECTION
FUNDAMENTALS
Howard A. Carter III
Senior Consultant
Microsoft Consulting Services
TechGate 2013 – Reston, VA
September 21, 2013
AGENDA
• Business Needs and IT Challenges
• Microsoft Solution
• System Center 2012 Endpoint Protection
• Unified Infrastructure
• Simplified Administration
• Summary
• Resources
BUSINESS NEEDS AND IT
CHALLENGES
Business Needs
Agility and Flexibility
IT Needs
Lower operational costs
How can IT maintain
user productivity
and protect against
evolving threats
How can IT reduce
complexity and scale
back infrastructure
requirements
MICROSOFT SOLUTION
ONE INFRASTRUCTURE FOR DESKTOP MANAGEMENT
AND PROTECTION
SYSTEM CENTER 2012 ENDPOINT
PROTECTION
Unified Infrastructure
Unified server setup
Easy client install and migration
Reduce the cost of
maintaining secure
endpoints with unified
management and
security infrastructure
Automated deployment of updates using ConfigMgr
infrastructure
UNIFIED SERVER SETUP
Integrated setup with
Configuration Manager
• Simply enable new site role
for Endpoint Protection
Consolidated infrastructure
• No separate database
installation requirements
Single Infrastructure
ENDPOINT
PROTECTION
ROLE
CONFIGMGR
CENTRAL
ADMINISTRATION SITE
CONFIGMGR
& EP
REPORTING
SIMPLIFIED CLIENT SETUP
Ease of client setup and deployment
• No separate deployment needed for endpoint protection client
• Endpoint Protection agent installer deployed with Configuration Manager client setup
Flexible administrative control
• Administrator can force or suppress any required reboots
• Configurable option for automatic removal of existing AV client
Easy migration from existing solutions and automatic removal of existing clients
•
•
•
•
Symantec
McAfee
TrendMicro
Forefront Client Security or Forefront Endpoint Protection
Client Installation Flow
EP agent installer
deployed with
ConfigMgr Client
EP enabled in
the console- EP
installation
starts on the
device
Silent
removal
of third-party
products
EP client
installation
Policy
configuration
Signature
update
SIGNATURE UPDATE DISTRIBUTION
Ensures always up-to-date security regardless of the client location
• Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share)
Easier distribution process
•
Automatic deployment rules within ConfigMgr console
Minimizes WAN impact
•
Uses distribution points and reduced definition size
Corporate Network
MICROSOFT UPDATE
DELTA UPDATE SIZE: 50-2048 KB
UPDATE FREQUENCY: 3 TIMES/DAY
ON THE ROAD
Fallback to
online update
Updates distributed through
ConfigMgr, WSUS or Windows
File Share
DEMO
Add the Endpoint Protection Role
Configure Antimalware polices
Update Client Settings
SYSTEM CENTER 2012 ENDPOINT
PROTECTION
Simplified
Administration
Single interface for client management and security
Simple policy administration with best practice templates
Single administrator
experience for simplified
endpoint protection and
management
Improved alerting and reporting, with real-time and usercentric data views
SINGLE INTERFACE FOR CLIENT
MANAGEMENT AND SECURITY
Single interface for client management
and security
•
Dashboard integrated with
ConfigMgr console
Quick identification and
remediation of client security issues
•
Dashboard focused on actionable
events
Flexibility to separate security admin
role
•
•
Role-based administration
Access to only relevant security
information
SIMPLE POLICY ADMINISTRATION
WITH TEMPLATES
Simplified management for
antimalware policies
•
•
Templates for different
security needs
Options to configure
settings granularly
Centralized management
for Windows firewall
•
Profile-based firewall policy
from the same dashboard
MONITORING CLIENT SECURITY
Quick alerts and event
notification in the console
•
•
•
Uses high speed data channel
to notify events in real time
Integrated monitoring for client
health and antimalware status
Email subscription for alerts
RICH REPORTING AND ANALYSIS
Rich reporting on client security
•
•
•
SQL Reporting Services-based
reports on many categories
User-centric reports enable
identification of commonly
impacted users
Customizable reports
DEMO
Client Side Console Actions
Monitoring & Reporting
FOR MORE INFORMATION
System Center 2012 Configuration Manager
http://technet.microsoft.com/enus/evalcenter/hh667640.aspx?wt.m
c_id=TEC_105_1_33
Windows Intune
http://www.microsoft.com/en-us/windows/windowsintune/try-andbuy
Forefront / EndPoint Team Blog
http://blogs.technet.com/b/clientsecurity/
QUESTIONS
An email will be sent to all attendees on Monday, September 23
announcing location of slides received from presenters.
Download