Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft System Center 2012 Endpoint Protection Overview

Published byGrant Pearson Modified over 6 years ago

Similar presentations

Presentation on theme: "Microsoft System Center 2012 Endpoint Protection Overview"— Presentation transcript:

1 Microsoft System Center 2012 Endpoint Protection Overview
11/18/2018 6:39 AM MGT310 Microsoft System Center 2012 Endpoint Protection Overview Mark Florida Principal Program Manager Lead Microsoft Corporation Adwait Joshi (AJ) Product Marketing Manager Microsoft Corporation © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Session Objectives And Takeaways
TechReady 14 11/18/2018 Session Objectives And Takeaways Session Objectives: The evolution of malware Overview of System Center 2012 Endpoint Protection Demos on EP client installation and management+security Overview of the Endpoint Protection client © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 The Evolution Of Malware
In 1991, 1000 known threats, in 2001 there were 60,000 Today there are millions, and it’s growing every day Sophistication and production rates continue to evolve Anybody can do it—full malware suites available online Your stuff is worth money, and they want it!

4 Nefarious Personas National Interest Personal Gain Personal Fame
Curiosity Spy Fastest growing segment Thief Tools created by experts now used by less skilled attackers and criminals Trespasser Vandal Author Script-Kiddy Hobbyist Hacker Expert Specialist

5 Unified Infrastructure Simplified Administration
System Center 2012 Endpoint Protection Next generation of Forefront Endpoint Protection 2010 Unified Infrastructure Reduce the cost of maintaining secure endpoints with unified management and security infrastructure Simplified Administration Single administrator experience for simplified endpoint protection and management Enhanced Protection Protect against known and unknown threats with endpoint inspection at behavior, application, and network levels

6 Mgmt + Security In Configuration Manager 2012
OSD Exchange Connector Settings Management Software Updates + SCUP Endpoint Protection SWD

7 System Center 2012 Endpoint Protection
Unified Infrastructure Reduce the cost of maintaining secure endpoints with unified management and security infrastructure Easy to setup and operate the management infrastructure Simplified deployment of antimalware policies Automated deployment of updates using ConfigMgr infrastructure Easy client install and migration

8 Infrastructure Changes from FEP 2010
CONFIGURATION MANAGER 2007 FOREFRONT ENDPOINT PROTECTION 2010 CONFIGURATION MANAGER 2012 ENDPOINT PROTECTION 2012 Definition Catalogs FEP SERVICE EP CLIENT on ConfigMgr Server EP SITE ROLE SERVER CLIENT MANAGEMENT POINT CM CLIENT FEP DW FEP DB CM DB EP DEPLOYMENT EP OPERATIONS EP POLICY Pre-Packaged EP CLIENT CONFIGURATION MANAGER SITE SERVER FEP EXTENSIONS FEP DEPLOYMENT FEP OPERATIONS FEP POLICY DISTRIBUTION POINT EP CLIENT EXCEL TEMPLATE REPORTS

9 Simplified Deployment of AM Policies
Centralized management for AM and Firewall Policy AM and FW policy delivered as ConfigMgr policy – no package/program dependency Out of box templates Import, Export, Merge Prioritization of policies by collection Simplified UI for customizing policy

10 Signature Update Distribution
Easier distribution process Automatic deployment rules within ConfigMgr software updates Minimizes WAN impact Uses distribution points and reduced definition size Ensures always up-to-date security regardless of the client location Multiple update sources (ConfigMgr, WSUS, Microsoft Update, Windows File Share) Corporate Network MICROSOFT UPDATE Delta update size: KB Update Frequency: 3 times/day Updates distributed through ConfigMgr, WSUS or Windows File Share ON THE ROAD Fallback to online update

11 Simplified Client Setup
Ease of client setup and deployment No separate deployment needed for endpoint protection client Endpoint Protection agent installer deployed with Configuration Manager client setup Endpoint Protection client and definitions easily integrated with OSD Flexible administrative control Administrator can force or suppress any required reboots Configurable option for automatic removal of existing AV client Easy migration from existing solutions and automatic removal of existing clients Symantec McAfee TrendMicro Forefront Client Security or Forefront Endpoint Protection Client Installation Flow EP agent installer deployed with ConfigMgr Client EP enabled in the console- EP installation starts on the device Signature update Configure Policy EP client install Silent removal of third-party products

12 Client Deployment

13 System Center 2012 Endpoint Protection
Simplified Administration Single administrator experience for simplified endpoint protection and management Single interface for client management and security Improved alerting, client to admin within 5 minutes, and reporting, with real-time and user-centric data views

14 Single Interface For Management And Security
Single interface for client management and security Dashboard integrated with ConfigMgr console Simplified cross-feature integration Quick identification and remediation of client security issues Dashboard focused on actionable events Flexibility to separate security admin role Role-based administration Access to only relevant security information

15 Monitoring Client Security
Quick alerts and event notification in the console Uses high speed data channel to notify events in real time High speed data channel prioritizes EP messages in state system, and no client “wait” to send messages up Integrated monitoring for client health and antimalware status subscription for alerts

16 Rich Reporting And Analysis
Rich reporting on client security SQL Reporting Services-based reports on many categories User-centric reports enable identification of commonly impacted users Customizable reports simplified through database integration

17 Management and Real-time Monitoring

18 System Center 2012 Endpoint Protection SP1
What’s new in SP1 System Center 2012 Endpoint Protection SP1 Automatically deploy definition update 3 times per day Category based scan from client to WSUS Delta syncs between SUP and WSUS Real-time administrative actions: Run Definition Updates Run Quick Scan Run Full Scan Allow threats Exclude paths and/or files Restore files quarantined by threat Client side merge of antimalware policies

19 Real-time Administrative Actions
What’s new in SP1 Real-time Administrative Actions Task = “Run Full Scan” A task is created MP is told that new urgent task has been requested 3 2 In administrative console selects “Run Full Scan” on a collection Administrator Site Server and MP “Dial tone” Active TCP Session with the MP Client Checking for urgent tasks 1 “Call is placed” Client via this TCP connection is told there are urgent tasks to run Client then connects to the MP to get policy Client runs the Full Scan Task 4 All this happens within seconds Client

20 Real-time Administrative Actions in Endpoint Protection SP1

21 System Center 2012 Endpoint Protection
Enhanced Protection Protect against known and unknown threats with endpoint inspection at behavior, application, and network levels Comprehensive protection stack building on Windows Security Proactive protection against known and unknown threats Reduced complexity while protecting clients

22 Comprehensive Protection Stack Building on Windows Platform security
Reactive Techniques (Against Known Threats) Proactive Techniques (Against Unknown Threats) DYNAMIC CLOUD UPDATES Behavior Monitoring APPLICATION Data Execution Prevention Address Space Layout Randomization User Account Control Windows Resource Protection Antimalware Dynamic Translation and Emulation FILE SYSTEM Internet Explorer® 8 SmartScreen Microsoft AppLocker Microsoft BitLocker Dynamic Signature Service Microsoft Malware Protection Center Vulnerability Shielding (Network Inspection System) NETWORK Windows Firewall Centralized Management System Center Endpoint Protection Windows 7

23 Dynamic Translation With Heuristics
Industry-leading proactive detection Emulation based detection helps provide better protection Safe translation in a virtual environment for analysis Enables faster scanning and response to threats Heuristics enable one signature to detect thousands of variants Potential Malware Execution attempt on the system Real Time Protection Driver Intercepts Safe Translation Using DT Malware Detected Malicious File Blocked VIRTUALIZED RESOURCES

24 Behavior Monitoring And Dynamic Signatures
Live system monitoring identifies new threats Tracks behavior of unknown processes and known bad processes Multiple sensors to detect OS anomaly Updates for new threats delivered through the cloud in real time Real time signature delivery with Microsoft Active Protection Service Immediate protection against new threats without waiting for scheduled updates RESEARCHERS REAL-TIME SIGNATURE DELIVERY BEHAVIOR CLASSIFIERS REPUTATION Microsoft Active Protection Service Properties/ Behavior Sample request Sample submit Real-time signature 1 2 3 4

25 Best Usability 2011 – AV Test

26 Protect Clients With Reduced Complexity
Simple interface Minimal, high-level user interactions Administrative Control User configurability options Central policy enforcement Maintains high productivity CPU throttling during scans Faster scans through advanced caching

27 Heterogeneous Antimalware Clients
What’s new in SP1 Heterogeneous Antimalware Clients Features: Anti-virus and Anti-malware support Machines connect directly to internet service for security content Client UI for user visibility and control SCOM monitoring pack for Linux with management control Platforms: Apple Mac ( ). Linux Server: Redhat Enterprise 6 SuSE Linux 11

28 Summary Key Scenarios Forefront Endpoint Protection 2010
System Center 2012 Endpoint Protection Unified infrastructure System Center Configuration Manager 2007 System Center 2012 Configuration Manager Server setup Separate install Unified setup Client deployment ConfigMgr distribution process Integrated Signature updates Multiple sources (WSUS, File Share, Microsoft Update) Multiple sources with automatic deployment rules from ConfigMgr console Proactive protection Firewall management Role based administration New Alerts and monitoring Real time alerts Reports Additional user centric reports Unify Protect Simplify

29 Online Resources Launching a Windows Defender Offline Scan with Configuration Manager 2012 OSD Operating System Deployment and Endpoint Protection Client Installation Software Update Content Cleanup in System Center 2012 Configuration Manager Building Custom Endpoint Protection Reports in System Center 2012 Configuration Manager Managing Software Updates in Configuration Manager 2012    How-to-Videos   Product Documentation  Security and Compliance Manager – Configuration Packs

30 Related Content Breakout Sessions
MGT309 | Microsoft System Center 2012 Configuration Manager Overview MGT311 | Microsoft System Center 2012 Configuration Manager Deployment and Infrastructure Technical Overview MGT312 | Deep Application Management with Microsoft System Center 2012 Configuration Manager MGT313 | Microsoft System Center 2012 Configuration Manager: Plan, Deploy, and Migrate from Configuration Manager 2007 to 2012 MGT318 | Patch and Settings Management in Microsoft System Center 2012 Configuration Manager WCL388 | Client Management Scenarios in the Windows 8 Timeframe

31 Related Content Hands-on Labs:
MGT23-HOL | Deploying Windows 7 to Bare Metal Systems with Microsoft System Center 2012 Configuration Manager MGT24-HOL | Implementing Endpoint Protection 2012 in Microsoft System Center 2012 Configuration Manager MGT12-HOL | Compliance and Settings Management in Microsoft System Center 2012 Configuration Manager MGT25-HOL | Deep Dive: Microsoft System Center 2012 Configuration Manager SQL Replication Labs MGT21-HOL | Basic Software Distribution in Microsoft System Center 2012 Configuration Manager MGT16-HOL | Migrating from Microsoft System Center Configuration Manager 2007 to System Center 2012 Configuration Manager MGT14-HOL | Implementing Role Based Administration in Microsoft System Center 2012 Configuration Manager MGT15-HOL | Deploying a Microsoft System Center 2012 Configuration Manager Hierarchy MGT11-HOL | Introduction to Microsoft System Center 2012 Configuration Manager

32 MGT Track Resources DOWNLOAD System Center 2012 Evaluation
#TEMGT310 Talk to our Experts at the TLC Hands-On Labs DOWNLOAD System Center 2012 Evaluation microsoft.com/systemcenter DOWNLOAD System Center 2012 SP1 CTP microsoft.com/systemcenter

33 Resources Learning TechNet http://europe.msteched.com
Connect. Share. Discuss. Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

34 Submit your evals online
11/18/2018 6:39 AM Evaluations Submit your evals online © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 11/18/2018 6:39 AM © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36 11/18/2018 6:39 AM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Microsoft System Center 2012 Endpoint Protection Overview"

Similar presentations

Microsoft System Center 2012 Endpoint Protection Overview Adwait Joshi (AJ) Product Marketing Manager Microsoft Corporation Mark Florida Principal Program.

Microsoft System Center 2012 Endpoint Protection Overview Adwait Joshi (AJ) Product Marketing Manager Microsoft Corporation Mark Florida Principal Program.
Deep Application Management with Microsoft System Center 2012 Configuration Manager Adwait Joshi Senior Product Marketing Manager Microsoft Corporation.

Deep Application Management with Microsoft System Center 2012 Configuration Manager Adwait Joshi Senior Product Marketing Manager Microsoft Corporation.
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.

MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.
Exchange Deployment Planning Services Exchange 2010 Complementary Products.

Exchange Deployment Planning Services Exchange 2010 Complementary Products.
Service Pack 2 System Center Configuration Manager 2007.

Service Pack 2 System Center Configuration Manager 2007.
Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.

Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.
Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.
Microsoft Virtual Academy. Microsoft Virtual Academy First HalfSecond Half (01) Introduction to Microsoft Virtualization(05) Hyper-V Management (02) Hyper-V.

Microsoft Virtual Academy. Microsoft Virtual Academy First HalfSecond Half (01) Introduction to Microsoft Virtualization(05) Hyper-V Management (02) Hyper-V.
Hybrid Management and Security

Hybrid Management and Security
Now, let’s implement/trial Windows Defender Advanced Threat Protection

Now, let’s implement/trial Windows Defender Advanced Threat Protection
Microsoft Virtual Academy

Microsoft Virtual Academy
Microsoft Virtual Academy

Microsoft Virtual Academy
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
SaaS Application Deep Dive

SaaS Application Deep Dive
Microsoft Virtual Academy

Microsoft Virtual Academy
Threat Management Gateway

Threat Management Gateway
Microsoft Virtual Academy

Microsoft Virtual Academy

Similar presentations

Ads by Google