Sign in
Microsoft.com
 
Forefront Client Security TechCenter
 
 
 
Forefront Client Security TechCenter > Forefront Client Security Forums > Forefront Client Security - Security State Assessment > Security State Assessment Service policy applied with errors
Ask a questionAsk a question
Search Forums:
 

AnswerSecurity State Assessment Service policy applied with errors

  • Friday, August 21, 2009 1:56 PMsejong Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    I intsalled Forefront Client Security on Windows Server 2008 R2 RTM using the /NOMOM switch because this is a standalone intallation.  Each time the Security State Assessment Service (FcsSas) starts, it records event 10006 (Forefront Client Security State Assessment Service policy applied with errors. Reverted to the following settings: Schedule Type: Interval Time: 12 Parameter: ).

    There is no option in the FSC console to run a Security State Assessment scan.

    Is this behavior expected?  Are Security State Assessment scans available only in a managed environment?

    Thanks.
     

Answers

  • Monday, August 24, 2009 6:04 AMNick Gu - MSFTMSFT, ModeratorUsers MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     Answer
    Sign In to Vote
    0
    Sign In to Vote

    Hi,

     

    Thank you for your post.

     

    According to your description, I understand that the error message regarding the Forefront Client Security State Assessment Service (10006) shows in the system event log.

     

    As far as I know, the FCS SAS service is used for the Security State Assessment(SSA). The client will use the mom agent to get the policy regarding SSA from the FCS server and upload the result to the FCS server. We only can get the state assessment result from the FCS server.

     

    So in this scenario, the Forefront Client Security(FCS) has been installed to the client with the parameter “nomon”, we could safely ignore the error message regarding the FCS SAS. Additionally, you may disable the FCS SAS service on the client.

     

    Regards,

    Nick Gu - MSFT
     

All Replies

  • Monday, August 24, 2009 6:04 AMNick Gu - MSFTMSFT, ModeratorUsers MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     Answer
    Sign In to Vote
    0
    Sign In to Vote

    Hi,

     

    Thank you for your post.

     

    According to your description, I understand that the error message regarding the Forefront Client Security State Assessment Service (10006) shows in the system event log.

     

    As far as I know, the FCS SAS service is used for the Security State Assessment(SSA). The client will use the mom agent to get the policy regarding SSA from the FCS server and upload the result to the FCS server. We only can get the state assessment result from the FCS server.

     

    So in this scenario, the Forefront Client Security(FCS) has been installed to the client with the parameter “nomon”, we could safely ignore the error message regarding the FCS SAS. Additionally, you may disable the FCS SAS service on the client.

     

    Regards,

    Nick Gu - MSFT
     
  • Monday, August 24, 2009 3:58 PMsejong Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Thanks.