none
M/S Forefront MP excessive discoveries

    Вопрос

  • The Microsoft.FEP.ProtectedServer entity is the most frequent discovery within the past 24 hours.  I suspect that this needs to run every day to get an accurate status of virus protection.  Is there any suggestion on how to reduce the discovery churn?
    14 декабря 2011 г. 21:26

Ответы



  • Hi,
     
    Thank you for your post.

    The Microsoft.FEP.ProtectedServer entity is the most frequent discovery within the past 24 hours.
    What is your issue about this? Network bandwidth?

    Please verify these settings in ConfigMgr console:
    1. Check Discovery Methods--Active Directory system discovery--Polling Schedule--recur every day
    2. Check Client Agents--Computer client Agent--Policy polling interval set to 30 minutes--state messages reporting cycle set to 15 minutes--Tab BITS--select apply to branch distribution points and all clients
    3. Check Client Agents--Desired Configuration Management Client Agent--Simple schedule set to 1 days
    4. Check Client Agents--Hardware Inventory Client Agent--Run every 1 days
    5. Check Computer management-- Desired Configuration Management—Configuration Baselines—FEP Monitoring Antimalware Status--Assignment—check schedule if occurs every 1 day

    If there are more inquiries on this issue, please feel free to let us know.

    Regards,


    Rick Tan

    TechNet Community Support

    • Помечено в качестве ответа Rick TanModerator 26 декабря 2011 г. 3:01
    16 декабря 2011 г. 2:59

Все ответы



  • Hi,
     
    Thank you for your post.

    The Microsoft.FEP.ProtectedServer entity is the most frequent discovery within the past 24 hours.
    What is your issue about this? Network bandwidth?

    Please verify these settings in ConfigMgr console:
    1. Check Discovery Methods--Active Directory system discovery--Polling Schedule--recur every day
    2. Check Client Agents--Computer client Agent--Policy polling interval set to 30 minutes--state messages reporting cycle set to 15 minutes--Tab BITS--select apply to branch distribution points and all clients
    3. Check Client Agents--Desired Configuration Management Client Agent--Simple schedule set to 1 days
    4. Check Client Agents--Hardware Inventory Client Agent--Run every 1 days
    5. Check Computer management-- Desired Configuration Management—Configuration Baselines—FEP Monitoring Antimalware Status--Assignment—check schedule if occurs every 1 day

    If there are more inquiries on this issue, please feel free to let us know.

    Regards,


    Rick Tan

    TechNet Community Support

    • Помечено в качестве ответа Rick TanModerator 26 декабря 2011 г. 3:01
    16 декабря 2011 г. 2:59
  • Hi Rick-

    I have a question too about the discovery churn with the Microsoft.FEP.ProtectedServer discovery in SCOM 2007 R2. We have approx. 1,500 agents in one management group and we are getting around 8,300 discovery changes per day from this one discovery. We are running the current version of the Forefront MP. Discovery is set for 24 hours. It does look like the discovery is capturing all of the attributes which can change daily, like 'Last Full Scan Start/End).

    Is there any way to fix this? It is causing several 2115 events each day. Sorry if this is the wrong forum, it's really hard to get info on this MP.

    Thanks, Michael

    9 июля 2012 г. 23:55