12 aprilie 2012 15:03
I've configured the SoftwareUpdatesAutomation tool according to Richards Balsley's blogpost (http://richardbalsley.com/forefront-endpoint-protection-2010-update-rollup-1-using-your-distribution-points-for-fep-definitions-with-the-software-update-automation-tool-2)
When checking the files that are downloaded by this tool its only AM_Delta and multiple AM_Delta_Patch* files.
I suspect that these are only defintion updates and not engine updates. So does that mean a FEP client requires a different update source at the time of installation, when it needs to install the full package (60MB)?
This blog post by Minfang Lu seems to imply that initial updates can also be provided by the Software Update Deployment Package. http://blogs.msdn.com/b/minfangl/archive/2011/11/29/guidance-on-serve-initial-fep-definition-update-with-sccm-through-dp.aspx
13 aprilie 2012 00:54
In my experience, the first update - which is a full update; engine included - done by the FEP client after install, comes straight from Microsoft over the Internet (this may differ if you have all update sources deselected besides UNC path for example.) This happens because any update triggered from the client can't be an SCCM update due to the nature of how SCCM works. The only updates that come from SCCM are those initiated (pushed) from SCCM when the SCCM client runs a software updates scan and sees that the update packaged by the automation tool is newer than the one on the client. If you have your FEP client update schedule set to an interval that is less than the interval at which your SCCM server syncs with WSUS and the automation tool updates the package, you will never get the update from SCCM. This fact should probably be made more clear by the documentation. It definitely confused me when I first set up FEP.
Kinda went off on a tangent there....but back to your question about the engine files...I just checked the network location where my FEP updates package is stored and it contains engine files like AM_Engine.exe, AM_Engine_Patch1.exe, NIS_Engine, etc. There shouldn't be anything preventing the automation tool from including these in the package/deployment and delivering them to clients if they are needed.
13 aprilie 2012 07:31
Just checked the status of my client and it turns out its up to date. It eventually got its updates at 13-apr 8:31 while the client was installed at 12-apr 13:45.
Since the MPLog*.log does not contain any update source and the file share I configured in the policy does not exist (proved by events 2002 in the eventlog) the updates must have come from SCCM.
The conclusion is that the necessary files for the FEP client are indeed available in the Software updates Package.
Message from: http://social.technet.microsoft.com/Forums/en-US/user