none
SCCM Endpoint protection on Window 10 RRS feed

  • Question

  • HI all, I am fairly new to SCCM.

    I would like to check how does actually SCCM Endpoint protection work in Window 10 desktop? most of the video I can find on youtube is all window 7. On Administration > Client Settings > within the setting >"Manage endpoint protection client on client computer" is set to yes, this setting will install with System center endpoint protection client on window 7. but on window 10 I cannot find it and I read online that there is no need to install as is already build in into window 10 Windows Defender Security Center.

    Here are my question, hope u can help me as much as possible.

    1. How do I check System center endpoint protection client is already install on window 10?  or there is no need for me to set to "Yes" on On Administration > Client Settings > within the setting >"Manage endpoint protection client on client computer" is set to yes. As window 10 already have build in Windows Defender Security Center.

    2. On Assets and Compliance > Endpoint protection > Antimalware Polices , I have create Antimalware Policy. how do I check on Window 10 that is already apply?

    3. 
    On Assets and Compliance > Endpoint protection > Windows Defender Firewall Policies , if I apply GPO firewall and this is setting  on sccm is apply as well. which will take places? can I apply this setting "Windows Defender Firewall Policies" without client setting been apply first?

    4. On Software Update Point Component Properties, at Classifications tabs ,I only pick Definition Update. do I need to pick Feature Packs for window 10? because I saw for window 7 there always pick both
    Definition Update and Feature Packs.

    5. 
    On Software Update Point Component Properties, at Products, I saw people pick Forefront Endpoint protection 2010 for window 7. for window 10 do I need to pick any product if I am only use Windows Defender Security Center?

    6. if I have any other anti-virus on my window 10, can SCCM manage them? do I need to disable window 10
    Windows Defender Security Center to allow other anti-virus to take place? will it be the same step as all the answer you provided above from my question 1 to 5?Thanks 
    I know there is a lot of question. but I really hope u can help me out.
    Wednesday, July 10, 2019 7:43 AM

Answers

  • Hello,
     
    Sorry I did not understand what you meant before.
     
    1> Yes, the GPO firewall setting would overwrite the SCCM firewall policy.
     
    2> To apply firewall policy from SCCM we do not need to configure that client setting. Actually, the firewall policy from SCCM is somehow like a configuration baseline. After we deploy the firewall policy, we could find it under configuration tab of the CM applet in the control panel.
     

     
    3> It only supports managing Windows Defender on Windows 10. For other AV software, if there are commands or registry keys or configuration file could control these software, SCCM could use them for indirect management. But there is no built-in way to do it.
     
    Best Regards,
    Ray   

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Jason SandysMVP Friday, July 12, 2019 7:45 PM
    • Marked as answer by Chang Hian Tuesday, July 23, 2019 9:46 AM
    Thursday, July 11, 2019 8:02 AM

All replies

  • Hello,
     
    1> SCCM could work with the Windows Defender Security Center so there are not other endpoint protection client install on Windows 10. It still need us to select "yes" in the client settings to apply the management from SCCM. 
    After clients receive the policy, we could check the protection status in \Monitoring\Overview\Security\Endpoint Protection Status\System Center Endpoint Protection Status.
     
    2> We could click the link from the monitoring window mentioned above and check the policy application status.
     


     
    3> SCCM policy is applied at the local level, if it has conflicts with GPO, it would be overwritten.
     
    4.5> For windows 10, we need select definition update as classification and windows defender as product.
     
    6> SCCM can not manage other 3rd AV softwares. 
    Hope my answer could help you and look forward to your feedback.
     
    Best Regards,
    Ray

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 10, 2019 9:43 AM
  • Hi Raj Jia. Thank for your fast respond.

    regarding question 3, so I can say GPO firewall will overwrite SCCM policy? 

    u might miss out this question on no.3 as well. Can I apply this setting "Windows Defender Firewall Policies" and set firewall setting on client device without client setting been apply first? mean I didn't push down any endpoint protection at  On Administration > Client Settings > within the setting >"Manage endpoint protection client on client computer" is set to yes.



    for question 6. can it manage symantec antivirus? do you have a list of anti virus it can manage or it can only manage Windows Defender Security Center  on window 10?
     
    Thursday, July 11, 2019 5:50 AM
  • Hello,
     
    Sorry I did not understand what you meant before.
     
    1> Yes, the GPO firewall setting would overwrite the SCCM firewall policy.
     
    2> To apply firewall policy from SCCM we do not need to configure that client setting. Actually, the firewall policy from SCCM is somehow like a configuration baseline. After we deploy the firewall policy, we could find it under configuration tab of the CM applet in the control panel.
     

     
    3> It only supports managing Windows Defender on Windows 10. For other AV software, if there are commands or registry keys or configuration file could control these software, SCCM could use them for indirect management. But there is no built-in way to do it.
     
    Best Regards,
    Ray   

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Jason SandysMVP Friday, July 12, 2019 7:45 PM
    • Marked as answer by Chang Hian Tuesday, July 23, 2019 9:46 AM
    Thursday, July 11, 2019 8:02 AM
  • Hello,
     
    I notice that you have not updated for several days. Has your issue been solved? Or is there any update? Feel free to feedback.
     
    Best Regards,
    Ray

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 15, 2019 12:01 PM
  • Hi Ray Jia, Thank for your help. sorry for the late reply. 
    Tuesday, July 23, 2019 9:47 AM