Will Forefront Endpoint Protection 2012 support System Center Essentials?


  • I believe the official line is that Forefront Endpoint Protection (FEP) 2010 is not supported with System Center Essentials (SCE) 2010.

    I was wondering if this stance will change with FEP 2012?  It'll be somewhat disappointing if not...

    SCE is aimed directly at the midsize segment of 50-500 PCs.  If FEP 2012 does not support SCE (or provide a standalone administrative console), then it's a clear message from Microsoft that FEP is for 500+ PC environments, where SCCM targets.

    Sunday, May 22, 2011 9:49 AM

All replies

  • FEP 2012 is fully supported with CM2012. CM2012 is a perfect solution for companies below 500 seats. We have many CM2007 installation between 200-500 seats.
    Kent Agerlund | My blogs: and | Twitter @Agerlund | Linkedin: /kentagerlund
    Sunday, May 22, 2011 11:24 AM
  • I do agree that SCCM can be deployed in sites under 200 seats.  However, the SCE sweet-spot is also around the 50-250 seats (although it supports up to 500 seats).

    For those who have chosen to deploy SCE 2010 (as it offers more than SCCM alone in terms of some functionality in SCOM and SCVMM), it appears that FEP cannot be deployed in the same domain (due to the requirement to have the SCCM agent deployed, which does not appear to co-exist with the SCE agent).

    Therefore, I'm really hoping that FEP 2012 supports SCE - even if it's to the extend of co-existence if not outright integration...

    Sunday, May 22, 2011 12:06 PM
  • I do not believe that MS will support SCE 2010 in the future in anyway. Forget FEP with SCE.

    Forefront Managers in MS should be sacked, that could help :)

    Sunday, June 26, 2011 9:48 PM
  • we are in the same situation too. did not thought Feb 2010 will not support under SCE before purchase.
    Monday, September 12, 2011 2:02 AM
  • Hi,

    Windows Intune is targeted as well for companies below 500 pc's and have support for FEP, as an alternative to SCCM.


    -- My System Center blog -- Twitter @ccmexec
    Monday, September 12, 2011 7:15 PM
  • SCCM and InTune may be better solutions, but why include FEP in, for instance, the educational SA licensing that my organization uses, but then cruelly leave no way to deploy it.  It seems that the distribution method is from the ISO, but that gives an error if CM is not present, even if SCE is installed.  The Forefront Client Security that also comes with our licensing seems outdated.  It seems like kind of a cruel trick to play to offer *licensing* for comprehensive security with no way to deploy it but spend another $1000 on SCCM *alone*, without the other components of SC.
    Thursday, February 09, 2012 5:21 PM
  • You may not have a way to deploy or remotely manage FEP 2012 (or 2010), but you can still install the client on your workstations manually.

    Obviously that isn't and easy solution since you can't define different policies for different types of users and software installation but you can at least use the product manually.

    I have actually done that on some of my workstations that are still "waiting" for the SCCM Agent to complete it's installation, before SCCM configures the FEP Client. Once the SCCM Agent completes, it will update the client to your defined configurations.


    Wednesday, September 25, 2013 6:34 PM