If we check the settings on the Defender client and specifically look at the exclusions we see our policy has applied. When we look at this policy we are able to see that indeed it references our 1) SCEP2012 Standard Desktop (Outlook 2010/2013) named policy and 2) the exclusions. If we review our EndpointProtectionAgent.log on the target machine, we are able to see the policy has been applied. If we compare a before and after we are able to see that it creates a Managed Defender folder on our target machine. Help ->About will illustrate that the machine is managed. I created a separate Windows 10 SCEP policy and deployed it against my collection of Windows 10 machines, whereupon I applied a SCEP 2012 standard desktop policy, modified to include Outlook 2010/2013 exclusions. You will need to remove any group policies that may have been configured to disable Windows Defender on domain machines. Looking at the figures below, first the machine was listed as “unmanaged,” then it was “managed” with Windows 8.1, followed by a failed push install on Windows 10, and finally the system was managed with Windows 10. If your environment has maintenance windows established, leave it as is and wait for the maintenance windows to occur.īoth of my VMs were not previously managed and it took until a reboot for them to actually report into the console as managed. The important thing is to make sure that you have the “allow installation and restarts” option set to Yes in order to see things happen right away. I’ve finally got everything to play nicely in my lab so I’m sharing a few screenshots. What does this mean? Even if you tell SCCM to install the SCEP client when you launch SCEP.exe, on a Windows 10 machine it will launch Defender. So you may or may not have heard that Defender is the default anti-virus client on Windows 10. In previous OS versions the anti-virus client was replaced by System Center Endpoint Protection (SCEP) software when it was managed by SCCM. Windows 10 takes a different approach and is now able to be directly managed by SCCM without replacing it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |