Validating the Installation

1. Open the Configuration Manager console.

   Note:
   If the Configuration Manager console was open during the Forefront Endpoint Protection server installation, close and then reopen the console.

2. In the Configuration Manager console, verify that the following are present:

   • The Forefront Endpoint Protection collections—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, expand Collections, expand FEP collections, and then check for the following collections:
     
     
     • Definition Status
       
       
     • Deployment Status
       
       
     • Operations
       
       
     • Policy Distribution Status
       
       
     • Protection Status
       
       
     • Security Status
       
       
   • The Forefront Endpoint Protection packages—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, expand Software Distribution, click Packages, and then check for the following packages in the preview pane:
     
     
     • FEP - Deployment
       
       
     • FEP - Operations
       
       
     • FEP - Policies
       
       
   • The Forefront Endpoint Protection Desired Configuration Management configuration baselines—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, click Desired Configuration Management, click Configuration Baselines, and then check for the following configuration baselines in the preview pane:
     
     
     • FEP - High-Security Desktop
       
       
     • FEP - Laptop
       
       
     • FEP - Performance-Optimized Desktop
       
       
     • FEP - Standard Desktop
       
       
     • FEP Monitoring - Antimalware Status
       
       
     • FEP Monitoring - Definitions and Health Status
       
       
     • FEP Monitoring - Malware Activity
       
       
     • FEP Monitoring - Malware Detections
       
       
   • The Forefront Endpoint Protection node—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, click Forefront Endpoint Protection, and then check for the following:
     
     
     • In the preview pane, the Forefront Endpoint Protection Dashboard
       
       
     • The Policies child node
       
       
     • The Alerts child node
       
       
     • The Reports child node
       
       

During installation, Forefront Endpoint Protection uses log files that can be helpful in locating and resolving issues. Log files are in text format and you can view them by using a text editor.

Server log files are located in the following location:

• If you installed Forefront Endpoint Protection on Windows Server 2003, %AllUsersProfile%\Application Data\Microsoft Forefront\Support\Server
  
  
• If you installed Forefront Endpoint Protection on Windows Server 2008, %AllUsersProfile%\Microsoft Forefront\Support\Server
  
  

The file names are in the following format:

LogFileName_Date_Time.log

where the following is true:

• LogFileName is the name of the log file.
  
  
• Date is the day, month, and year the log was created, in the format DDMMYYY.
  
  
• Time is the hour, minute, and second the log file was created, in the format HHMMSS.
  
  

The following table lists setup log files and the components with which they are associated.

Client log files are, by default, located in the following location:

• If you installed Forefront Endpoint Protection on Windows XP, Windows Vista, or Windows 2003, %allusersprofile%\Microsoft\Microsoft Security Client\Support
  
  
• If you installed Forefront Endpoint Protection on Windows 7 or Windows Server 2008, %ProgramData%\Microsoft\Microsoft Security Client\Support
  
  

The following table lists setup log files and the components with which they are associated.

Client Deployment