Installing Using Advanced Setup

Applies To: Forefront Endpoint Protection

Using advanced topology enables you to install individual Forefront Endpoint Protection (FEP) features. Since you can select one or more of these features during the advanced topology installation, the steps relevant to each feature are described separately.

The following is a list of the step-by-step instructions for installing FEP using the advanced topology setup options:

  • To install Configuration Manager Site Server FEP 2010 Extension

  • To install FEP 2010 Reporting and Alerts

    Warning

    If you are not installing this feature on a Configuration Manager site server, you must perform the following on the servers running the Configuration Manager site server and Configuration Manager WMI Provider roles:

    1. Configure DCOM permissions. For more information, see How to Configure DCOM Permissions for Configuration Manager Console Connections (https://go.microsoft.com/fwlink/?LinkId=206626).

    2. Add the computer on which you are installing FEP reporting to the local SMS Admins security group.

    Note

    This feature installs the configuration baselines and configuration items that are used to collect reporting and alerting data. If you are installing on a parent Configuration Manager site, the configuration baselines and configuration items are overwritten in the children sites.

  • To install Configuration Manager Console Extension for FEP 2010

Prerequisites

Before you install FEP on a server, make sure that your environment meets all the minimum requirements. For more information, see Prerequisites for Installing Forefront Endpoint Protection on a Server.

To install the Configuration Manager Site Server FEP 2010 Extension

  1. On the computer which the Configuration Manager site server is installed, insert the FEP DVD into the DVD drive, or manually run splash.hta from the autorun folder in the root of the DVD.

  2. Select your preferred language, and then click FEP 2010.

    The Microsoft Forefront Endpoint Protection 2010 Server Setup wizard opens.

  3. On the Welcome page:

    1. In the Name box, type your name.

    2. In the Organization box, type the name of your organization, and then click Next.

  4. On the Microsoft Software License Terms page, review the license agreement. If you accept the terms and conditions, select the I accept the software license terms check box, and then click Next.

  5. On the Installation Options page, select Advanced topology, and then click Next.

  6. On the Advanced Topology page, select Configuration Manager Site Server FEP 2010 Extension, and then click Next.

  7. On the Updates and Customer Experience Options page:

    • If you want to update your FEP installation automatically, select the Use Microsoft Update to keep my products up to date check box.

    • If you want to participate in improving the product by anonymously providing hardware and usage information, select the Join the Customer Experience Improvement Program option, and then click Next.

  8. On the Microsoft SpyNet Policy Configuration page:

    • If you want to participate in improving the antimalware abilities of the FEP client software by providing basic telemetry information about detected malware, select the Join Microsoft SpyNet check box, and then click Basic SpyNet membership. This option is selected by default.

    • If, in addition to the basic SpyNet membership, you want to provide advanced telemetry information about potential malware, select the Join Microsoft SpyNet check box, click Advanced SpyNet membership, and then click Next.

      Important

      These options affect the settings in the FEP default policies. For information about modifying policies, see Configuring Client Settings by Using Policies.

  9. On the Installation Location page, specify the root folder for the installation, and then click Next.

  10. On the Prerequisites Verification page, review the verification results, and then click Next. If there are verifications that failed, in the row of each failed verification, in the Details column, click More to determine the cause, and then take appropriate action.

  11. On the Setup Summary page, review the details, and then click Install.

    The Installation page shows the installation progress of each installation item. When the installation successfully completes, click Next.

  12. On the Installation Complete page, click Finish.

To install FEP 2010 Reporting and Alerts

  1. On the computer which you want to install the FEP reporting and alerts, insert the FEP DVD into the DVD drive, or manually run splash.hta from the autorun folder in the root of the DVD.

  2. Select your preferred language, and then click FEP 2010.

    The Microsoft Forefront Endpoint Protection 2010 Server Setup wizard opens.

  3. On the Welcome page:

    1. In the Name box, type your name.

    2. In the Organization box, type the name of your organization, and then click Next.

  4. On the Microsoft Software License Terms page, review the license agreement. If you accept the terms and conditions, select the I accept the software license terms check box, and then click Next.

  5. On the Installation Options page, select Advanced topology, and then click Next.

  6. On the Advanced Topology page, select FEP 2010 Reporting and Alerts, and then click Next.

  7. On the Configuration Manager Site Server Settings page, verify the name of the Configuration Manager site server, and then click Next. If you want to view more details about the site server, click Details.

  8. On the Forefront Endpoint Protection 2010 Server Database Configuration page, verify the name of the FEP database, and then click Next.

  9. On the Reporting Configuration page:

    1. Under Microsoft Forefront Endpoint Protection 2010 Reporting Database settings:

      1. In the Computer box, verify the name of the reporting database computer.

      2. In the Instance box, verify the name of the reporting database instance.

      3. In the Database name box, accept the default name of the reporting database.

      4. If you are reinstalling and you want to reuse the existing database, select the Reuse existing database check box.

        Important

        If you select this option, you must use the original database name and verify that it exists on the specified SQL Server instance on the specified computer.

    2. Under SQL Reporting Services reporting execution account:

      1. In the URL box, verify the URL of your reporting server.

      2. In the User name box, verify the name of user account that is used to connect to the reporting server.

        Note

        If you specify a domain administrator account, a warning message appears.

      3. In the Password box, type the password for the specified user account, and then click Next.

  10. On the Updates and Customer Experience Options page:

    • If you want to update your FEP installation automatically, select the Use Microsoft Update to keep my products up to date check box.

    • If you want to participate in improving the product by anonymously providing hardware and usage information, select the Join the Customer Experience Improvement Program option, and then click Next.

  11. On the Microsoft SpyNet Policy Configuration page:

    • If you want to participate in improving the antimalware abilities of the FEP client software by providing basic telemetry information about detected malware, select the Join Microsoft SpyNet check box, and then click Basic SpyNet membership. This option is selected by default.

    • If, in addition to the basic SpyNet membership, you want to provide advanced telemetry information about potential malware, select the Join Microsoft SpyNet check box, click Advanced SpyNet membership, and then click Next.

  12. On the Installation Location page, specify the root folder for the installation, and then click Next.

  13. On the Prerequisites Verification page, review the verification results, and then click Next. If there are verifications that failed, in the row of each failed verification, in the Details column, click More to determine the cause, and then take appropriate action.

  14. On the Setup Summary page, review the details, and then click Install.

    The Installation page shows the installation progress of each installation item. When the installation successfully completes, click Next.

    Important

    If you are prompted to restart your computer, you must wait for Setup to complete before restarting.

  15. On the Installation Complete page, click Finish.

    Important

    As part of the FEP 2010 Reporting and Alerts installation, the FEP client software is installed with customized settings. If you are installing FEP on your Configuration Manager site server, and either the Configuration Manager agent is installed on this server, or you did not install Configuration Manager or SQL Server using the default locations, or you did not use the default SQL Server instance, you must recreate or modify the customized settings. For more information, see Configuring the Client Software on a Configuration Manager Site Server.

To install the Configuration Manager Console Extension for FEP 2010

  1. On the computer which the Configuration Manager console is installed, insert the FEP DVD into the DVD drive, or manually run splash.hta from the autorun folder in the root of the DVD.

  2. Select your preferred language, and then click FEP 2010.

    The Microsoft Forefront Endpoint Protection 2010 Server Setup wizard opens.

  3. On the Welcome page:

    1. In the Name box, type your name.

    2. In the Organization box, type the name of your organization, and then click Next.

  4. On the Microsoft Software License Terms page, review the license agreement. If you accept the terms and conditions, select the I accept the software license terms check box, and then click Next.

  5. On the Installation Options page, select Advanced topology, and then click Next.

  6. On the Advanced Topology page, select Configuration Manager Console Extension for FEP 2010, and then click Next.

  7. On the Installation Location page, specify the root folder for the installation, and then click Next.

  8. On the Prerequisites Verification page, review the verification results, and then click Next. If there are verifications that failed, in the row of each failed verification, in the Details column, click More to determine the cause, and then take appropriate action.

  9. On the Setup Summary page, review the details, and then click Install.

    The Installation page shows the installation progress of each installation item. When the installation successfully completes, click Next.

  10. On the Installation Complete page, click Finish.

Next Steps

Once you have completed the installation, you should validate the installation. For more information, see Validating the Installation.

Tasks

Installing Using Basic Setup
Installing Using Basic with a Remote Reporting Database Setup
Installing the FEP 2010 Console Extension for Configuration Manager