Best Practices for Endpoint Protection in Configuration Manager
Updated: January 1, 2012
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Endpoint Protection, System Center 2012 Endpoint Protection SP1, System Center 2012 R2 Configuration Manager, System Center 2012 R2 Endpoint Protection
Use the following best practices for Endpoint Protection in System Center 2012 Configuration Manager.
When you configure client settings for Endpoint Protection, do not use the default client settings because they apply settings to all computers in your hierarchy. Instead, configure custom client settings and assign these settings to collections of computers in your hierarchy.
When you configure custom client settings, you can do the following:
Customize antimalware and security settings for different parts of your organization.
Test the effects of running Endpoint Protection on a small group of computers before you deploy it to the entire hierarchy.
Add more clients to the collection over time to phase your deployment of the Endpoint Protection client.
If you are using Configuration Manager software updates to distribute definition updates, consider placing definition updates in a package that does not contain other software updates. This keeps the size of the definition update package smaller which allows it to replicate to distribution points more quickly.
Other ResourcesPlanning for Endpoint Protection in Configuration Manager
For additional resources, see Information and Support for Configuration Manager.
Tip: Use this query to find online documentation in the TechNet Library for System Center 2012 Configuration Manager. For instructions and examples, see Search the Configuration Manager Documentation Library.