Endpoint Protection in Windows Intune
Updated: January 1, 2014
Applies To: Windows Intune
Windows Intune Endpoint Protection helps enhance the security of computers in your organization by providing real-time protection against potential threats, keeping malicious software definitions up to date, and automatically running scheduled scans. The Windows Intune Endpoint Protection workspace in the Windows Intune administrator console provides Endpoint Protection status summaries so that if malicious software is detected on a managed computer, or if a computer is not protected, you can quickly identify the affected computers and take appropriate action. You can also configure alert notification rules to notify you or others by email of a detected threat. For more information, see Configure Windows Intune Alert Notification Rules.
You can schedule automatic scans by using Policy, and at any time you can also run a remote task to initiate a quick scan or a full scan, or update malware definitions on a computer. For more information about running remote tasks, see Running Remote Tasks from the Windows Intune Administrator Console. A quick scan checks the places, processes in the memory, and registry files on the hard disk that malicious software, or malware, is most likely to infect. A full scan checks all files on the hard disk and all currently running programs, so a full scan could cause managed computers to run slowly until the scan is complete. By default, quick scans are scheduled daily at 2 A.M. on computers that are not being used. Also by default, Windows Intune checks for the latest virus and spyware definitions before quick scans are run. For more information about scheduling automatic scans, see Managing Device Security with Windows Intune.
Links on the Endpoint Protection Overview page in the console connect you to relevant Microsoft Malware Protection Center topics where you can learn more about malicious software that might be affecting computers in your organization.