Dashboard Overview

  • Article

Applies To: Forefront Endpoint Protection

The Forefront Endpoint Protection dashboard provides key information for tracking the status of client software deployments, antimalware activity, definition updates, policy distributions, and client software compliance. The dashboard contains several summary areas displayed on a single page, works by querying the Configuration Manager Site database, and uses the resulting data sets to present key metrics in a graphical format.

The Forefront Endpoint Protection dashboard is located in the Configuration Manager console, in the following path in the tree:

Site Database / Computer Management / Forefront Endpoint Protection

The following table describes the summary areas displayed in the Forefront Endpoint Protection dashboard.

Summary area Description

Client Deployment Status

This area displays the following information:

  • The number of computers in your organization to which the client software was not targeted.

  • The number of computers in your organization to which the client software is targeted.


    The set of computers to which the client software is targeted is divided into the following deployment states:

    • Removed

    • Failed

    • Pending

    • Out of date

    • Deployed

Protection Status

This area displays the reporting status for the FEP client software.

There are three possible status values:

  • Protection service off—The number of computers on which the FEP antimalware service is turned off.

  • Not reporting—The number of computers to which the FEP client has been deployed, but have not sent a status report back to the Configuration Manager server in the past 14 days.

  • Healthy—The number of computers running the FEP client software and have sent a status report back to the Configuration Manager server in the past 14 days.

Security Status

This area displays information about malware activity in your organization. The possible states of the FEP client software are as follows:

  • Infected—The number of computers on which the FEP client software has detected active malware.

  • Restart required—The number of computers running the FEP client software that require a restart in order to complete malware cleaning.

  • Full scan required—The number of computers running the FEP client software that require a full scan.

  • Recent malware activity (Last 24 hours)—The number of computers on which the FEP client software detected and cleaned malware within the last 24 hours.

Definition Status

This area displays information about the age of the FEP antimalware definitions on the client computers. Computers are listed according to the age category into which the definitions fall.

The following is a list of possible categories:

  • Older than 1 week—The number of client computers with definitions more than one week old.

  • Up to 7 days old—The number of client computers with definitions up to one week old.

  • Up to 3 days old—The number of client computers with definitions up to three days old.

  • Up to date—The number of client computers with up-to-date definitions.

Data for this dashboard area is collected by Configuration Manager Desired Configuration Manager (DCM) baselines. For more information about DCM baselines and Forefront Endpoint Protection, see Using Desired Configuration Management to Monitor Client Compliance.

Policy Distribution Status

This area displays information about the possible policy distribution states for the FEP client software.

The following is a list of the possible states:

  • Failed—The number of computers to which a policy could not be deployed.

  • Pending—The number of computers to which a policy is in the process of being deployed.

  • Distributed—The number of computers to which a policy was successfully deployed.

Forefront Endpoint Protection Baselines

This area displays summary status information for FEP client compliance with FEP configuration baselines. For more information, see Using Desired Configuration Management to Monitor Client Compliance.

Note

Dashboard metrics are based on data gathered by Configuration Manager at scheduled intervals and may not reflect the most recent information.