Validating the Installation
Applies To: Forefront Endpoint Protection
Once you have completed the installation, you can validate the installation by checking for Forefront Endpoint Protection in the Configuration Manager console, or by examining the log files created by Setup.
To verify the Forefront Endpoint Protection Server installation
Open the Configuration Manager console.
Note
If the Configuration Manager console was open during the Forefront Endpoint Protection server installation, close and then reopen the console.
In the Configuration Manager console, verify that the following are present:
The Forefront Endpoint Protection collections—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, expand Collections, expand FEP collections, and then check for the following collections:
Definition Status
Deployment Status
Operations
Policy Distribution Status
Protection Status
Security Status
The Forefront Endpoint Protection packages—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, expand Software Distribution, click Packages, and then check for the following packages in the preview pane:
FEP - Deployment
FEP - Operations
FEP - Policies
The Forefront Endpoint Protection Desired Configuration Management configuration baselines—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, click Desired Configuration Management, click Configuration Baselines, and then check for the following configuration baselines in the preview pane:
FEP - High-Security Desktop
FEP - Laptop
FEP - Performance-Optimized Desktop
FEP - Standard Desktop
FEP Monitoring - Antimalware Status
FEP Monitoring - Definitions and Health Status
FEP Monitoring - Malware Activity
FEP Monitoring - Malware Detections
The Forefront Endpoint Protection node—Expand System Center Configuration Manager, expand Site Database, expand Computer Management, click Forefront Endpoint Protection, and then check for the following:
In the preview pane, the Forefront Endpoint Protection Dashboard
The Policies child node
The Alerts child node
The Reports child node
Installation Log Files
During installation, Forefront Endpoint Protection uses log files that can be helpful in locating and resolving issues. Log files are in text format and you can view them by using a text editor.
Server log files are located in the following location:
If you installed Forefront Endpoint Protection on Windows Server 2003, %AllUsersProfile%\Application Data\Microsoft Forefront\Support\Server
If you installed Forefront Endpoint Protection on Windows Server 2008, %AllUsersProfile%\Microsoft Forefront\Support\Server
The file names are in the following format:
LogFileName_Date_Time.log
where the following is true:
LogFileName is the name of the log file.
Date is the day, month, and year the log was created, in the format DDMMYYY.
Time is the hour, minute, and second the log file was created, in the format HHMMSS.
The following table lists setup log files and the components with which they are associated.
| Log file | File name |
|---|---|
Forefront Endpoint Protection Site Server Extensions |
FEPExt_xxx_xxx.log |
Forefront Endpoint Protection Reporting Components |
FepReport_xxx_xxx.log |
Forefront Endpoint Protection Console Extensions |
FEPUX_xxx_xxx.log |
Forefront Endpoint Protection Setup |
ServerSetup_xxx_xxx.log |
Client log files are, by default, located in the following location:
If you installed Forefront Endpoint Protection on Windows XP, Windows Vista, or Windows 2003, %allusersprofile%\Microsoft\Microsoft Security Client\Support
If you installed Forefront Endpoint Protection on Windows 7 or Windows Server 2008, %ProgramData%\Microsoft\Microsoft Security Client\Support
The following table lists setup log files and the components with which they are associated.
| File name |
|---|
MSSecurityClient_Setup_epp_install.log |
MSSecurityClient_Setup_FEP_install.log |
MSSecurityClient_Setup_mp_ambits_install.log |