Hosted with ❤ by used sed to manipulate the contents of this file directly but as the file is using SCEP’s known structure, I thought I’d try scep_set, remembering that it has a –cfg option: -cfg=FILE configuration file Looking at the contents of this file, it appears to be structured in the same way as SCEP’s system wide preference file. SCEP stores these settings here (so totally ignoring Apple’s standards then!): ~/.scep/gui.cfg However, this looks interesting, and I started digging. I wasn’t aware that there were user-specific GUI preferences you could also manage (because there isn’t anything there I wanted to manage in my environment – I was lazy and only learned what I needed to get the job done). This definitely builds on what I’ve done so far, and after some tinkering, I think I’ve in turn built on that… Read on! Configuring User-specific GUI Preferences What’s really interesting is when someone contributes something, others often come forward and build on their work, ever-advancing it towards a state of pure got in touch with me on the Slack after I published part 1 and part 2 of my thoughts on managing SCEP. I would highly recommend anyone who is considering opting to use SCEP as their primary endpoint security product to add this book to their “IT Library”.The Mac Admins community is interesting (amongst other things!).
#Microsoft system center endpoint protection for mac review windows#
Nicolai also runs through how to protect against ransomware using the FSRM role in Windows Server (which incidentally inspired my recent post on this matter – ).
In the closing chapter of the book it runs through coping mechanisms for potentially unwanted programs, submitting suspect files to Microsoft, the role of the Enhanced Mitigation Experience Toolkit. Performance optimisations are discussed in chapter 3 and I would pay particular attention to the section on process exclusions ( ) as failure to apply the recommendations can result in undesirable effects. From creating collections based on the role of the client, to the hand in hand aspect of settings in both group policy objects and the SCCM console, all of which are covered here.
Nicolai does a great job at taking you through the process of adding the SCEP role in SCCM, deploying clients via both client settings and Windows imaging tools, reporting on client compliance and also provides tips and tricks to get more out of the product in terms of newer generation of security threats including potentially unwanted programs.ĭue to the fact SCEP is in effect a bolt on for SCCM, it is important to understand how the various aspects of management fit together. The truth of the matter is though that for the majority of environments, SCEP will provide you with high level of protection which is already licensed for when you have an SCCM environment in place. I think one of the main reasons for this is that fact that the protect on the surface might appear to be basic in nature, lacking the bells and whistles of the often complex option lists of top tier vendors. Microsoft Systems Center Endpoint Protection (formally Forefront Endpoint Protection) is a product which many people overlook during the exploration of the requirement to protect their servers and clients. Do Not Overlook Systems Center Endpoint Protection! The author in question is fellow Enterprise Mobility MVP, Nicolai Henriksen. The endpoint protection product in question is none other than Microsoft’s own Systems Center Endpoint Protection which ships as part of the Systems Center Configuration Manager product and to most of you it will look very similar to Windows Defender.