Microsoft System Center Endpoint Protection Client Overview

The Microsoft System Center Endpoint Protection (SCEP) is the current recommended Antivirus/Malware application for university-owned computers.  This application allows for Managed and Non-Managed client, below is an overview of the clients for Windows and Mac.  The University recommends Microsoft Security Essentials for personal Windows based computers please visit Installing Microsoft Security Essentials for more information. For personally owned Macs please install Clam X Antivirus.

General Overview

Windows

The System Center Endpoint Protection for Windows has four main tabs.  The tabs are Home, Update, History, and Settings.  Depending on whether you are running the Managed or Non-Managed client some settings may be different.

  • Manged client has predefined settings and only allows some settings to be defined by the user. If the setting is greyed out then this means the setting can not be changed by the user.
  • Non-Managed client allows you to make changes to to all of the settings.

Home

 

Microsoft System Center Endpoint Protection (SCEP) Home Tab for Managed Client

Microsoft System Center Endpoint Protection (SCEP) Home Tab for Managed Client

  • Allows you to choose to run a Quick, Full, or Custom scan.
    • Quick scan – checks the areas that malicious software, including viruses, spyware, and unwanted software are most likely to affect
    • Full scan –  checks all files on your hard disk and checks all running programs.  Depending on on your system this scan may take more then one hour.
    • Custom scan – checks only the locations and files that you select.
  • Shows the following
    • If the Real-time protection is On or Off
    • If the Virus and spyware definitions are Up to date

Update

Microsoft System Center Endpoint Protection (SCEP) Update Tab for Managed Client

Microsoft System Center Endpoint Protection (SCEP) Update Tab for Managed Client

  • Allows you manually update definitions
  • Shows the following:
    • Definitions created on:  Date and Time
    • Definitions last updated:  Date and Time
    • Virus definitions version:  Version Number
    • Spyware definition version:  Version Number

History

 

Microsoft System Center Endpoint Protection (SCEP) History Tab for Managed Client

Microsoft System Center Endpoint Protection (SCEP) History Tab for Managed Client

  • Allows you to view the following Items
    • Quarantined Items – Items that have been deemed as malicious software, virus, or spyware.
    • Allowed Items – Items that you chosen as acceptable files.
    • All detected items – Items that were detected on your computer.
    • View Details – Shows more information about the items that have been quarantined and allowed items.  You will need to click on this to view any of the items.

Settings

Microsoft System Center Endpoint Protection (SCEP) Settings Tab for Managed Client

Microsoft System Center Endpoint Protection (SCEP) Settings Tab for Managed Client

  • Allows you to set the below items.
  • Scheduled Scan– Sets the time when a scan should be ran on the computer.
    • Scan Type – Allows  Quick, Full, or Customer scan be chosen.
    • When – Choose the day the scan will run.
    • Around – Time the scan runs.
    • Daily quick scan time around: – Allows you to set a time to run a quick scan during the day.
    • Check for the latest virus and spyware definitions before running a scheduled scan – This option sets the ability to run a definitions update before running a scan.
    • Start the scheduled scan only when my PC is on but not in use – Setting for the scan to only run while your computer is on.  If the computer is in hibernation or sleep mode the scan will not run.
    • Limit CPU usage during scan to – The sets the limit for the amount or percentage of Central Processing Unit used to run the scan.
  • Default actions – Allows you to set a default action to take when System Center Endpoint Protection finds a potential or known threat based on alert level. There are four threat levels, Severe, High, Medium, and Low.  You are able to set whether SCEP will Remove, Quarratine, or Allow a threat for the level.
  • Real-time protection – This setting allows the user to turn on real time protection meaning the SCEP will run and protect the computer while in use.  This will allow you check the options to scan downloads, monitor file and program activity, enable behavior monitoring, and enable Network Inspection System.
  • Excluded files and locations – Allows a user to set certain file types and locations where the files are stored to be excluded from the scan. Some file types are already preset if you are using the managed client.
  • Excluded file types – Allows you set the specific file types that you would like to be excluded in the scan.
  • Excluded processes – Allows you to set the specific process to exclude from the scan.
  • Advanced
  • Scan archive files – Allows archive files to be included during the scan.
  • Scan removable drives – Allows removable drives such as (usb or external HDD) to be scanned.
  • Create a System Restore point – This option creates a restore point that can be used by SCEP to return to in case the items deleted or removed from the system cause an issue.
  • Allow all users to view the full History Results – Allows all the users of the computer to see the history results for that computer (Not Recommended to set this).
  • Microsoft Active Protection Service (MAPS) – This setting allows you to control what information is sent to Microsoft about the current potentially unwanted software, malware, and viruses.  The recommend setting is Basic membership and is the default setting for Managed client users.

Mac

The System Center Endpoint Protection for Mac has six main tabs.  The tabs are Protection Status, Computer Scan, Update, Setup, Tools, and Help.  The University only offers a Non-Managed client.

  • Non-Managed client allows you to make changes to to all of the settings.

Protection Status

Mac-NonManaged-Protection Status

 

  • Shows what type of protection
  • Number of blocked attacks
  • Version of virus signature database ( xxxx (YYYYMMDD) )

Mac-NonManaged-Statistics

  • Statistics sub tab – shows a visual representation of infected and cleaned objects.

Computer Scan

Mac-NonManaged-ComputerScan

  • Allows you to run a Smart Scan or Custom Scan
    • Smart Scan – Local disk scan
    • Custom Scan – Allows you to choose which profile to use and target drive to scan.
    • Scan Setup – Allows you to setup a custom scan

 

Update

Mac-NonManaged-Update

 

  • Allows you to update virus signature database
  • Shows the Last Successful Update
  • Version of virus signature database ( xxxx (YYYYMMDD) )

 

Setup

Mac-NonManged-Setup

Mac-NonManaged-SetupAVAS

 

  • Antivirus and antispyware (Also available as a Sub Tab) – Allows a user to enable or disable real-time protection ( enabled by default).
  • Configure proxy server… –  Allows customer to setup a proxy server (Not recommended for University Purposes).
  • Import and export settings… – Allows the user to Import Settings or export settings for backup.
  • Revert all settings to defaults – Reset all settings back to default.
  • Enter application preferences… – Allows the user to customize the installer to their preference, You can change several settings for the application by choosing the appropriate tabs.

Tools

Mac-NonManaged-Tools

 

  • Shows the sub tabs Log Files, Quarantine, and Scheduler

Mac-NonManaged-Tools-logfiles

  • Log Files – Shows the log files that are available.

Mac-NonManaged-Tools-Quaratine

  • Quarantine – Shows the number of files in a list that have been blocked my SCEP.

Mac-NonManaged-Tools-Scheduler

  • Scheduler – Allows the user to set and modify scheduled task.

Help

Mac-Non-Managed-Help

  • This shows the help and support options from Microsoft.