Introduction

System Center Endpoint Protection is Microsoft's antimalware product for small, large, and enterprise businesses.

It is not a free product, so you do need to be licensed to install and manage your clients with System Center Configuration Manager (SCCM) or Intune. It's very easy to set up and manage in both management systems, but Configuration Manager has more advanced features when it comes to policy configuring and adapting the antimalware product for your workstations and servers.

Endpoint Protection can also be installed on Mac OSX. Since SCCM also has a client agent for Mac OSX, you have a complete antimalware solution to handle and protect your Mac machines too. It's important not to forget this option, as incidents of attacks and malware keep rising on that platform as well. There is also Endpoint Protection support for Linux now.

If or when you're running in Microsoft Azure you now have the ability to enable Microsoft Endpoint Protection on your virtual machines or services running in Azure. Just a few clicks away, using some neat PowerShell scripts, you have the ability to enable and configure Endpoint Protection throughout the whole server park on several servers.

Microsoft has done a pretty good job on their antimalware product with System Center Endpoint Protection, and continues to improve greatly.

In my opinion, for over almost a decade (since back in the days when it was called Forefront) it has proven to be a worthy competitor to other well-known security, anti-virus and antimalware products on the market. I've worked with most of them and seen them in action. It strikes me that System Center Endpoint Protection works fast and effortlessly with minimum impact on the system compared to others. It is important to mention it has never let me or any of my customers down when it comes to handling malware. However, of course, if an administrator is very careless, they could easily get some nasty piece of software installed. The product has come a long way and is constantly improving. It is slightly false positive and is pretty good in proactive detection of unknown and mutated malware code. This is very important today, as that is the one thing hijackers and malware code writers usually do to try to hide or escape from security products.

Versioning in System Center Configuration Manager is new.

The 1511 build is the first and the base build of the new Configuration Manager platform. Microsoft will not brand it the 2016 version, because this will be continuously updated over the years to come with new builds, with the first two digits indicating the year and the second two the month it's released.

1602 is the latest baseline version you can install at the moment when setting up a new System Center Configuration Manager hierarchy in your business. From there you can upgrade from within the console pretty easily to the next version available through the update channel.

With each new build upgrade it's very likely there will be improvements and new features regarding Endpoint Protection as well. So it's even more important to keep your SCCM environment up-to-date when you have that role established.