Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Microsoft System Center Endpoint Protection Cookbook
Microsoft System Center Endpoint Protection Cookbook

Microsoft System Center Endpoint Protection Cookbook: Over 31 simple yet incredibly effective recipes for installing and managing System Center 2016 Endpoint Protection , Second Edition

eBook
$9.99 $39.99
Paperback
$48.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

Microsoft System Center Endpoint Protection Cookbook

Chapter 1. Planning and Getting Started with System Center Endpoint Protection

In this chapter, we will cover the following recipes:

  • How does Endpoint Protection in Configuration Manager work
  • Planning for Endpoint Protection
  • Prerequisites of the infrastructure
  • Best practices for Endpoint Protection in Configuration Manager
  • Administrating workflow for Endpoint Protection in Configuration Manager

Introduction

System Center Endpoint Protection is Microsoft's antimalware product for small, large, and enterprise businesses.

It is not a free product, so you do need to be licensed to install and manage your clients with System Center Configuration Manager (SCCM) or Intune. It's very easy to set up and manage in both management systems, but Configuration Manager has more advanced features when it comes to policy configuring and adapting the antimalware product for your workstations and servers.

Endpoint Protection can also be installed on Mac OSX. Since SCCM also has a client agent for Mac OSX, you have a complete antimalware solution to handle and protect your Mac machines too. It's important not to forget this option, as incidents of attacks and malware keep rising on that platform as well. There is also Endpoint Protection support for Linux now.

If or when you're running in Microsoft Azure you now have the ability to enable Microsoft Endpoint Protection on your virtual machines or services running in Azure. Just a few clicks away, using some neat PowerShell scripts, you have the ability to enable and configure Endpoint Protection throughout the whole server park on several servers.

Microsoft has done a pretty good job on their antimalware product with System Center Endpoint Protection, and continues to improve greatly.

In my opinion, for over almost a decade (since back in the days when it was called Forefront) it has proven to be a worthy competitor to other well-known security, anti-virus and antimalware products on the market. I've worked with most of them and seen them in action. It strikes me that System Center Endpoint Protection works fast and effortlessly with minimum impact on the system compared to others. It is important to mention it has never let me or any of my customers down when it comes to handling malware. However, of course, if an administrator is very careless, they could easily get some nasty piece of software installed. The product has come a long way and is constantly improving. It is slightly false positive and is pretty good in proactive detection of unknown and mutated malware code. This is very important today, as that is the one thing hijackers and malware code writers usually do to try to hide or escape from security products.

Versioning in System Center Configuration Manager is new.

The 1511 build is the first and the base build of the new Configuration Manager platform. Microsoft will not brand it the 2016 version, because this will be continuously updated over the years to come with new builds, with the first two digits indicating the year and the second two the month it's released.

1602 is the latest baseline version you can install at the moment when setting up a new System Center Configuration Manager hierarchy in your business. From there you can upgrade from within the console pretty easily to the next version available through the update channel.

With each new build upgrade it's very likely there will be improvements and new features regarding Endpoint Protection as well. So it's even more important to keep your SCCM environment up-to-date when you have that role established.

How does Endpoint Protection in Configuration Manager work

This will give you a good understanding as to how Endpoint Protection in Configuration Manager works, so that you will have a better understanding when you deploy and manage this in your environment.

Endpoint Protection together with Configuration Manager is a pretty powerful solution and you need to get it right so the harm done is minimum. The better solution you provide, and the better the job you do, the more proactive and productive your co-workers will be.

How to do it…

System Center Endpoint Protection is not a standalone product; it is integrated into the popular and great management and deployment product called SCCM, it's a dedicated role and the installation binary lies among the Configuration Manager client installation files. So you need both the System Center Configuration Manager Client and System Center Endpoint Protection to make this work. This provides great benefits when it comes to control, deployment and monitoring of the antimalware software in your organization. Every anti-virus or antimalware product needs a management client or module that can handle downloading and installation, and control and handle different actions to make sure that the antimalware product itself is operating as it should.

System Center Endpoint Protection has no built-in or dedicated management module of its own, so it is designed to be managed as well as licensed through the System Center Configuration Manager or Microsoft Intune.

Microsoft has always been good at making use of technology that's already available, and for the most part this gives more advantages than drawbacks. Every antimalware product needs a management client to monitor, set policies, deploy and update their product. Microsoft has not created a separate management agent for their Endpoint Protection because they had one already with SCCM. Given that it's being used today by approximately 70% of all businesses on the planet, it was an easy choice. So they made it work together with all the features in the same console that you use to manage your workstations, servers and devices. With this, you save resources such as processing and memory on your client as well as on the server side, and it simplifies management too. In most cases, businesses save money on their licenses as well, since they are already licensed to run this.

This is what the client GUI looks like. It's very smooth, clean, and easy to use, and gives clear indications if something is wrong. Green is good and Red is bad.

How to do it…

Endpoint Protection Client graphical user interface

For definition and engine updates it uses Windows Update with Microsoft's own definitions, so there is no need for any extra download components to make it work. This also has the benefit that it will be coordinated with other Windows Update installations so they don't encounter any conflicts during installation. Windows Update fetches the updates from either a local Windows Server Update Services (WSUS) or by SCCM. If it cannot reach those it will continue, after a given amount of time, to download it over the Internet directly from Microsoft.

With the use of Configuration Manager to handle Endpoint Protection, it will give you the following benefits as mentioned on http://slothx.net/wiki/SC2012_ConfigMgr_PDFDownload.pdf:

  • Remediation of malware and spyware.
  • Remediation of rootkit detection.
  • Remediation of potentially unwanted software (this is a new feature in version 1602 of SCCM).
  • Assessment of critical vulnerability with automatic updates of definition and engine.
  • Network Inspection System vulnerability detection.
  • Malware reported directly through Microsoft Active Protection Services. When you join and enable this service, it will trigger the client to download the latest definitions from the Malware Protection Center when unidentified malware is detected on a computer.

System Center Endpoint Protection has another nice feature when running virtualized environments, as many do these days: if you want to preserve disk IO as well as excessive CPU usage while antimalware is doing its scheduled scanning, you can set System Center Endpoint Protection to randomize the scanning start time so that they do not occur simultaneously on all guest machines that are hosted by the server.

Windows 10 is now supported (from version System Configuration Manager 2012 SP2), and we will cover that in more detail later in the book. SCCM manages Defender, which comes with Windows 10, and which is basically the same as Endpoint Protection.

What made Endpoint Protection that good

In my opinion, Microsoft made some very good investments over a large period of time. They launched a free antimalware product called Microsoft Security Essentials back in 2009-2010. The beta release was installed on millions of home computers, and boy did it did detect a lot of different kinds of malware. Many of the computers had not been protected for a long period of time because their previous antimalware product had expired, often the trial version that came installed with Windows when they bought it, and which was not working right or had not been updated for some reason. So Security Essentials had a couple of years to toughen up, so to say, and get stronger by learning what to deal with around the world. The users were happy; they got a free antimalware product that was getting better and better day by day.

The other aspect that has a huge impact on how well Endpoint Protection is working and how they got it to run so smoothly is that Microsoft has great knowledge of their own products. They know all the bits and pieces of how the operating system works and most of the applications that run on every machine and server on the planet. They have a very large Security Response Network Cloud Center that monitors all threats within a split second around the world and can instantly take action in the case of a massive outbreak.

Planning for the Endpoint Protection

Put on an architect's hat and let's see how to implement the Endpoint Protection role in your business.

Often there are actually very few considerations when you need to implement and engage Endpoint Protection in your business, especially if you already have Configuration Manager or Intune installed. There are a couple of important topics to understand in the planning phase: as in what do I need to consider, and why? Endpoint Protection utilizes the Configuration Manager client to transport the policies and actions it requires. That part of the operation flows very smoothly though the existing Configuration Manager hierarchy you are most likely to have set up. The heavy part regarding bandwidth utilization would be the definition package and engine update, depending on whether you already have a well-structured and organized software update point role in place or not, as the software will update two or three times a day. Then it needs to deliver these packages and transport them to the Distribution Point servers in your hierarchy. There are therefore a few things to consider. You will find more information and tips about some of these settings in further chapters of this book.

How to do it…

First of all, it's for sure that you cannot have two antimalware products running on your workstations or servers. If that happens, you are likely to crash the operating system and, worst case, it won't start up again other than by booting in safe mode. If that's the case, you would have a huge job ahead of you because this would involve a manual approach to handle every machine.

Now that would be a worst case scenario, and in my experience it never happens because you plan, test and deploy in a controlled matter. Luckily, Microsoft has put in an automatic detection of a few other antimalware products and a fully automatic removal of those products as best it can. It is working pretty well in my experience, but I would rather use it as a fail-safe mechanism if your own removal plan should fail.

The current list of products that Microsoft will try to remove if they exist on any machine you're deploying Endpoint Protection to can be found at https://technet.microsoft.com/en-us/library/gg682067.aspx#BKMK_EndpointProtectionDeviceSettings.

  • Symantec Antivirus Corporate Edition version 10
  • Symantec Endpoint Protection version 11
  • Symantec Endpoint Protection Small Business Edition version 12
  • McAfee VirusScan Enterprise version 8
  • Trend Micro OfficeScan
  • Microsoft Forefront Codename Stirling Beta 2
  • Microsoft Forefront Codename Stirling Beta 3
  • Microsoft Forefront Client Security v1
  • Microsoft Security Essentials v1
  • Microsoft Security Essentials 2010
  • Microsoft Forefront Endpoint Protection 2010
  • Microsoft Security Center Online v1

This automatic uninstall setting is located in the client setting of the Configuration Manager and is turned ON by default when Enabling Endpoint Protection.

However, I encourage you to do some research in your organization, about what products are in use right now. It might be more than you might think; most people are in for a surprise or two on what's running, especially on the workstations. Most likely you will have a handful of different antimalware software running, so you need to do some digging around, and once you have a Configuration Manager with a full inventory of all your clients' antimalware software, that's not a big problem. You just need to have some knowledge about what to look for. When you have identified the different products, you need to plan how to uninstall and get rid of them in a safe way, whilst at the same time keeping the machine secure, since you don't want to leave the machine unprotected.

Secondly, you need to ensure that Endpoint Protection will be able to get updates. Now this is very important, and you have some options that may have an impact depending on what your network infrastructure looks like. Do you have many remote locations, do you have satellite connections, and do your laptops travel a lot?

The Endpoint Protection role needs to be installed on your Central Administration Site (CAS) if you have one, and it needs to be installed on your Primary Site servers as well.

In the following graphic you can see different scenarios with a CAS Central Administration Site Server on top, then a Primary Site followed by a Secondary Site. Following that, you might even have dedicated Distribution Points servers to smaller locations or clients. Secondary Sites are generally fading out unless you have very large branch offices or locations with several thousand clients. However, the scenario following is for very large businesses that need redundancy and security.

How to do it…

Large business SCCM hierarchy

The hierarchy for most businesses, where you have a Primary Site server on top and a Distribution Point server following placed at branch offices or locations around the world, is shown in the following figure:

How to do it…

Conventional business SCCM hierarchy

You can see a simple illustration of how Intune work in the following figure. Every client talks directly over the Internet to Azure in the Cloud. It has both upsides and downsides, but requires very little infrastructure and it's easy to maintain:

How to do it…

Principal network schematic picture of Microsoft Intune

Prerequisites of the infrastructure

Endpoint Protection in System Center 2012 Configuration Manager has external dependencies and requirements in the product to make it work. This depends somewhat on what platform you're running on, and what your infrastructure and network looks like. You will find some pointers and tips later in this book. Now, you are most likely to have a WSUS in your infrastructure already, but you cannot use this with Configuration Manager. You need to set up a new one, as re-using an existing old WSUS server is not supported nor recommended by Microsoft. SCCM will setup and configure the WSUS with the settings from the Software Update Point role and therefore needs to be a fresh new database and WSUS installation.

Getting ready

First, start the Server Manager on your Windows Server, most likely at your primary site; or on the server that you will be using for the Software Update Point role for the SCCM hierarchy.

Getting ready

Windows Server Manager and status of Roles and Features Installed

The WSUS role should be installed. I recommend putting its database to the full SQL Server and not Internal Database. The SQL License is included with SCCM. Make sure Internal Database is not selected. You might want to install it as a separate instance on your SQL server for performance monitoring and balancing resources like memory, CPU and disk, but this is not a requirement. Remember to press Cancel on the last part of the Wizard when it wants you to configure the WSUS products and type of updates. Configuration Manager will take care of that part when setting up the software update role afterwards in Configuration Manager.

When WSUS is installed go into Configuration Manager Console and Administration.

Getting ready

Configuration Manager Console where you add Site System Roles

In Site Configuration | Servers and Site System Roles you would right click on the Server you want to use as the Software update point and click Add Site System Roles

From there it's pretty straight forward. Microsoft recommends using port 8530, and the WSUS Role installation in Server Manager suggests you use this. These are also the ports that are default when you're on Windows Server 2012 and 2012 R2. While on Windows Server 2008 and 2008 R2, the default ports are 80 and 443.

So the software update role in Configuration Manager uses and relies on the WSUS role in the Windows Server.

In the next chapter we will go through in more detail how to configure all the settings you need.

How to do it…

Regarding the planning phase, when it comes to Configuration Manager there are some external dependencies.

Note

Please see the Prerequisites at Microsoft Technet:

https://technet.microsoft.com/en-us/library/hh508780.aspx

How it works…

Basically the software update role within Configuration Manager utilizes and uses the WSUS role that comes with the Windows Server.

Best practices for Endpoint Protection in Configuration Manager

Use the following best practices for Endpoint Protection in System Center 2012 Configuration Manager.

How to do it...

It is a good practice in Configuration Manager and all management systems when dealing with deployment to test, test, and test again, given that you want to run changes in a smooth manner with as few surprises and as little noise as possible.

I would also recommend that you create a separate client setting policy that enables and installs Endpoint Protection, and that you deploy to a dedicated collection for this purpose when you start to test and deploy to computers, as the following screenshot will show you.

How to do it...

Configuration Manager Client setting where you configure Endpoint Protection Installation settings

The setting on the picture preceding Disable alternate sources (such as Microsoft Windows Update, Microsoft Windows Server Update Services, or UNC shares) for the initial definition update on client computers are important to pay attention to. This is enabled by default, because it may have a huge impact on your network. As the initial download of definitions that each client needs right after installation would be around 150MB, you might not want to download it over a low bandwidth connection.

More about this in Chapter 4, Updates.

So you have a collection where you've deployed the required definition update and added the client setting that deploys the Endpoint Protection client, you have created and deployed the appropriate Endpoint Protection policies, and you've also deployed to that collection, so you're good to go. Then you can just add more and more computers to that collection and monitor the results over time. I would recommend picking different kinds of computers in your organization to make sure the first phase of the Endpoint Protection deployment captures as many different environments and different users in the early stage as possible. The same method is actually recommended when it comes to software updates on a daily or weekly basis.

Speaking of software updates, it's recommended that you keep definition updates in a separate package that does not contain other software updates. This keeps the size to a minimum and allows replication to distribution points to operate more quickly and efficiently.

Administrating workflow for Endpoint Protection in Configuration Manager

When administrating and working with Endpoint Protection in SCCM you can follow this workflow list to make sure you have everything covered. You will find settings regarding Endpoint Protection in different places in the Configuration Manager Console so that it also makes sense in the management tool. Administrators usually find this easy when they are used to working with Configuration Manager and it gives great benefits and flexibility.

Getting ready

Make sure you have made a plan for your business on how you are going to deploy and manage Endpoint Protection. Also, undertake the required assessment to find what kind of antimalware or antivirus products might be installed on the machines and plan how to handle this.

How to do it…

Use the following workflow as a reference to help you enable, configure, manage and monitor Endpoint Protection in System Center 2012 Configuration Manager Technet link: https://technet.microsoft.com/en-us/library/hh526775.aspx.

Now you might have another antimalware product in your environment from before, and you need a solution that can help you replace that. So you need a way to uninstall the product you want to get rid of and install Endpoint Protection in the same process to keep the clients secure. We will cover this more thoroughly in another chapter in this book.

Left arrow icon Right arrow icon

Key benefits

  • This is the most practical and up-to-date book covering important new features of System Center 2016 Endpoint protection
  • Gain confidence in managing IT and protecting your server against malware and other threats
  • Configure and automate reporting features and also prepare yourself for a simple and pain-free migration process

Description

System Center Configuration Manager is now used by over 70% of all the business in the world today and many have taken advantage engaging the System Center Endpoint Protection within that great product. Through this book, you will gain knowledge about System Center Endpoint Protection, and see how to work with it from System Center Configuration Manager from an objective perspective. We’ll show you several tips, tricks, and recipes to not only help you understand and resolve your daily challenges, but hopefully enhance the security level of your business. Different scenarios will be covered, such as planning and setting up Endpoint Protection, daily operations and maintenance tips, configuring Endpoint Protection for different servers and applications, as well as workstation computers. You’ll also see how to deal with malware and infected systems that are discovered. You’ll find out how perform OS deployment, Bitlocker, and Applocker, and discover what to do if there is an attack or outbreak. You’ll find out how to ensure good control and reporting, and great defense against threats and malware software. You’ll see the huge benefits when dealing with application deployments, and get to grips with OS deployments, software updates, and disk encryption such as Bitlocker. By the end, you will be fully aware of the benefits of the System Center 2016 Endpoint Protection anti-malware product, ready to ensure your business is watertight against any threat you could face.

Who is this book for?

If you are a System Administrator or Engineer using System Center 2016 Endpoint Protection, then this book is for you. You should have a good background with Microsoft products in general, although no knowledge of Endpoint Protection is required.

What you will learn

  • • Explore the best practices for Endpoint Protection in System Center Configuration Manager
  • • Provision the Endpoint Protection Client in a Disk Image in Configuration Manager
  • • Get to know more about the Security Center
  • • Configure definition and engine client updates to be optimum for your bandwidth
  • • Make your application or server work with Endpoint Protection enabled
  • • Find out how to deal with typical issues that may occur with Endpoint Protection
  • • Know how to respond to infections that often occur
Estimated delivery fee Deliver to Malaysia

Standard delivery 10 - 13 business days

$8.95

Premium delivery 5 - 8 business days

$45.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Dec 19, 2016
Length: 216 pages
Edition : 2nd
Language : English
ISBN-13 : 9781786464286
Vendor :
Microsoft

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Malaysia

Standard delivery 10 - 13 business days

$8.95

Premium delivery 5 - 8 business days

$45.95
(Includes tracking information)

Product Details

Publication date : Dec 19, 2016
Length: 216 pages
Edition : 2nd
Language : English
ISBN-13 : 9781786464286
Vendor :
Microsoft

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 180.97
Microsoft System Center 2016 Service Manager Cookbook
$65.99
Microsoft System Center Configuration Manager Cookbook
$65.99
Microsoft System Center Endpoint Protection Cookbook
$48.99
Total $ 180.97 Stars icon
Banner background image

Table of Contents

9 Chapters
1. Planning and Getting Started with System Center Endpoint Protection Chevron down icon Chevron up icon
2. Configuring Endpoint Protection in Configuration Manager Chevron down icon Chevron up icon
3. Operations and Maintenance for Endpoint Protection in Configuration Manager Chevron down icon Chevron up icon
4. Updates Chevron down icon Chevron up icon
5. Security and Privacy for Endpoint Protection in Configuration Manager Chevron down icon Chevron up icon
6. Configuring and Troubleshooting Performance and Advanced Protection Chevron down icon Chevron up icon
7. Troubleshooting and Fixing Issues Chevron down icon Chevron up icon
8. Malware Handling Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.3
(6 Ratings)
5 star 66.7%
4 star 0%
3 star 33.3%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




Amazon Customer Jan 06, 2017
Full star icon Full star icon Full star icon Full star icon Full star icon 5
A must have
Amazon Verified review Amazon
Amitai Mar 16, 2017
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Very good book to learn about SCEP / Windows Defender
Amazon Verified review Amazon
Matthew H Jan 19, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is well written for the beginner and progresses them up towards a full Endpoint protection administrator. It will take the admin on a journey of both practical and applied knowledge. I recommend any administrator interesting in learning more in dept regarding Endpoint Protection to purchase this book.This book is exactly what it says on the cover, this is a cookbook to break down the subject into small pieces that can be easily absorbed and applied to any given environment. Given the complexity of Endpoint Protection policies, not everything can be packed into the book. With the numerous sets of examples, I would expect an admin would be able to implement this in the environment shortly after finishing this book.
Amazon Verified review Amazon
Harjit Dhaliwal Apr 02, 2017
Full star icon Full star icon Full star icon Full star icon Full star icon 5
System endpoint security is a critical aspect of modern day computing and we all have had our fair share in dealing with malware infections, and in some cases ransomware and cryptolocker attacks in our organizations. Microsoft has made great efforts in mitigating these security risks by providing a superior product called System Center Endpoint Protection (SCEP) for enterprises and Windows Defender which by default is included with Windows 10.A System Center Configuration Manager (ConfigMgr or SCCM) or a Microsoft Intune administrator is familiar with SCEP as it is the way to administer and manage SCEP in the enterprise. However, there are many aspects and intricacies of SCEP one is not aware of and has not fully utilized, and should. While I was dealing with some SCEP updates and anti-malware policies in my organization, I came across this awesome book written by Nicolai Henriksen, a Microsoft MVP in Enterprise Mobility. I decided to write a non-biased review of this book and credit the wonderful information contained within it.Nicolai’s SCEP cookbook is well written and vetted by another well respected Microsoft MVP in Enterprise Mobility, Ronni Pedersen, who I often interact with on social media on all things ConfigMgr. This book is shy of 200 pages and is laid out in eight easily digestible chapters and covers everything you need to know about SCEP from soup to nuts. You’ll learn how to plan and get started with SCEP, configuration, operations and maintenance, updates, security and privacy, configure advance protection, troubleshooting, and malware handling to name a few. It’s an information filled book with great tips and how to’s, and I particularly enjoyed how Nicolai included little segments throughout the book with tidbits such as “Getting ready….”, “How it works….”, and “How to do it….” which was perfect for my learning and understanding of the various concepts presented.As a ConfigMgr admin who has been working with the product for a number of years including working with System Center Endpoint Protection, I have learned things that I didn’t know, picked up some tips and tricks, have a better insight and understanding of SCEP, and I have gained a great reference for the product. I highly recommend this book to all ConfigMgr and Intune admins.
Amazon Verified review Amazon
S. Whitcher Apr 13, 2017
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
I purchased this book directly from the publisher, Packt. Unfortunately, it is not at all what I would expect based on the title and description on the cover. When I see a technical book with "Cookbook" in the title, I expect to see various examples (recipes) that I can choose from to implement in my environment. I want it to break down the bits and pieces that I can put together in different ways to come up with a solution customized to my needs. In my mind, The Windows Powershell Cookbook is probably the gold standard of what a technical 'cookbook' should look like. This book falls short.That said, the book does a decent job of being an introduction to administering System Center Endpoint Protection. It talks up the quality of SCEP, describes the different capabilities, explains how to install the necessary components to begin using SCEP, and how to configure anti-malware policies, firewall policies, definition updates, etc. I guess that's what the author/publisher considers a recipe. For someone who is just starting to consider using SCEP in their environment, or who wants a step by step walk-through on getting a basic configuration installed, this is probably the book that you're looking for. But if you are already already using SCEP beyond perhaps a Proof of Concept in a lab environment, I suspect that the content of this book will be too low level to be of use.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela