Sunday, November 18, 2012

System Center 2012 Endpoint Protection (SCEP) Cookbook Review

A few weeks ago, I was given the opportunity to review a recently released book by Packt Publishing about System Center 2012 Endpoint Protection (SCEP).

SCEP 2012 is effectively the latest version of Microsoft's Forefront Endpoint Protection Anti-Virus and Anti-Malware suite but instead of it being a standalone product like it's predecessor, this release is integrated as a new addition to the System Center 2012 Configuration Manager (SCCM/ConfigMgr) product.


People that know me (or anyone who reads this blog) will know that I typically keep away from working in depth with SCCM and instead try to focus on SCOM, Orchestrator, VMM, AppController and DPM with a working knowledge of SCSM thrown in for good measure! The reason for this is that apart from the facts that SCCM is such a huge product in itself and takes a long time to upskill to expert level on, we have a number of excellent SCCM consultants and Subject Matter Experts working in our company that would generally be involved in these types of customer deployments.

With the new licensing model that Microsoft has released for System Center 2012 (where a customer now can't individually purchase a single System Center product any more and instead needs to purchase the whole suite in one go), any new features or Unique Selling Points (USP's) that I can talk about when consulting with potential new System Center 2012 customers is a massive bonus. That's where SCEP 2012 comes in and why my motivation to review this new book stems as much from my own desire to learn more about the product and it's deployment as opposed to just recieving a free copy of it for personal use!

You might be thinking to yourself, "What exactly has a cookbook got to do with System Center?" and to be fair, the concept of technology centered cookbooks is new to me too. The idea of these books is to provide people who already have a basic understanding of a given technology (in this case SCEP or SCMM) with a set of 'recipes' for solving problems related to it. The publisher explains the cookbook concept in detail here.

The Book

Lead author on the book is Andrew Plue and it was reviewed by Nicolai Henriksen (SCCM MVP), Matthew Hudson (SCCM MVP) and Stephan Wibier.

Although I have this book nearly 3 weeks now, I intentionally left it until this week to have a read through it as I'm involved in building a new System Center 2012 demo environment in our datacenter and wanted to work through it to see if it would help me get the SCEP side of the demo up and running without calling in help from our SME's.

The book is just over 200 pages in lenght and contains the following chapters:

Chapter 1, Getting Started with Client-Side Endpoint Protection Tasks, provides a number of recipes for performing tasks at the local client level, such as forcing a definition update or modifying the SCEP client policy.

Chapter 2, Planning and Rolling Installation, will walk you through some of the considerations you will need to make before deploying SCEP, as well as showing you how to enable the SCEP role on your SCCM server.

Chapter 3, SCEP Configuration, will show you recipes for performing essential tasks, such as configuring SCEP policies and alerts, as well as walking you through the process of setting up SCEP's reporting features.

Chapter 4, Client Deployment Preparation and Deployment, includes a number of recipes to assist you with every step of client deployment from preparation to actually deploying the clients.

Chapter 5, Common Tasks, covers a number of day-to-day tasks that every SCEP administrator will need to know how to do it correctly in order to keep SCEP healthy and your Endpoints protected from malware.

Chapter 6, Management Tasks, covers important high level tasks, such as using policy templates, merging polices, and responding to SCEP alerts.

Chapter 7, Reporting, makes a deep dive into the reporting capabilities offered with SCEP. You will be shown how to execute reports, as well as provide access to reports. You will also be shown how to create your own custom reports.

Chapter 8, Troubleshooting, provides you with some tools to assist you with the time-consuming effort of troubleshooting an anti-malware product. The recipes in this chapter will help you deal with Definition Update issues, as well as how to approach false positives.

Chapter 9, Building an SCCM 2012 Lab, is a great chapter for anyone who has not yet taken the plunge on SCCM 2012. There is just a single recipe in the chapter that will show you the quickest down-and-dirty method for standing up an SCCM 2012 server in a lab environment. This is vital to anyone considering deploying SCEP, because with the total integration of SCEP with SCCM 2012, you can't experience SCEP without an SCCM environment.

My Thoughts

After reading through pretty much the whole book this week, I found the information to be concise and to the point. With its help, I managed to easily setup my demo environment with SCEP 2012 and learned how to quickly configure it to best practice recommendations. I also thought that the 'Notes', 'Tips and Tricks' and 'How It Works' sections scattered throughout the book provided some really good information that was evident of the real-world deployment experience the author and reviewers had.

Overall, if you're thinking of deploying SCCM 2012 with SCEP or if you have already deployed it and don't feel that you are getting enough out of it, then I'd recommend this book as a handy companion to get you up and running!

You can order the book in 'dead tree' format from Amazon here or in Kindle format from here.

Also, if you like this type of cookbook, then you might want to consider signing up to the publishers PacktLib which apart from serving as a portal to access your purchased books, from time to time they release free e-books on it that can come in handy as part of your technical library.

No comments:

Post a Comment