Prerequisites for Endpoint Protection in Configuration Manager
Updated: May 14, 2015
Applies To: System Center 2012 R2 Endpoint Protection, System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Configuration Manager SP2, System Center 2012 R2 Configuration Manager, System Center 2012 Endpoint Protection SP1, System Center 2012 Endpoint Protection, System Center 2012 R2 Configuration Manager SP1
Endpoint Protection in System Center 2012 Configuration Manager has external dependencies and dependencies in the product.
Important
In addition to these dependencies, to use Endpoint Protection in System Center 2012 Configuration Manager, you must have a license for System Center 2012 Endpoint Protection.
Dependencies External to Configuration Manager
The following table lists the external dependencies for running Endpoint Protection in Configuration Manager.
Dependency |
More information |
---|---|
Windows Server Update Services (WSUS) must be installed and configured for software updates synchronization if you want to use Configuration Manager software updates to deliver definition and engine updates. |
See Prerequisites for Software Updates in Configuration Manager. |
Some definition update methods require that client computers have Internet access. |
If you use any of the following methods to update definitions on client computers, the client computer must be able to access the Internet.
Important Clients download definition updates by using the built-in System account. You must configure a proxy server for this account to enable these clients to connect to the Internet. You can use Windows Group Policy to configure a proxy server on multiple computers. |
An SMTP server if you want to send email alerts |
See Step 1 (Optional): Configure Email Settings for Alerts in the How to Configure Alerts for Endpoint Protection in Configuration Manager topic. |
Hotfix requirement to deploy Windows Firewall policies. |
If you want to deploy Windows Firewall policies to computers running Windows Server 2008 and Windows Vista Service Pack 1, you must first install Hotfix KB971800 on these computers. |
Configuration Manager Dependencies
The following table lists the dependencies within Configuration Manager for running Endpoint Protection.
Dependency |
More information |
---|---|
Your standalone primary or central administration site must be running System Center 2012 Configuration Manager and have the Endpoint Protection point site system role installed and configured. Important The Endpoint Protection point site system role must be installed before you can use Endpoint Protection. It must be installed on one site system server only, and it must be installed at the top of the hierarchy on a central administration site or a stand-alone primary site. |
For more information about the requirements for the Endpoint Protection point site system role, see the Site System Requirements section of the Supported Configurations for Configuration Manager. For more information about to install this site system role, see How to Configure Endpoint Protection in Configuration Manager. |
A software update point site system role must be installed and configured to deliver definition updates if you want to use Configuration Manager software updates to deliver definition and engine updates. |
For more information about the requirements for the software update point site system role, see the Site System Requirements section of the Supported Configurations for Configuration Manager. For more information about how to install this site system role and configure it for Endpoint Protection, see Configuring Software Updates in Configuration Manager and How to Configure Endpoint Protection in Configuration Manager. |
Client settings that install the Endpoint Protection client and configure Endpoint Protection |
For information about the system requirements for the Endpoint Protection client, see the Computer Client Requirements in the Supported Configurations for Configuration Manager topic. For more information about how to configure the client settings for Endpoint Protection, see Step 5: Configure Custom Client Settings for Endpoint Protection in the How to Configure Endpoint Protection in Configuration Manager topic. |
The reporting services point site system role must be installed before Endpoint Protection reports can be displayed. |
|
Security permissions to manage Endpoint Protection |
You must have the following security permissions to manage Endpoint Protection:
The Endpoint Protection Manager security role includes these permissions that are required to manage Endpoint Protection in Configuration Manager. Note To perform the following actions, you must be a member of the Full Administrator security role.
For more information, see Configure Role-Based Administration in the Configuring Security for Configuration Manager topic. |