Re: Microsoft Forefront

["O'Connor, Ryan" <ryan.oconnor () UCONN EDU>]

We too are using SCEP and SCCM 2012 and it's been working really well for us so far.  SCCM 2012 deploys SCEP as part of 
the installation for us.  Additionally though, for departments that we don't really have in SCCM yet, we still use SCEP 
and manage it with a GPO.  We've been met with a lot of success in both instances.

-Ryan

From: Drew Perry <aperry () MURRAYSTATE EDU<mailto:aperry () MURRAYSTATE EDU>>
Reply-To: "aperry () murraystate edu<mailto:aperry () murraystate edu>" <aperry () murraystate edu<mailto:aperry () 
murraystate edu>>
Date: Tuesday, May 28, 2013 3:28 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] Microsoft Forefront

We are using Microsoft SCEP with SCCM management. We also use GPO's for initial enrollment. This solution helps monitor 
for "official" rogue devices, that is, machines brought online in University environments but not reported to central 
Information Systems.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry () murraystate edu<mailto:aperry () murraystate edu>

***MSU Information Systems staff will never ask for your password or other confidential information via email.***



On Tue, May 28, 2013 at 1:20 PM, Shaun Gray <SGray () medford k12 nj us<mailto:SGray () medford k12 nj us>> wrote:
Thanks Josh and it sounds like so far so good. We are running Windows 7 and one of the challenges appears to support 
for central deployment. It sounds like you are using GPO’s to circumvent this particular issue.


-Shaun G.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Rickard, Josh A.
Sent: Tuesday, May 28, 2013 2:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Microsoft Forefront

We currently use this within the University of Missouri system.  It has worked well for us and the price point of free 
is a pretty good option.  It’s always better to use two different Anti-Virus/Malware products but so far it’s kept us 
pretty clean overall.

Deployment wise we just either install via GPO or just install as needed (standalone machines).  I’ve found that it’s 
default(s) are to check Microsoft for updates once a day but if you alter a Registry key (via GPO) it will check in for 
updates twice a day (which is better).

Hope this helps,

Josh Rickard
Atlas Team
System Support Analyst
School of Medicine

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shaun 
Gray
Sent: Tuesday, May 28, 2013 12:56 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Microsoft Forefront

Greetings Everyone,

Does anyone currently use the new Microsoft Endpoint 2012 product in their environment? If so can you share your 
thoughts on the product in terms of performance, deployment, maintenance, etc. The price point (free) makes it a pretty 
enticing option to replace Symantec Endpoint Security which has been less than stellar.


Shaun L. Gray, GSEC
Network Engineer
Medford Township Board of Education
P / 609-975-6159<tel:609-975-6159>
[MCITP(rgb)_1084]


________________________________
Medford Township Public School District email is provided to staff for the purpose of professional communication. 
Please be aware that messages sent via email may not be secure and that network administrators may have to review 
communications to maintain network integrity and ensure the responsible use of the system. This electronic transmission 
and documents transmitted as attachments contain information from the Medford Township Public School District that may 
be proprietary, confidential and/or privileged under state or federal law. The information is intended for the sole use 
of the individual(s) or entity named above. The individual(s) or entity named above as the receipt of this information 
is expressly prohibited from disclosing this information to any other party unless required to do so by state or 
federal law or regulation. If you are not the intended recipient, be aware that any disclosure, copying or distribution 
or use of the contents of this electronic transmission and any document attachments is expressly prohibited. If you 
have received this electronic transmission in error, please notify the sender immediately by replying to the address 
listed above and delete or destroy all copies of the original electronic transmission.

________________________________
Medford Township Public School District email is provided to staff for the purpose of professional communication. 
Please be aware that messages sent via email may not be secure and that network administrators may have to review 
communications to maintain network integrity and ensure the responsible use of the system. This electronic transmission 
and documents transmitted as attachments contain information from the Medford Township Public School District that may 
be proprietary, confidential and/or privileged under state or federal law. The information is intended for the sole use 
of the individual(s) or entity named above. The individual(s) or entity named above as the receipt of this information 
is expressly prohibited from disclosing this information to any other party unless required to do so by state or 
federal law or regulation. If you are not the intended recipient, be aware that any disclosure, copying or distribution 
or use of the contents of this electronic transmission and any document attachments is expressly prohibited. If you 
have received this electronic transmission in error, please notify the sender immediately by replying to the address 
listed above and delete or destroy all copies of the original electronic transmission.