In this article by Andrew Plue, author of Microsoft System Center 2012 Endpoint Protection Cookbook, we will cover:
- Locating and interrupting client-side SCEP logs
- Performing manual definition updates and checking definition version
- Manually editing local SCEP policy using the user interface
- Utilizing MpCmdRun.exe
The tasks you will accomplish in this article are essential for any System Center Endpoint Protection (SCEP) administrator. Although many of the procedures can also be performed from within your System Center 2012 Configuration Manager (SCCM) console, it is also vital to understand how to perform these procedures at a local client level. As isolating infected PCs (or PCs that are suspected to be infected) from the rest of your corporate network is a commonly accepted best practice, a hands-on approach is often needed to remediate malware issues.
This article will cover all the essential skills an AV admin using SCEP will need to know, from finding and understating the SCEP client logs, to performing on demand scans with just the command line.