Endpoint Protection offers two types of policies: Antimalware and Windows Firewall. Settings for custom policies are inherited from a default Antimalware policy. Because no default Windows Firewall policy exists, a custom one needs to be created.
------------------
Note: A custom Antimalware policy overrides the default policy.
-------------------
Creating an antimalware policy
You create an antimalware policy in Configuration Manager within the Assets and Compliance workspace in the Endpoint Protection node. Click Create Antimalware Policy in the Antimalware Policies area. Several predefined templates are included and can be used as a basis for creating a custom policy. The templates are found in the AdminConsole\XMLStorage\EPTemplates folder within the Configuration Manager installation folder. Creating a template launches the wizard shown in Figure 3-38.
FIGURE 3-38 Creating an antimalware policy.
The settings for the policy are inherited from the Default Client Antimalware Policy at the time of creation. In other words, if you make a change to Default Client Antimalware Policy, that change isn’t propagated to existing custom policies.
--------------------
Note: In SP1 of Configuration Manager, you can create subsets of policies so that you don’t need to continually customize settings that don’t apply to a particular policy.
-------------------
Each pane of the Create Antimalware Policy Wizard contains the settings relevant to that pane. For example, the Scan Settings pane contains information about what to scan, but the Real-Time Protection pane also contains additional information about scanning. Figures 3-39 and 3-40 show examples of each of these panes.
FIGURE 3-39 Scan settings in an antimalware policy.
FIGURE 3-40 Real-time protection settings in an antimalware policy.
Creating Windows Firewall Policy
You can create a Windows Firewall policy in Configuration Manager within the Assets and Compliance workspace in the Endpoint Protection node. Click Create Windows Firewall Policy in the Windows Firewall Policies area to launch the Create Windows Firewall Policy Wizard.
The first pane of this wizard is where you set the name and description for the policy; you configure the policy on the next pane, as shown in Figure 3-41.
FIGURE 3-41 Configuring a Windows Firewall policy.
By default, the Enable Windows Firewall select box is set to Not Configured for the Domain, Private, and Public profiles. Choosing Yes to enable the profile enables the corresponding Block and Notify behaviors to be set.
Like with the Antimalware policy, you deploy the Windows Firewall policy after it’s created by selecting Deploy from the Home tab. Deployment of the policy can take several hours in certain scenarios, to reduce possible network issues. The Deploy Windows Firewall Policy dialog box, opened when you click Deploy, enables the policy to be set on a schedule in addition to the choice of collection. Figure 3-42 shows this dialog box.
FIGURE 3-42 Deploying a Windows Firewall policy.
