Running an Endpoint Protection Scan
Applies To: Forefront Endpoint Protection
This task applies to the following features:
Forefront Endpoint Protection
The FEP Security Management Pack
The FEP client
Important
You should configure FEP policy to ensure that scans run automatically on a regular basis.
To run a quick or full scan by using FEP
In the Configuration Manager console, in the tree, expand Computer Management, expand Collections, and then navigate to the collection that contains the computer on which you want to start a scan.
Tip
If you know the name of the target computer, you can search for the computer in the details pane when a parent collection is selected in the tree.
Right-click the computer name, click FEP Operations, and then click either Run Full Scan or Run Quick Scan.
Tip
You can target multiple computers by selecting them and then right-clicking a single computer.
To distribute the on-demand scan, Configuration Manager creates an advertisement. You can view the properties of the advertisement by navigating to Software Distribution in the tree, and then expanding Advertisements and FEP Operations.
The collections and advertisements created by this process are deleted the next time you run an on-demand scan, if they are older than seven days.
Note
Only one advertisement can run at a time on the client computer. Therefore, if an advertisement is running on the client computer that could potentially take a while to complete (such as a full scan on a computer with a large hard disk), subsequent advertisements are processed after that advertisement completes.
To run a quick or full scan by using the FEP Security Management Pack
In the Operations Manager console, navigate to the Monitoring view, and then expand the Monitoring tree.
In the Monitoring tree, under Forefront Endpoint Protection, click Endpoints with FEP.
In the Endpoints with FEP pane, click the name of the endpoint on which you want to start a scan.
Note
In order to search for an endpoint by name, enter the name (FQDN) of the endpoint in the Look for text box, and then click Find Now.
In the Actions pane, expand Protection Endpoint Tasks, and then click either Quick Scan or Full Scan.
In the Run Task dialog box, verify that the target is the endpoint on which you want to run the scan and that the check box next to the target name is selected, and then click Run. The scan runs with the default parameters.
Note
The task is marked as successful after the scan is started on the targeted computer. Tasks in the FEP Security Management Pack represent the command to run the task, not the results of the task itself.
To run a quick or full scan locally on the FEP 2010 client
In the notification area of your computer, right-click the Microsoft Forefront Endpoint Protection icon, and then click Open.
On the FEP Home page, select either the Quick option or Full option, and then click Scan now. The scan may take a while, depending on the number of files and folders being scanned.