Using Microsoft® System Center Endpoint Protection (SCEP)

Using Microsoft® System Center Endpoint Protection (SCEP)
Microsoft® System Center Endpoint Protection (SCEP) is an antivirus product developed by Microsoft that provides the following capabilities:
  • Malware and spyware detection and remediation
  • Rootkit detection and remediation
  • Critical vulnerability assessment and automatic definition and engine updates
  • Network vulnerability detection through Network Inspection System
Microsoft® System Center Endpoint Protection is provided by Managed.com to all hosting customers at no additional cost.
 
Customers Running Windows Server 2008 R2 and Windows Server 2012/2012 R2
Open the Start Menu and look for the application System Center Endpoint Protection. Click on the application to open it.
 
Windows Server 2008 R2
 
Windows Server 2012/2012 R2
 
The Home screen displays the status of critical antivirus engine components. You can also start a Quick, Full, or Custom scan from here by clicking the button Scan now.
 
  • A quick scan looks at all the locations where there could be malware registered to start with the system, such as registry keys and known Windows startup folders. In most cases, a quick scan is sufficient and is recommended for scheduled scans.
  • A full scan starts by running a quick scan and then continues with a sequential file scan of all mounted fixed disks and removable/network drives (if the full scan is configured to do so). A full scan can take a few hours or days to complete, depending on the amount and type of data that needs to be scanned.
  • A custom scan is a quick scan that runs on the files and folders you specify. For example, you can opt to scan a specific folder on your device's local drive.
The Update screen displays the status of virus and spyware definitions and other important information. Your server is configured to check for new virus and spyware definitions every day and automatically install new definitions as they are made available by Microsoft. You can also manually check for new definitions by clicking the button Update definitions.
 
The History screen displays the items that were detected as potentially harmful to your server. By default, all items classified as Medium, High, and Severe are quarantined while threats classified as Low are allowed. Items that are quarantined are automatically removed from your server after 30 days. You can restore quarantined items within those 30 days, however, Managed.com strongly advises that you do not restore items that have been determined to be potentially harmful.
 
The Settings screen displays the configured client settings. These settings are centrally administered by Managed.com and cannot be modified by any person or program, including Administrators. This is to ensure the most favorable client settings remain in-place and are not modified by malware or other programs. A complete list of configured client settings can be found at the bottom of this article.
 
 
Customers Running Windows Server 2016
Open the Start Menu and navigate to the folder Windows System. Look for the application Windows Security. Click on the application to open it.
 
The Home screen displays the status of critical antivirus engine components. You can also start a Quick, Full, or Custom scan from here by clicking the button Scan now.
 
  • A quick scan looks at all the locations where there could be malware registered to start with the system, such as registry keys and known Windows startup folders. In most cases, a quick scan is sufficient and is recommended for scheduled scans.
  • A full scan starts by running a quick scan and then continues with a sequential file scan of all mounted fixed disks and removable/network drives (if the full scan is configured to do so). A full scan can take a few hours or days to complete, depending on the amount and type of data that needs to be scanned.
  • A custom scan is a quick scan that runs on the files and folders you specify. For example, you can opt to scan a specific folder on your device's local drive.
The Update screen displays the status of virus and spyware definitions and other important information. Your server is configured to check for new virus and spyware definitions every day and automatically install new definitions as they are made available by Microsoft. You can also manually check for new definitions by clicking the button Update definitions.
 
The History screen displays the items that were detected as potentially harmful to your server. By default, all items classified as Medium, High, and Severe are quarantined while threats classified as Low are allowed. Items that are quarantined are automatically removed from your server after 30 days. You can restore quarantined items within those 30 days, however, Managed.com strongly advises that you do not restore items that have been determined to be potentially harmful.
 
The Settings screen displays the configured client settings. These settings are centrally administered by Managed.com and cannot be modified by any person or program, including Administrators. This is to ensure the most favorable client settings remain in-place and are not modified by malware or other programs. A complete list of configured client settings can be found at the bottom of this article.
 
 
Customers Running Windows Server 2019
Open the Start Menu and look for the application Windows Security. Click on the application to open it.
 
Click on the Virus & threat protection applet.
 
The Current threats section displays information about the most recent system scan. You can also start a Quick scan from here by clicking the button Quick scan.
 
To start a different type of scan, click the text Scan options and select the option Full scan or Custom scan. Click the button Scan now.
 
You can also view the items that were detected as potentially harmful to your server by clicking the text Threat history.
 
The Virus & threat protection settings section displays the configured client settings. These settings are centrally administered by Managed.com and cannot be modified by any person or program, including Administrators. This is to ensure the most favorable client settings remain in-place and are not modified by malware or other programs. A complete list of configured client settings can be found at the bottom of this article.
 
The Virus & threat protection updates section displays the status of virus and spyware definitions and other important information. Your server is configured to check for new virus and spyware definitions every day and automatically install new definitions as they are made available by Microsoft. You can also manually check for new definitions by clicking the button Check for updates.
 
The Ransomware protection section allows you to enable the Controlled folder access feature, which protects files, folders, and other locations on your server from being modified or changed by unauthorized applications. Managed.com strongly advises that you do not enable this feature as it may prevent you from saving files and other data on your server.
 
Cleaning Your Server
System Center Endpoint Protection is configured to automatically take action on a number of different threats ranging from Low to Severe. However, you may be asked by System Center Endpoint Protection to take manual action on a detected threat. System Center Endpoint Protection will guide you through this process and notify you if a system restart is required to complete remediation. You may also contact support@managed.com for additional assistance remediating malware.
 
Client Settings - Last Updated May 2021
Scheduled Scans
 
Scan Settings
 
Default Actions
 
Real-time Protection
 
Exclusion Settings
 
Advanced
 
Threat overrides
 
Cloud Protection Service
 
Security Intelligence Updates
 
An Important Disclaimer from Managed.com
Even with the robust capabilities of Microsoft® System Center Endpoint Protection, Managed.com cannot and does not guarantee Microsoft® System Center Endpoint Protection will catch and/or remediate every system threat, nor does Managed.com guarantee that the remediation efforts of Microsoft® System Center Endpoint Protection or our Support Team will be successful. In some cases, further action may be required to completely remediate your server.  

Add Feedback