Welcome to the first in a new series of blogs on the SCCMentor site where I will be reviewing some of the ConfigMgr books that are out there for you to buy and learn new skills from.
In the first of the series I take a look at the second edition of the Microsoft System Center Endpoint Protection Cookbook. The book is authored by MVP Nicolai Henriksen, a ConfigMgr and , back in the day, SMS guru with over 20 years experience in the industry . It’s available from Packt Publishing andyou can purchase the book direct from them here.
The book deep dives into Endpoint Protection, how to set this up within your ConfigMgr hierarchy, how to get the SCEP client installed in the environment including tips on how to deliver this to devices with up to date definition files as part of your task sequence, how to update your definitions and push them out to end clients and how best to remediate any threats and outbreaks that can occur on your estate.
Since the book was released recently, December 2016, it is up to date and relevant, with discussions about new features implemented in the latest ConfigMgr Current Branch releases and information on deployment of Windows Defender.
What I enjoyed about Nicolai’s book is that the content is rich and varied. It actually goes beyond Endpoint Protection and discusses, in-depth, about the need to implement further security measures in your environment and provides tips and guidance on how best to achieve this. In fact, the title of the book ‘Microsoft System Center Endpoint Protection Cookbook’ does it an injustice, as Nicolai writes about BitLocker, AppLocker, Windows Firewall and more in this edition.
Nicolai writes with a passion here, and I like that fact that he recommends what you should be doing based on his real world experience of setting up SCEP with multiple customers and how he has seen the benefit from configuring the product in the way he has. This book is not a simple step-by-step/next next,next that sends the eyelids shut within minutes, and fact that the book is littered with valuable opinion means that the book won’t age as soon as it has hit the book shelves. This is content written by someone who has done this many many times, seen the best way to implement a solution and loves to share his real world view on the situation.
There’s so much to Endpoint Protection beyond dropping the client on your devices and there’s not a heap of information out there on the web to assist you when things can go wrong. This book nicely fills some of that gap and I recommend that you go out there and get hold of a copy, grab a brew, sit down and take a read to learn some new cool things or just to rubber stamp how you might have things configured within your ConfigMgr hierarchy
Next time, l’ll be taking a look at Garth Jones’ ‘System Center Configuration Manager Reporting Unleashed’ book.