< Blog

New SSRS Reports Added to Enhanced Web Reporting: System Center Endpoint Protection (SCEP)

System Center Endpoint Protection (SCEP) Reports

Several of our clients told us that they would like to see the information collected by System Center Endpoint Protection (SCEP) in an easy-to-read dashboard report. This category of reports goes one step further by giving you the ability to drill through from the dashboard report to more detailed reports.

One of the interesting facts that we learned while creating these reports was that, unlike many other anti-virus software products available on the market, SCEP uses three different items (anti-virus signature version, engine version, and client version) to detect the latest malware. If you have never heard of client version (sometimes called platform version) you are not alone. Many people are unaware that they need to update the client version on all PCs. Client version is important because it enables up-to-date detection of malware on PCs.

These reports are meant to quickly help IT administrators and security teams understand their SCEP environment.

Please note that these SCEP reports are only intended for use with System Center 2012 Configuration Manager (CM12) or later versions of CM12.

Below are sample screenshots of each of the reports in this new category along with additional information about each one.

System Center Endpoint Protection (SCEP) Dashboard

At a glance, the main details about your System Center Endpoint Protection (SCEP) environment are displayed in three easy to read tables, Anti-Virus Signature Version, Engine Version, and Client Version (client version is sometimes referred to as platform version).

The tables are arranged from left to right (Anti-Virus Signature Version, Engine Version, and Client Version). The reason for this arrangement is to give you information first about the most important and frequently changing SCEP details (Anti-Virus Signature) to more static details (Engine and Client) of your SCEP environment.

The latest version update appears on the top row of every table’s column. Ideally, all of your clients should have the latest version, but this will be virtually impossible for Anti-Virus Signature (AVS) as Microsoft releases AVS 3 or 4 times a day. To assist you, the Anti-Virus Signature Table uses two shades of light red to highlight clients with an out-of-date AVS of more than 14 days.

From this dashboard you can drill through to the reports, List of PCs by SCEP Anti-Virus Signature Version, List of PCs by SCEP Client Version, and List of PCs by SCEP Engine Version.

In the above screenshot you will notice the “n/a” (not available) value in each of the table reports. This most likely means that these PCs do not have anti-virus software, so this should be investigated as soon as possible.

List of PCs by SCEP Anti-Virus Signature Version

This report helps to identify clients with potential Anti-Virus Signature Version problems. You can easily detect problems by comparing the date information provided in these columns: Last Policy Request, Last Heartbeat, and Last Hardware Scan. This information tells when a client last communicated with its CM12 environment. For example, if the last policy request date is today but, your last heartbeat date or last hardware inventory scan date is over two weeks ago, this is a good indication that the client is un-healthy. Conversely, if all three dates are ~ 2 weeks old then it is more likely that this PC is turned off and will likely update its AVS when the PC is next turned on. From this report you can drill-through to the SCEP Computer Details report.

List of PCs by SCEP Client Version

This report helps to identify clients with potential Client Version problems. You can easily detect problems by comparing the date information provided in these columns: Last Policy Request, Last Heartbeat, and Last Hardware Scan. This information tells when a client last communicated with its CM12 environment. From this report you can drill-through to the SCEP Computer Details report.

List of PCs by SCEP Engine Version

This report helps to identify clients with potential Engine Version problems. You can easily detect problems by comparing the date information provided in these columns: Last Policy Request, Last Heartbeat, and Last Hardware Scan. This information tells when a client last communicated with its CM12 environment. From this report you can drill-through to the SCEP Computer Details report.

SCEP Computer Details

This is the final drill through report from List of PCs by SCEP Anti-Virus Signature Version, List of PCs by SCEP Client Version, and List of PCs by SCEP Engine Version. SCEP Computer Details will give you a good overview of the SCEP status (including malware detection) for a specific PC.

Read more about the new Share reports.

Read the Enhanced Web Reporting media release.