While reading the Microsoft forums, I saw a request about how to grant permission on Endpoint reports, so I thought that I would take the time to put together some steps.
· Create an AD security group called Endpoint Protection Reports
· Assign the appropriate users to the AD group
· Create a security role to grant access to the following items:
o Antimalware Policy: Run Reports
o Firewall Setting: Run Reports
o Site: Read
· Assign this security scope to the AD security group: Endpoint Protection Reports
· Now you’re done!
To help make your life easier, I have exported the Endpoint Protection Reports security role which you can download and import on your site.
For more details about the forum post, please see http://social.technet.microsoft.com/Forums/en-US/ab56e725-b6ce-4f37-a362-67acb8f5515e/report-permissions.