Definition Updates for Endpoint Protection on Windows 10
If you’re using System Center Endpoint Protection in your environment and start rolling out Windows 10 clients you might want to verify that they’re receiving definition updates. In the past for WSUS/SCCM to synchronize definition updates you’d simply enable the Forefront Endpoint Protection 2010 product to synchronize under the software update point component properties.
With Windows 10 this changes for the managed defender client via Configuration Manager. To synchronize the updates you’ll have to update the software update point component configuration to include the product Windows Defender. For Operating Systems prior to Windows 10 you’ll continue to receive definition updates when synchronizing the Forefront Endpoint Protection 2010 product via WSUS/SCCM.
To update your site complete the following:
- Launch the Configuration Manager Console
- Navigate to Administration > Overview > Site Configuration > Sites
- After selecting the site that requires updating, from the ribbon select Configure Site Components > Software Update Point
- Alternatively right click the site name, select Configure Site Components > Software Update Point
- Select the Products tab from the Software Update Point Component Properties window, scroll to the windows selection and check to enable the Windows Defender product from the list
- Select OK to close the Software Update Point Component Properties window
After the above has been completed either wait for the software update point synchronization to complete via schedule or manually for a synchronization be completing the following:
- Launch the Configuration Manager Console
- Navigate to Software Library > Overview > Software Updates > All Software Updates
- Select Synchronize Software Updates from the top ribbon
- Alternatively you can complete the same via PowerShell by executing the command below
Sync-CMSoftwareUpdate -FullSync $True
- Alternatively you can complete the same via PowerShell by executing the command below
After the Synchronization has completed you should be able to search for System Center Endpoint Protection 2012 Client updates and see the available definition updates:
The final step is to update your Automatic Deployment Rule (ADR) that’s being used to populate your software update group(s) for Endpoint Protection Definition Updates. Simply add the Windows Defender product to the search criteria for the ADR, run to re-evaluate, and the updates will be available to the managed endpoints.