This Guide explains how to create a process of remote updating forefront client security definitions using MOM2005 Tasks. This ability to MOM2005 gives you the ability to "Right Click à Update Definitions" on each and every installed client and by that gives you the ability to update and control your client definitions outside "windows update".
Note: This update method is not a replacement for the Windows update method. You can take the scripts and the first part of this process (the definition download) and use it with any other distribution application you have deployed in your organization.
1. Download DefinitionsDownload.zip and extract the file to C:\FCSDef (it is possible to extract to a different folder, but this will require a change of path in the scripts).
2. Open C:\FCSDef and Right-Click the Definitions Folder -> Sharing. Share the folder with default permissions.
3. On the choose program page, click browse and browse to the location where you extracted the zip file. Click on the DownloadDefinitions.vbs script and Click Open.
6. On the user page, type the username and password for the user you wish this task will run under. Notice that this user does not have to be administrator on the computer, but it does need to have the ability to run scripts and appropriate permissions on the definitions folder.
2. On the advanced scheduling options, set your schedule for checking and downloading new definitions. Notice that the Microsoft Anti-Malware Team updates the definitions on the security portal EVERY 2 HOURS!
On the until check boxes, click Duration and choose 2 hours and 30 minutes.
make sure that "if the task is still running, stop it…" checkbox is cleared
Now the first part is completed, your FCS server will contact the security portal every scheduled hour and download the new definitions and delete the old ones.
6. On the task configuration window, select "Microsoft Forefront Client Security Agent" Target Role.
On the Task command line, type the full UNC path of the definitions file you configured at the scheduled download phase earlier. Leave the task remote start and task output behavior as is.
Deploy definitions to FCS Client using MOM 2005
- Open MOM2005 Operator Console and enter the state view.
- Now you click each and every one of the computers where FCS client is installed and choose "updating forefront client security definitions" from the task list.
- On the welcome to launch task wizard, click next.
- On the command line task paramaters, click next.
- On the task target page, verify that the targets are indeed those you have chosen to deploy definitions to and click next.
- Click finish on the completing page, will deploy FCS definitions file to the designated target.
Important Note: This Guide explains how to download and distributes the full version of the definitions update (about 20MB). You should take this under consideration when scheduling your downloads, client definitions deployment.