Start Fep definitions not updating

Fep definitions not updating

on using your distribution points for Forefront Endpoint Protection (FEP) 2010 definition files, we had to leverage a vbscript in order to automate the download of the definition files from Microsoft via a scheduled task and then create a package that updated automatically on schedule and have a recurring advertisement.

Because the UI doesn’t allow the fall back options to be empty; How to create a file share for FEP definition is described here:

These null files are also beneficial in case deployment through the Update deployment fails for some reason.

In order for the software update automation tool to work, you will need a deployment and package to leverage.

But before that, you’ll need to make sure you are syncing the FEP 2010 Definitions.

This whole thing became a pretty tedious process to setup, but in the end it worked and the clients could get the definitions from their local DPs instead of the Software Update Point, WSUS server, UNC Share, or Microsoft Update.

FEP 2010 Update Rollup 1 makes the process of getting the defs from your DPs a whole lot easier!

3) If you trigger update evaluation through API or by click the initial update evaluation action through the client applet, then it will trigger an update scan cycle with no force re-scan flag and may not find the def update applicable.

The below log screen shot shows the different between 2) & 3) If you assign the definition update to all system, then you should write a script to call Update Scan Cycle and then an Update Evaluation Cycle to find the update and install it.

You need to enable Microsoft Update, so that the system will be able to install updates for products other than the core Windows operating system, which includes Endpoint Protection.

The instructions below are for Windows 8.1 and Server 2012R2, however similar instructions apply to Windows 8 and Windows 7.

Otherwise there might be time issue that the definition update will not show applicable. 2) Update evaluation will be triggered automatically when the policy is changed, or the client is moved to a new collection which has different update deployment assignment.