Ensure that you have configured antimalware policies before you deploy the Endpoint Protection client.When you install an Endpoint Protection point, an Endpoint Protection client is installed on the server hosting the Endpoint Protection point.Services and scans are disabled on this client to enable it to co-exist with any existing antimalware solution that is installed on the server.

Alerts inform the administrator when specific events have occurred, such as a malware infection.

Alerts are displayed in the Alerts node of the Monitoring workspace, or optionally can be emailed to specified users.

The default antimalware policy is applied when the Endpoint Protection client is installed.

Any custom policies you have deployed are applied by default, within 60 minutes of deploying the client.

Updated: March 24, 2016Applies To: System Center 2012 R2 Endpoint Protection, System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Configuration Manager SP2, System Center 2012 R2 Configuration Manager, System Center 2012 Endpoint Protection SP1, System Center 2012 Endpoint Protection, System Center 2012 R2 Configuration Manager SP1If you manage endpoint protection for Windows 10 computers, then you must configure System Center 2012 Configuration Manager to update and distribute malware definitions for Windows Defender.

Because Windows Defender is included in Windows 10, an endpoint protection agent does not need to be deployed to client computers.

The Endpoint Protection point site system role must be installed before you can use Endpoint Protection.

It must be installed on one site system server only, and it must be installed at the top of the hierarchy on a central administration site or a stand-alone primary site.

To initiate policy retrieval for a single client, see the Initiate Policy Retrieval for a Configuration Manager Client section in the How to Manage Clients in Configuration Manager topic.

Potential Unwanted Application (PUA) is a threat classification based on reputation and research-driven identification.

Most commonly, these PUA applications are unwanted application bundlers or their bundled applications .