If endpoints are already managed by SCCM, migrating to SCEP/Windows Defender is a straightforward process.The process is comprised of these steps: The process is the same across SCCM 2012 R2 and SCCM Current Branch (CB).Make sure that the search criteria is correct, that the Product says Forefront Endpoint Protection 2010 or Windows Defender and that the Update Classification shows Definition Updates and choose next.

If endpoints are not managed by SCCM, they will first have to be provisioned for the SCCM service (see 67714) before following these steps.

To configure an Endpoint Protection Anti-malware Policy: The Endpoint Protection Anti-malware policy is used to determine the behavior of the SCEP/Windows Defender client (scan schedule, on-demand settings, user restrictions, exceptions, etc.) Detailed explanation of policy elements can be found at: Deploying SCCM and SCEP Policies to endpoints: An SCCM deployment is the association of SCCM policies or content to the basic organizational unit of SCCM manageable objects, called a Collection.

In previous OS versions the anti-virus client was replaced by System Center Endpoint Protection (SCEP) software when it was managed by SCCM.

Windows 10 takes a different approach and is now able to be directly managed by SCCM without replacing it. Even if you tell SCCM to install the SCEP client when you launch SCEP.exe, on a Windows 10 machine it will launch Defender.

I created a separate Windows 10 SCEP policy and deployed it against my collection of Windows 10 machines, whereupon I applied a SCEP 2012 standard desktop policy, modified to include Outlook 2010/2013 exclusions.

These should be the same for pretty much any version as far as I know, but I’m looking specifically at System Centre Endpoint Protection (SCEP) included as part of Config Manager 2012.

If your environment has maintenance windows established, leave it as is and wait for the maintenance windows to occur.

Both of my VMs were not previously managed and it took until a reboot for them to actually report into the console as managed.

The System Center Configuration Manager (SCCM) client policy can be used to install System Center Endpoint Protection (SCEP) in supported OSes prior to Windows 10, or to enable Windows Defender on Windows 10.