When setting up Microsoft ForeFront The first thing to do is to run Serversetup.exe.
Of course you’ll want to run the file so click Run.Fill in your Name and Organization then click Next.You’re going to have to put a check in I accept the software license terms.When you do Next will be available so click Next.Now this is where you’re be choosing your topology. For this example we’llgo ahead and chose a Basic topology. This will install Microsoft ForefrontEndpoint Protection 2010 Database, Site Server Extension, Console Extension,Reporting components, and Reporting database based on your currentConfiguration Manager deployment. Maybe in future blogs I’ll go through otherdeployment options. Don’t forget to click Next.Here is where you will setup the Reporting server account information.Mostly it will be filled out by the user running setup but you can change thedomainusername. Click Next.If the password you typed doesn’t match the domainusername you’ll get theerror below.

Microsoft Forefront Endpoint Protection 2010
Error: The password is incorrect, or this account is not valid. Account :domainusername

After I corrected my intentional typo FEP is now warning me that I shouldn’tuse my domain admin account.
Microsoft Forefront Endpoint Protection 2010
For security reasons, it is not recommended to use a domain administratoraccount ‘domainusername’ as the reporting account.

I’m going to OK this because it’s just a test lab.
By default FEP will want to Join the Customer Experience ImprovementProgram. I recommend keeping this checked. I also checked User Microsoft Updateto keep my products up to date.

Join Microsoft Spynet Basic is checked by default. I changed mine toAdvanced SpyNet.

Location and disk space requirements blah blah blah.

Oh no! It looks like my Verifying SQL Server prerequisite Failed with anError.

When I click the More link I see the error below
Forefront Endpoint Protection 2010 requires that the SQL Server Agentservice is running. Set the service to start automatically, and then start theservice.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Warning: Forefront Endpoint Protection 2010 requires the following servicesto be set to start automatically.
Service Name: SQLSERVERAGENT
Server Name: SERVER01
Forefront Endpoint Protection 2010 requires that the SQL Server Agentservice is running. Set the service to start automatically, and then start theservice.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Warning: Forefront Endpoint Protection 2010 requires the following servicesto be set to start automatically.
Service Name: SQLSERVERAGENT
Server Name: SERVER01
Warning: Setup has detected that the connection to the SQL Server is notencrypted. If the SQL Server and Forefront Endpoint Protection 2010 are notlocated on a shared secure subnet, transmitted data can be viewed by third parties.We recommend that you secure the connection to the SQL Server. For moreinformation, see Securing SQL Server in the SQL Server documentation.

Fixing the error was simple. I set the SQL Server Agent to Automatic and startedit.

When I ran the Prerequisites Verification again (by clicking back then next)I got a warning.

Clicking more gave me the message below.
Warning: Setup has detected that the connection to the SQL Server is notencrypted. If the SQL Server and Forefront Endpoint Protection 2010 are notlocated on a shared secure subnet, transmitted data can be viewed by thirdparties. We recommend that you secure the connection to the SQL Server. Formore information, see Securing SQL Server in the SQL Server documentation.

I like the fact that it’s encouraging you to enable SQL server encryptionbut since this is for testing and and on the same box this isn’t required. I’mgoing to ignore this warning.
The final screen is where you’ll get a summery of what the setup applicationwill do.
Microsoft Forefront Endpoint Protection 2010
General Settings
Local Computer Name: server01.fep.local
Location of Setup media files:C:UsersAdministrator.SERVER01Desktopevalcdmedia_en_amd64
Installation Directory: C:Program FilesMicrosoft Forefront
Configuration Manager Console Directory: C:Program Files (x86)MicrosoftConfiguration ManagerAdminUIbin

Updates, Spy Net and Customer Experience Options
Windows Update: Enabled
Participation in Customer Experience Improvement Program: Enabled
Participation Microsoft SpyNet: Join with an advanced membership

FEP 2010 Site Extension for Configuration Manager
Configuration Manager Site Server: server01.fep.local

FEP 2010 Reporting and Monitoring components
Configuration Manager Site Server: server01.fep.local
Configuration Manager Database Server: SERVER01
Configuration Manager Database Instance Name: MSSQLSERVER
Configuration Manager Database Name: SMS_AAA
FEP 2010 Database Name: FEPDB_AAA
FEP 2010 Reporting Database Server: SERVER01
FEP 2010 Reporting Database Instance Name: MSSQLSERVER
FEP 2010 Reporting Database Name: FEPDW_AAA
Liveness checking URL for SQL Reporting Service:
User account used for accessing of FEP 2010 Reports: FEPAdministrator

Configuration Manager Console Extensions for Forefront Endpoint Protection 2010
No additional properties for this component

Clicking Next will start the install so sit back and take a break. I know Idid.

Hello. Why are you popping up?

It appears a hotfix got installed and is asking for a reboot. I’m not sureif it’s because of the FEP install or not.
http://support.microsoft.com/kb/981889
A Windows Filtering Platform (WFP) driver hotfix rollup package is availablefor Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2

The install was successful.
.
I’m going to view the log.
[7/26/2010 1:55:43 PM] Setup Started
[7/26/2010 1:55:44 PM] Product ID validation succeeded (Product ID:03116-270-0001260-04309)
[7/26/2010 1:56:28 PM] For security reasons, it is not recommended to use adomain administrator account ‘FEPAdministrator’ as the reporting account.
[7/26/2010 1:56:33 PM] Error: The password is incorrect, or this account is notvalid. Account: FEPAdministrator
[7/26/2010 1:56:45 PM] For security reasons, it is not recommended to use adomain administrator account ‘FEPAdministrator’ as the reporting account.
[7/26/2010 1:57:19 PM] Setup Log has been relocated from’C:UsersAdministrator.SERVER01AppDataLocalTemp1ServerSetup_26072010_135543.log’
[7/26/2010 1:57:21 PM] [7/26/2010 1:57:21 PM] Verifications started:

[7/26/2010 1:57:21 PM]
[7/26/2010 1:57:21 PM] Verification(Verifying hardware requirements) passed
[7/26/2010 1:57:21 PM]
[7/26/2010 1:57:21 PM] Verification(Verifying .NET Framework 3.5 SP1prerequisite) passed
[7/26/2010 1:57:41 PM]
[7/26/2010 1:57:41 PM] Verification(Verifying SQL Server prerequisite) failed
Forefront Endpoint Protection 2010 requires that the SQL Server Agent serviceis running. Set the service to start automatically, and then start the service.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Warning: Forefront Endpoint Protection 2010 requires the following servicesto be set to start automatically.
Service Name: SQLSERVERAGENT
Server Name: SERVER01
Forefront Endpoint Protection 2010 requires that the SQL Server Agentservice is running. Set the service to start automatically, and then start theservice.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Warning: Forefront Endpoint Protection 2010 requires the following servicesto be set to start automatically.
Service Name: SQLSERVERAGENT
Server Name: SERVER01
Warning: Setup has detected that the connection to the SQL Server is notencrypted. If the SQL Server and Forefront Endpoint Protection 2010 are notlocated on a shared secure subnet, transmitted data can be viewed by thirdparties. We recommend that you secure the connection to the SQL Server. Formore information, see Securing SQL Server in the SQL Server documentation.
[7/26/2010 1:58:05 PM]
[7/26/2010 1:58:05 PM] Verification(Verifying SQL Reporting Servicesprerequisite) passed
[7/26/2010 1:58:06 PM]
[7/26/2010 1:58:06 PM] Verification(Verifying Configuration Manager version)passed
About to compare required version ‘4.0.6487.2000’ to installed version’4.0.6487.2000′
[7/26/2010 1:58:06 PM]
[7/26/2010 1:58:06 PM] Verification(Verifying Configuration Manager Site Serverpermissions) passed
About to verify Configuration Manager Site Server permissions
[7/26/2010 1:58:08 PM]
[7/26/2010 1:58:08 PM] Verification(Verifying Configuration Manager clientcomponents) passed
About to verify client component ‘Configuration Management Agent’ is enabled
About to verify client component ‘Hardware Inventory Agent’ is enabled
About to verify client component ‘Software Distribution’ is enabled
[7/26/2010 1:58:08 PM]
[7/26/2010 1:58:08 PM] Finished running verifications.
[7/26/2010 1:59:52 PM] [7/26/2010 1:59:52 PM] Verifications started:

[7/26/2010 1:59:52 PM]
[7/26/2010 1:59:52 PM] Verification(Verifying hardware requirements) passed
[7/26/2010 1:59:52 PM]
[7/26/2010 1:59:52 PM] Verification(Verifying .NET Framework 3.5 SP1prerequisite) passed
[7/26/2010 2:00:08 PM]
[7/26/2010 2:00:08 PM] Verification(Verifying SQL Server prerequisite) failed
Forefront Endpoint Protection 2010 requires that the SQL Server Agent serviceis running. Set the service to start automatically, and then start the service.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Forefront Endpoint Protection 2010 requires that the SQL Server Agentservice is running. Set the service to start automatically, and then start theservice.
Service Name: SQLSERVERAGENT
SQL Server: SERVER01
Warning: Setup has detected that the connection to the SQL Server is notencrypted. If the SQL Server and Forefront Endpoint Protection 2010 are notlocated on a shared secure subnet, transmitted data can be viewed by thirdparties. We recommend that you secure the connection to the SQL Server. Formore information, see Securing SQL Server in the SQL Server documentation.
[7/26/2010 2:00:09 PM]
[7/26/2010 2:00:09 PM] Verification(Verifying SQL Reporting Servicesprerequisite) passed
[7/26/2010 2:00:09 PM]
[7/26/2010 2:00:09 PM] Verification(Verifying Configuration Manager version)passed
About to compare required version ‘4.0.6487.2000’ to installed version’4.0.6487.2000′
[7/26/2010 2:00:10 PM]
[7/26/2010 2:00:10 PM] Verification(Verifying Configuration Manager Site Serverpermissions) passed
About to verify Configuration Manager Site Server permissions
[7/26/2010 2:00:11 PM]
[7/26/2010 2:00:11 PM] Verification(Verifying Configuration Manager clientcomponents) passed
About to verify client component ‘Configuration Management Agent’ is enabled
About to verify client component ‘Hardware Inventory Agent’ is enabled
About to verify client component ‘Software Distribution’ is enabled
[7/26/2010 2:00:11 PM]
[7/26/2010 2:00:11 PM] Finished running verifications.
[7/26/2010 2:00:52 PM] [7/26/2010 2:00:52 PM] Verifications started:

[7/26/2010 2:00:52 PM]
[7/26/2010 2:00:52 PM] Verification(Verifying hardware requirements) passed
[7/26/2010 2:00:53 PM]
[7/26/2010 2:00:53 PM] Verification(Verifying .NET Framework 3.5 SP1prerequisite) passed
[7/26/2010 2:01:08 PM]
[7/26/2010 2:01:08 PM] Verification(Verifying SQL Server prerequisite) warning
Warning: Setup has detected that the connection to the SQL Server is notencrypted. If the SQL Server and Forefront Endpoint Protection 2010 are notlocated on a shared secure subnet, transmitted data can be viewed by thirdparties. We recommend that you secure the connection to the SQL Server. Formore information, see Securing SQL Server in the SQL Server documentation.
[7/26/2010 2:01:09 PM]
[7/26/2010 2:01:09 PM] Verification(Verifying SQL Reporting Servicesprerequisite) passed
[7/26/2010 2:01:09 PM]
[7/26/2010 2:01:09 PM] Verification(Verifying Configuration Manager version)passed
About to compare required version ‘4.0.6487.2000’ to installed version’4.0.6487.2000′
[7/26/2010 2:01:10 PM]
[7/26/2010 2:01:10 PM] Verification(Verifying Configuration Manager Site Serverpermissions) passed
About to verify Configuration Manager Site Server permissions
[7/26/2010 2:01:11 PM]
[7/26/2010 2:01:11 PM] Verification(Verifying Configuration Manager clientcomponents) passed
About to verify client component ‘Configuration Management Agent’ is enabled
About to verify client component ‘Hardware Inventory Agent’ is enabled
About to verify client component ‘Software Distribution’ is enabled
[7/26/2010 2:01:11 PM]
[7/26/2010 2:01:11 PM] Finished running verifications.
[7/26/2010 2:23:20 PM]
[7/26/2010 2:23:20 PM] Installation tasks started:
Root Folder: C:UsersAdministrator.SERVER01Desktopevalcdmedia_en_amd64
Current Folder: C:UsersAdministrator.SERVER01Desktopevalcdmedia_en_amd64
[7/26/2010 2:25:04 PM]
[7/26/2010 2:25:04 PM] Installation(Installing the Microsoft Forefront EndpointProtection 2010 Security Client) completed
Installing FepInstall.exe.
completed
[7/26/2010 2:25:42 PM]
[7/26/2010 2:25:42 PM] Installation(Installing Microsoft Forefront EndpointProtection 2010 Console Extensions for Configuration Manager) completed
Installing FEPUX.msi.
completed
[7/26/2010 2:29:45 PM]
[7/26/2010 2:29:45 PM] Installation(Installing Microsoft Forefront EndpointProtection 2010 Site Server Extension for Configuration Manager) completed
Installing FEPExt.msi.
completed
[7/26/2010 2:40:03 PM]
[7/26/2010 2:40:03 PM] Installation(Installing Microsoft Forefront EndpointProtection 2010 Reporting) completed
Installing FepReport.msi.
completed
[7/26/2010 2:40:04 PM]
[7/26/2010 2:40:04 PM] Finished running installation tasks.

[7/26/2010 2:40:05 PM] Setup has completed successfully.
Here’s the final screen in the setup program. I really want to see theConsole and check for updates so I’ll leave them both checked and click Finish.

As I’m waiting for SCCM to open I’ll look and see what databases FEPcreated.
It appears it created a FEPDB_AAA and FEPDW_AAA database. AAA being my SCCMsite code.

Well there it is. FEP installed and in SCCM. FEP looks like it’s going to becompletely different than FCS so in my upcoming blogs I’ll talk about thedifferences.