Hyper-V Hosts have also the requirement to be protected against viruses. There are needed special Endpoint Protection scan exclusions and we just want to assign them to Hyper-V hosts. For that reason we will create a query based collection and then deploy a specific Endpoint Protection policy to this collection.
In #1 will create the query based collection to collect all hyper-v hosts.
In the SCCM 2012 Console go to the wunderbar “Assets and Compliance”
Right click on “Device Collections” and choose “Create Device Collection”
Name the collection (in this example “Hyper-V Hosts) and click “Browse” to limit the collection based on another collection (new in SCCM2012) –> it’s not possible to create SUB-Collections!
Limit it to “All Desktop and Server Clients” and click OK
Define now the membership of this collection. Click on “Add Rule” and choose “Query Rule”
Name the Query (Hyper-V Hosts) and click on “Edit Query Statement”
Choose the tab “Criteria” and click on the “sun” symbol
We create the query based on a service which is running just on Hyper-V Hosts.
Attribute class: Services
Alias as: <No Alias>
Attribute: Display Name
Then click OK
Operator: is equal to
Value: Hyper-V Virtual Machine Management
We like to update the collection “incremental” so enable the checkbox “Use incremental updates for this collection”
Then click “Next”
Now we have a collection whit all your Hyper-V host in your environment (if they are in your SCCM Boundary!).
In the following blog #2 we will create a specific Endpoint Protection policy (Hyper-V file exclusions) and deploy it to this collection…