Symantec™ Endpoint Protection and Symantec Network Access Control 12.1.2 Installation and Administration Guide

Article:DOC6153  |  Created: 2012-10-24  |  Updated: 2014-03-18  |  Article URL http://www.symantec.com/docs/DOC6153
Article Type
Documentation

Product(s)

Description



Symantec™ Endpoint Protection and Symantec Network Access Control 12.1.2 Installation and Administration Guide

Contents

This guide includes procedures to install, configure, and manage the product.

1. Introducing Symantec Endpoint Protection
About Symantec Endpoint Protection
What's new in Symantec Endpoint Protection 12.1.2
About the types of threat protection that Symantec Endpoint Protection provides
Protecting your network with Symantec Endpoint Protection
Getting up and running on Symantec Endpoint Protection for the first time
Managing protection on client computers
Maintaining the security of your environment
Troubleshooting Symantec Endpoint Protection
I. Installing Symantec Endpoint Protection
2. Planning the installation
Planning the installation
Components of Symantec Endpoint Protection
Components of Symantec Network Access Control
System requirements for Symantec Endpoint Protection
Product license requirements
Supported virtual installations and virtualization products
About Symantec Endpoint Protection Manager compatibility with other products
Network architecture considerations
About choosing a database type
About embedded database settings
About SQL Server configuration settings
About SQL Server database authentication modes
3. Installing Symantec Endpoint Protection Manager
Installing Symantec Endpoint Protection Manager
Configuring the management server during installation
Uninstalling Symantec Endpoint Protection Manager
About accepting the self-signed (SSL) server certificate for Symantec Endpoint Protection Manager
Logging on to the Symantec Endpoint Protection Manager console
Increasing the time period for staying logged on to the console
What you can do from the console
4. Managing product licenses
Licensing Symantec Endpoint Protection
About the trialware license
About purchasing licenses
Activating or importing your Symantec Endpoint Protection or Symantec Network Access Control 12.1 product license
About product upgrades and licenses
About renewing your Symantec Endpoint Protection license
Checking license status
About the licensing enforcement rules
Backing up your license files
Recovering a deleted license
Purging obsolete clients from the database to make more licenses available
About multi-year licenses
Licensing an unmanaged client
5. Installing the Symantec Endpoint Protection client
Preparing for client installation
About client deployment methods
Exporting client installation packages
About the client installation settings
Configuring client installation package features
Configuring client packages to uninstall existing third-party security software
Restarting client computers
About managed and unmanaged clients
Installing an unmanaged client
Uninstalling the Windows client
Uninstalling the Mac client
Managing client installation packages
Adding client installation package updates
6. Upgrading Symantec Endpoint Protection
Upgrading to a new release of Symantec Endpoint Protection
Upgrade resources for Symantec Endpoint Protection 12.1
Feature mapping between 11.x and 12.1 clients
Supported Symantec Endpoint Protection Manager upgrade paths
Increasing Symantec Endpoint Protection Manager disk space before upgrading to version 12.1
Upgrading a management server
Upgrading an environment that uses multiple embedded databases and management servers
Turning off replication before upgrade
Turning on replication after upgrade
Stopping and starting the management server service
Supported upgrade paths for the Symantec Endpoint Protection client
About upgrading client software
Upgrading clients by using AutoUpgrade in Symantec Endpoint Protection
Updating client software with a LiveUpdate Settings policy
Upgrading Group Update Providers
7. Migrating to Symantec Endpoint Protection
Migrating from Symantec AntiVirus or Symantec Client Security
Supported and unsupported migration paths to Symantec Endpoint Protection
Supported and unsupported migration paths for the Mac client
Disabling scheduled scans in Symantec System Center
Disabling LiveUpdate in Symantec System Center
Turning off the roaming service in Symantec System Center
Unlocking server groups in Symantec System Center
Turning off Tamper Protection in Symantec System Center
Uninstalling and deleting reporting servers
About computer groups imported with the Migration Wizard
Importing group settings and policy settings with the Migration Wizard
8. Managing sites and replication
Setting up sites and replication
About determining how many sites you need
How replication works
Replicating data on demand
Changing the automatic replication schedule
Specifying which data to replicate
Deleting replication partners
Re-adding a replication partner that you previously deleted
9. Managing Symantec Endpoint Protection in Protection Center
About Symantec Endpoint Protection and Protection Center
About upgrading to Protection Center version 2
About setting up Symantec Endpoint Protection in Protection Center
About setting up multiple Symantec Endpoint Protection domains in Protection Center
Configuring communication between Symantec Endpoint Protection Manager and Protection Center
II. Managing groups, clients, and administrators
10. Managing groups of client computers
Managing groups of clients
How you can structure groups
Adding a group
Importing existing groups and computers from an Active Directory or an LDAP server
Assigning clients to groups before you install the client software
Disabling and enabling a group's inheritance
Blocking client computers from being added to groups
Moving a client computer to another group
11. Managing clients
Managing client computers
How to determine whether the client is connected in the console
Viewing the protection status of clients and client computers
Displaying which clients do not have the client software installed
Searching for information about client computers
About enabling and disabling protection when you need to troubleshoot problems
About commands that you can run on client computers
Running commands on the client computer from the console
Ensuring that a client does not restart
Switching a client between user mode and computer mode
Configuring a client to detect unmanaged devices
About access to the client interface
About mixed control
Changing the user control level
Configuring user interface settings
Collecting user information
Password-protecting the client
12. Managing remote clients
Managing remote clients
Managing locations for remote clients
Enabling location awareness for a client
Adding a location to a group
Changing a default location
Setting up Scenario One location awareness conditions
Setting up Scenario Two location awareness conditions
Configuring communication settings for a location
About strengthening your security policies for remote clients
About turning on notifications for remote clients
About customizing log management settings for remote clients
About monitoring remote clients
13. Managing domains
About domains
Adding a domain
Switching to the current domain
14. Managing administrator accounts and passwords
Managing domains and administrator accounts
About administrator account roles and access rights
Adding an administrator account
Configuring the access rights for a limited administrator
Changing the authentication method for administrator accounts
Best practices for testing whether a directory server authenticates an administrator account
Changing the password for an administrator account
Allowing administrators to reset forgotten passwords
Sending a temporary password to an administrator
Displaying the Remember my user name and Remember my password check boxes on the logon screen
III. Managing protection and customizing policies
15. Using policies to manage security
Performing the tasks that are common to all policies
The types of security policies
About shared and non-shared policies
Adding a policy
Editing a policy
Copying and pasting a policy on the Policies page
Copying and pasting a policy on the Clients page
Locking and unlocking Virus and Spyware policy settings
Assigning a policy to a group
Replacing a policy
Exporting and importing individual policies
Converting a shared policy to a non-shared policy
Withdrawing a policy from a group
How the client computers get policy updates
Configuring push mode or pull mode to update client policies and content
Using the policy serial number to check client-server communication
Manually updating policies on the client
Monitoring the applications and services that run on client computers
Searching for information about the applications that the computers run
16. Managing Virus and Spyware Protection
Preventing and handling virus and spyware attacks on client computers
Remediating risks on the computers in your network
Managing scans on client computers
Setting up scheduled scans that run on Windows computers
Setting up scheduled scans that run on Mac computers
Running on-demand scans on client computers
Adjusting scans to improve computer performance
Adjusting scans to increase protection on your client computers
Managing Download Insight detections
How Symantec Endpoint Protection uses reputation data to make decisions about files
How Symantec Endpoint Protection policy features work together
About submitting information about detections to Symantec Security Response
About submissions throttling
Enabling or disabling client submissions to Symantec Security Response
Specifying a proxy server for client submissions and other external communications
Managing the Quarantine
Managing the virus and spyware notifications that appear on client computers
About the pop-up notifications that appear on the clients that run Windows 8
Enabling or disabling Symantec Endpoint Protection pop-up notifications on Windows 8 clients
Managing early launch anti-malware (ELAM) detections
Adjusting the Symantec Endpoint Protection early launch anti-malware (ELAM) options
17. Customizing scans
Customizing the virus and spyware scans that run on Windows computers
Customizing the virus and spyware scans that run on Mac computers
Customizing Auto-Protect for Windows clients
Customizing Auto-Protect for Mac clients
Customizing Auto-Protect for email scans on Windows computers
Customizing administrator-defined scans for the clients that run on Windows computers
Customizing administrator-defined scans for clients that run on Mac computers
Randomizing scans to improve computer performance in virtualized environments
Modifying global scan settings for Windows clients
Modifying miscellaneous settings for Virus and Spyware Protection on Windows computers
Customizing Download Insight settings
Changing the action that Symantec Endpoint Protection takes when it makes a detection
Allowing users to view scan progress and interact with scans
How Symantec Endpoint Protection interacts with Windows Security Center
18. Managing SONAR
About SONAR
Managing SONAR
Handling and preventing SONAR false positive detections
Adjusting SONAR settings on your client computers
Monitoring SONAR detection results to check for false positives
Managing TruScan proactive threat scans for legacy clients
19. Managing Tamper Protection
About Tamper Protection
Changing Tamper Protection settings
20. Managing firewall protection
Managing firewall protection
Creating a firewall policy
Managing firewall rules
Setting up firewall rules
21. Managing intrusion prevention
Managing intrusion prevention on your client computers
How intrusion prevention works
About Symantec IPS signatures
About custom IPS signatures
Enabling or disabling network intrusion prevention or browser intrusion prevention
Creating exceptions for IPS signatures
Setting up a list of excluded computers
Configuring client intrusion prevention notifications
Managing custom intrusion prevention signatures
22. Managing application and device control
About application and device control
About Application and Device Control policies
About the structure of an Application and Device Control policy
Setting up application and device control
Enabling a default application control rule set
Creating custom application control rules
Configuring system lockdown
Managing device control
23. Managing exceptions
About exceptions to Symantec Endpoint Protection
Managing exceptions for Symantec Endpoint Protection
Creating exceptions for Symantec Endpoint Protection
Restricting the types of exceptions that users can configure on client computers
Creating exceptions from log events in Symantec Endpoint Protection Manager
24. Configuring updates and updating client computer protection
Managing content updates
Configuring a site to download content updates
Configuring the LiveUpdate download schedule for Symantec Endpoint Protection Manager
Downloading LiveUpdate content manually to Symantec Endpoint Protection Manager
Checking LiveUpdate server activity
Configuring Symantec Endpoint Protection Manager to connect to a proxy server to access the Internet and download content from Symantec LiveUpdate
Specifying a proxy server that clients use to communicate to Symantec LiveUpdate or an internal LiveUpdate server
Enabling and disabling LiveUpdate scheduling for client computers
Configuring the types of content used to update client computers
Configuring the LiveUpdate download schedule for client computers
Configuring the amount of control that users have over LiveUpdate
Configuring the content revisions that clients use
Configuring the disk space that is used for LiveUpdate downloads
About randomization of simultaneous content downloads
Randomizing content downloads from the default management server or a Group Update Provider
Randomizing content downloads from a LiveUpdate server
Configuring client updates to run when client computers are idle
Configuring client updates to run when definitions are old or the computer has been disconnected
Setting up an external LiveUpdate server
Setting up an internal LiveUpdate server
Using Group Update Providers to distribute content to clients
Using Intelligent Updater files to update client virus and security risk definitions
Using third-party distribution tools to update client computers
25. Monitoring protection with reports and logs
Monitoring endpoint protection
Configuring reporting preferences
Logging on to reporting from a stand-alone Web browser
About the types of reports
Running and customizing quick reports
Saving and deleting custom reports
Creating scheduled reports
Editing the filter used for a scheduled report
Printing and saving a copy of a report
Viewing logs
Running commands from the computer status log
26. Managing notifications
Managing notifications
Establishing communication between the management server and email servers
Viewing and acknowledging notifications
Saving and deleting administrative notification filters
Setting up administrator notifications
How upgrades from another version affect notification conditions
IV. Managing protection in virtual environments
27. Overview of Symantec Endpoint Protection and virtual infrastructures
Using Symantec Endpoint Protection in virtual infrastructures
About Shared Insight Cache
About the Virtual Image Exception tool
28. Installing and using a network-based Shared Insight Cache
What do I need to do to use a network-based Shared Insight Cache?
System requirements for implementing a network-based Shared Insight Cache
Installing and uninstalling a network-based Shared Insight Cache
Enabling or disabling the use of a network-based Shared Insight Cache
Customizing network-based Shared Insight Cache configuration settings
About stopping and starting the network-based Shared Insight Cache service
Viewing network-based Shared Insight Cache log events
Monitoring network-based Shared Insight Cache performance counters
Troubleshooting issues with Shared Insight Cache
29. Installing a Security Virtual Appliance and using a vShield-enabled Shared Insight Cache
What do I need to do to use a vShield-enabled Shared Insight Cache?
What do I need to do to install a Security Virtual Appliance?
About the Symantec Endpoint Protection Security Virtual Appliance
VMware software requirements to install a Symantec Security Virtual Appliance
VMware software requirements for the Guest Virtual Machines
Configuring the Symantec Endpoint Protection Security Virtual Appliance installation settings file
Installing a Symantec Endpoint Protection Security Virtual Appliance
Enabling Symantec Endpoint Protection clients to use a vShield-enabled Shared Insight Cache
Stopping and starting the vShield-enabled Shared Insight Cache service
Service commands for the vShield-enabled Shared Insight Cache
Configuration file settings for a vShield-enabled Shared Insight Cache
About vShield-enabled Shared Insight Cache event logging
Uninstalling a Symantec Endpoint Protection Security Virtual Appliance
30. Using Virtual Image Exception
Using the Virtual Image Exception tool on a base image
System requirements for the Virtual Image Exception tool
Running the Virtual Image Exception tool
Configuring Symantec Endpoint Protection to bypass the scanning of base image files
31. Non-persistent virtual desktop infrastructures
Using Symantec Endpoint Protection in non-persistent virtual desktop infrastructures
Setting up the base image for non-persistent guest virtual machines in virtual desktop infrastructures
Creating a registry key to mark the base image Guest Virtual Machines (GVMs) as non-persistent clients
Configuring a separate purge interval for offline non-persistent VDI clients
V. Configuring and managing Symantec Endpoint Protection Manager
32. Managing the connection between the management server and the client computers
Managing the client-server connection
How to determine whether the client is connected and protected
Why do I need to replace the client-server communications file on the client computer?
How do I replace the client-server communications file on the client computer?
Restoring client-server communications by using a client installation package
Exporting the client-server communications file manually
Importing client-server communication settings into the client
Configuring SSL between Symantec Endpoint Protection Manager and the clients
Improving client and server performance
About server certificates
Best practices for updating server certificates and maintaining the client-server connection
33. Configuring the management server
Managing Symantec Endpoint Protection Manager servers and third-party servers
About the types of Symantec Endpoint Protection servers
Exporting and importing server settings
Enabling or disabling Symantec Endpoint Protection Manager web services
34. Managing databases
Maintaining the database
Scheduling automatic database backups
Scheduling automatic database maintenance tasks
Exporting data to a Syslog server
Exporting log data to a text file
Exporting log data to a comma-delimited text file
Specifying client log size and which logs to upload to the management server
Specifying how long to keep log entries in the database
About increasing the disk space on the server for client log data
Clearing log data from the database manually
35. Managing failover and load balancing
Setting up failover and load balancing
About failover and load balancing
Configuring a management server list
Assigning a management server list to a group and location
36. Preparing for disaster recovery
Preparing for disaster recovery
Backing up the database and logs
Backing up a server certificate
VI. Troubleshooting Symantec Endpoint Protection
37. Performing disaster recovery
Performing disaster recovery
Reinstalling or reconfiguring Symantec Endpoint Protection Manager
Generating a new server certificate
Restoring the database
38. Troubleshooting installation and communication problems
Troubleshooting computer issues with the Symantec Help support tool
Identifying the point of failure of an installation
Troubleshooting communication problems between the management server and the client
Troubleshooting communication problems between the management server and the console or the database
Client and server communication files
39. Troubleshooting reporting issues
Troubleshooting reporting issues
Changing timeout parameters for reviewing reports and logs
Accessing reporting pages when the use of loopback addresses is disabled
About recovering a corrupted client System Log on 64-bit computers
VII. Managing Symantec Network Access Control
40. Introducing Symantec Network Access Control
About Symantec Network Access Control
About the types of enforcement in Symantec Network Access Control
How Symantec Network Access Control works
How self enforcement works
About the Symantec Network Access Control Enforcer appliances
How the Symantec Network Access Control Enforcer appliances work with Host Integrity policies
How the Gateway Enforcer appliance works
How the LAN Enforcer appliance works
How an Integrated Enforcer for Microsoft DHCP Servers works
How an Integrated Enforcer for Microsoft Network Access Protection works with a Microsoft Network Policy Server (NPS)
How the On-Demand Client works
What you can do with Symantec Enforcer appliances
What you can do with Symantec Integrated Enforcers
What you can do with On-Demand Clients
41. Installing Symantec Network Access Control
Deploying Symantec Network Access Control
Upgrading Symantec Endpoint Protection Manager to include Symantec Network Access Control
About installing an Enforcer appliance
Installing an Enforcer appliance
About the Enforcer appliance indicators and controls
Setting up an Enforcer appliance
Logging on to an Enforcer appliance
Configuring an Enforcer appliance
42. Upgrading and reimaging all types of Enforcer appliance images
About upgrading and reimaging Enforcer appliance images
Enforcer hardware compatibility matrix
Determining the current version of an Enforcer appliance image
Upgrading the Enforcer appliance image
Reimaging an Enforcer appliance image
43. Customizing Host Integrity policies
What you can do with Host Integrity policies
Creating and testing a Host Integrity policy
About Host Integrity requirements
Adding Host Integrity requirements
Host Integrity for the Mac
Enabling, disabling, and deleting Host Integrity policies
Changing the sequence of Host Integrity requirements
Adding a Host Integrity requirement from a template
About settings for Host Integrity checks
Allowing the Host Integrity check to pass if a requirement fails
Configuring notifications for Host Integrity checks
About Host Integrity remediation
Creating a Quarantine policy for a failed Host Integrity check
Specifying the amount of time the client waits to remediate
Allowing users to postpone or cancel Host Integrity remediation
44. Adding custom requirements to a Host Integrity policy
About custom requirements
About conditions
About functions
About custom requirement logic
Writing a custom requirement script
Displaying a message dialog box
Downloading a file
Setting a registry value
Incrementing a registry DWORD value
Running a program
Running a script
Setting the timestamp of a file
Specifying a wait time for the custom requirement script
45. Performing basic tasks on the console of all types of Enforcer appliances
About performing basic tasks on the console of an Enforcer appliance
Configuring a connection between an Enforcer appliance and a Symantec Endpoint Protection Manager
Checking the communication status of an Enforcer appliance on the Enforcer console
Remote access to an Enforcer appliance
About the Enforcer appliance CLI command hierarchy
46. Planning for the installation of the Gateway Enforcer appliance
Installation planning for a Gateway Enforcer appliance
Gateway Enforcer appliance NIC settings
Failover planning for Gateway Enforcer appliances
Fail-open and fail-closed planning for a Gateway Enforcer appliance
47. Configuring the Symantec Gateway Enforcer appliance from the Symantec Endpoint Protection Manager
About configuring the Symantec Gateway Enforcer appliance on the Symantec Endpoint Protection Manager Console
Changing Gateway Enforcer appliance configuration settings in Symantec Endpoint Protection Manager
About general settings on a Gateway appliance
About authentication settings on a Gateway appliance
Authentication range settings
About advanced Gateway Enforcer appliance settings
48. Installation planning for the LAN Enforcer appliance
Planning for the installation of a LAN Enforcer appliance
Failover planning for LAN Enforcer appliances and RADIUS servers
49. Configuring the LAN Enforcer appliance on the Symantec Endpoint Protection Manager
About configuring the Symantec LAN Enforcer on the Symantec Endpoint Protection Manager Console
About configuring RADIUS servers on a LAN Enforcer appliance
About configuring 802.1x wireless access points on a LAN Enforcer appliance
Changing LAN Enforcer configuration settings in Symantec Endpoint Protection Manager
Using general settings
Using RADIUS server group settings
Using switch settings
Using advanced LAN Enforcer appliance settings
Configuring MAC addresses and MAC authentication bypass (MAB) on the LAN Enforcer
Using 802.1x authentication
50. Managing Enforcers on the Symantec Endpoint Protection Manager
About managing Enforcers on the management server console
About managing Enforcers from the Servers page
About Enforcer groups
About the Enforcer information that appears on the Enforcer console
Displaying information about the Enforcer on the management console
Changing an Enforcer’s name and description
Deleting an Enforcer or an Enforcer group
Exporting and importing Enforcer group settings
Pop-up messages for blocked clients
About client settings and the Enforcer
Configuring clients to use a password to stop the client service
About Enforcer reports and logs
Configuring Enforcer log settings
51. Introducing the Symantec Integrated Enforcers
About the Symantec Network Access Control Integrated Enforcer for Microsoft DHCP Servers
About the Symantec Network Access Control Integrated Enforcer for Microsoft Network Access Protection
52. Installing the Symantec Network Access Control Integrated Enforcer for Microsoft DHCP Servers
Process for installing the Symantec Network Access Control Integrated Enforcer for Microsoft DHCP Servers
System requirements for an Integrated Enforcer for Microsoft DHCP Servers
Components for an Integrated Enforcer for Microsoft DHCP servers
Placement requirements for an Integrated Enforcer for Microsoft DHCP Servers
How to get started with the installation of an Integrated Enforcer for Microsoft DHCP servers
Installing an Integrated Enforcer for Microsoft DHCP Servers
53. Configuring the Symantec Integrated Enforcers on the Enforcer console
About configuring Integrated Enforcers on an Enforcer console
Establishing or changing communication between an Integrated Enforcer for Microsoft DHCP servers and a Symantec Endpoint Protection Manager
Configuring automatic quarantine
Editing a Symantec Endpoint Protection Manager connection
Configuring Integrated Enforcer communication settings in Symantec Endpoint Protection Manager
Configuring a trusted vendor list
Viewing Enforcer logs on an Enforcer console
Stopping and starting communication services between an Integrated Enforcer and a management server
Configuring a secure subnet mask
Creating DHCP scope exceptions
54. Configuring the Symantec Network Access Control Integrated Enforcer for Microsoft DHCP Server on the Symantec Endpoint Protection Manager
About configuring the Symantec Network Access Control Integrated Enforcer for Microsoft DHCP Server on the Symantec Endpoint Protection Manager
Configuring Symantec Network Access Control Integrated Enforcer basic settings
Configuring Symantec Network Access Control Integrated Enforcer advanced settings
Configuring Symantec Network Access Control Integrated Enforcer authentication settings
Configuring logs for the Symantec Network Access Control Integrated Enforcer
55. Installing the Symantec Integrated Enforcer for Microsoft Network Access Protection
Before you install the Symantec Integrated Enforcer for Microsoft Network Access Protection
Process for installing the Symantec Network Access Control Integrated Enforcer for Microsoft Network Access Protection
System requirements for an Integrated Enforcer for Microsoft Network Access Protection
Components of a Symantec Integrated Enforcer for Microsoft Network Access Protection
Installing the Integrated Enforcer for Microsoft Network Access Protection
56. Configuring the Symantec Network Access Control Integrated Enforcer for Microsoft Network Access Protection on an Enforcer console
About configuring a Symantec Integrated Enforcer for Microsoft Network Access Protection on an Enforcer console
Connecting a Symantec Integrated Enforcer for Microsoft Network Access Protection to a management server on an Enforcer console
Encrypting communication between a Symantec Integrated Enforcer for Microsoft Network Access Protection and a management server
Setting up an Enforcer group name on the Symantec Integrated Enforcer for Microsoft Network Access Protection console
Setting up an HTTP communication protocol on the Symantec Integrated Enforcer for Microsoft Network Access Protection console
57. Configuring the Symantec Network Access Control Integrated Enforcer for Microsoft Network Access Protection on the Symantec Endpoint Protection Manager
About configuring the Symantec Integrated Enforcer for Microsoft Network Access Protection on the Symantec Endpoint Protection Manager
Enabling NAP enforcement for clients
Verifying that the management server manages the client
Verifying Security Health Validator policies
Verifying that clients pass the Host Integrity check
Configuring logs for the Symantec Integrated Enforcer for Network Access Protection
58. Setting up temporary connections for Symantec Network Access Control On-Demand clients
About the Symantec Network Access Control On-Demand Clients
Before you configure Symantec Network Access Control On-Demand clients on the console of a Gateway Enforcer
Setting up guest access challenge using the Symantec Network Access Control DHCP Integrated Enforcer
Enabling Symantec Network Access Control On-Demand clients to temporarily connect to a network
Disabling Symantec Network Access Control On-Demand clients
Setting up authentication on the Gateway Enforcer console for Symantec Network Access Control On-Demand clients
Editing the banner on the Welcome page
59. Troubleshooting the Enforcer appliance
Troubleshooting communication problems between an Enforcer appliance and the Symantec Endpoint Protection Manager
Troubleshooting an Enforcer appliance
Frequently asked questions for the Enforcer appliances
Troubleshooting the connection between the Enforcer and the On-Demand Clients
A. Differences between Mac and Windows features
Client protection features by platform
Management features by platform
Virus and Spyware Protection policy settings available for Windows and Mac
LiveUpdate policy settings available for Windows and Mac
B. Customizing and deploying the client installation by using third-party tools
Installing client software using third-party tools
About client installation features and properties
About configuring MSI command strings
About configuring Setaid.ini
Symantec Endpoint Protection client installation properties
Symantec Endpoint Protection client features
Windows Installer parameters
Windows Security Center properties
Command-line examples for installing the client
About installing and deploying client software with the Symantec Management Agent
Installing clients with Microsoft SMS 2003
Installing clients with Active Directory Group Policy Object
Creating the administrative installation image
Creating a GPO software distribution
Creating a startup script to install Windows Installer 3.1 or later
Adding computers to an organizational unit and installation software
Copying a Sylink.xml file to the installation files to make managed clients
Uninstalling client software with Active Directory Group Policy Object
C. Command-line options for the client
Running Windows commands for the client service
Error codes
Typing a parameter if the client is password-protected
D. Command-line options for the Virtual Image Exception tool
E. Syntax for custom intrusion prevention signatures and application control rules
Regular expressions in Symantec Endpoint Protection Manager
About signature syntax and conventions
Protocol type arguments
TCP protocol arguments
UDP protocol arguments
ICMP protocol arguments
IP protocol arguments
Msg arguments
Content arguments
Optional content arguments
Case-sensitivity
HTTP decoding
Offset and depth
Streamdepth arguments
Supported operators
Sample custom IPS signature syntax

Legacy ID



SEP12.1_Implement_v35111975


Article URL http://www.symantec.com/docs/DOC6153


Terms of use for this information are found in Legal Notices