Getting up and running on Symantec Endpoint Protection Small Business Edition for the first time

Article:HOWTO54901  |  Created: 2011-06-29  |  Updated: 2014-11-04  |  Article URL
Article Type
How To


Getting up and running on Symantec Endpoint Protection Small Business Edition for the first time

You should assess your security requirements and decide if the default settings provide the balance of performance and security you require. Some performance enhancements can be made immediately after you install Symantec Endpoint Protection Manager.

Table: Tasks to install and configure Symantec Endpoint Protection Small Business Edition lists the tasks you should perform to install and protect the computers in your network immediately.

Table: Tasks to install and configure Symantec Endpoint Protection Small Business Edition



Install or migrate the management server

Whether you install the product for the first time, upgrade from a previous version, or migrate from another product, you install Symantec Endpoint Protection Manager first.

See Installing the management server and the console.

See About migrating to Symantec Endpoint Protection Small Business Edition.

Create groups

You can add the groups that contain computers based on the level of security or function the computers perform. For example, you should put computers with a higher level of security in one group, or a group of Mac computers in another group.

See How you can structure groups.

See Adding a group.

See Guidelines for managing portable computers.

Modify the Virus and Spyware Protection policy

Change the following default scan settings:

Activate the product license

Purchase and activate a license within 30 days of product installation.

See Activating your new or renewed Symantec Endpoint Protection Small Business Edition 12.1 product license.

Prepare computers for client installation (optional)

Before you install the client software, perform the following tasks, if necessary:

  • Uninstall third-party virus protection software from your computers.

    For more information on a tool to uninstall any competitive product automatically, see the knowledge base article, SEPprep competitive product uninstall tool.

  • If you deploy client software remotely, first modify the firewall settings on your client computers to allow communication between the computers and the management server.

See Preparing for client installation.

Install the client software with the Client Deployment Wizard

Deploy the client software.

See Deploying clients using a Web link and email.

Check that the computers are listed in the groups that you expected and that the client communicates with the management server

In the management console, on the Computers > Computers page:

  1. Change the view to Client status to make sure that the client computers in each group communicate with the management server.

    Look at the information in the following columns:

    • The Computer column displays a green dot for the clients that are connected to the management server.

    • The Last Time Status Changed column displays the time that the client last communicated with the management server.

    • The Restart Required column displays which client computers you need to restart to enable protection.

      See Restarting client computers.

    • The Policy Serial Number column displays the most current policy serial number. The policy might not update for one to two heartbeats.

      See Using the policy serial number to check client-server communication.

  2. Change to the Protection technology view and ensure that the following protections are On:

    • Antivirus status

    • Firewall status

    See Viewing the protection status of clients and client computers.

  3. On the client, check that the client is connected to a server, and check that the policy serial number is the most current one.

    See Checking the connection or reconnecting to the management server.

See Troubleshooting communication problems between the management server and the client.

Check the LiveUpdate schedule and adjust if necessary

Make sure that the content updates download to client computers at a time that affects users the least.

See Configuring the LiveUpdate download schedule for Symantec Endpoint Protection Manager.

Configure Symantec Endpoint Protection Manager to send email alerts

Alerts and notifications are critical to maintaining a secure environment and can also save you time.

See Managing notifications.

Configure notifications for a single risk outbreak and when a new risk is detected

Create a notification for a Single risk event and modify the notification for Risk Outbreak.

For these notifications, do the following:

  1. Change the Risk severity to Category 1 (Very Low and above) to avoid receiving emails about tracking cookies.

  2. Keep the Damper setting at Auto.

See Setting up administrator notifications.

Table: Tasks to perform two weeks after you install displays the tasks to perform after you install and configure the product to assess whether the client computers have the correct level of protection.

Table: Tasks to perform two weeks after you install



Exclude applications and files from being scanned

You can increase performance so that the client does not scan certain folders and files. For example, the client scans the mail server every time a scheduled scan runs.

You can also exclude files by extension for Auto-Protect scans.

See Creating exceptions for Symantec Endpoint Protection Small Business Edition.

See Customizing Auto-Protect for Windows clients.

See About commands you can run on client computers.

Run a quick report and scheduled report after the scheduled scan

Run the quick reports and scheduled reports to see whether the client computers have the correct level of security.

See About the types of reports.

See Running and customizing quick reports.

See Creating scheduled reports.

Check to ensure that scheduled scans have been successful and clients operate as expected

Review monitors, logs, and the status of client computers to make sure that you have the correct level of protection for each group.

See Monitoring endpoint protection.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices