Setting up Scenario One location awareness conditions

Article:HOWTO80746  |  Created: 2012-10-24  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/HOWTO80746
Article Type
How To


Subject


Setting up Scenario One location awareness conditions

If you have remote clients, in the simplest case, it is a common practice to use the My Company group and three locations. This is Scenario One.

To manage the security of the clients in this scenario, you can create the following locations under the My Company group to use:

  • Office clients that log on in the office.

  • The remote clients that log on to the corporate network remotely over a VPN.

  • The remote clients that log on to the Internet remotely, but not over a VPN.

Because the remote location with no VPN connection is the least secure, it has the most secure policies. It is a best practice to always make this location the default location.

Note:

If you turn off My Company group inheritance and then you add groups, the added groups do not inherit the locations that you set up for the My Company group.

The following suggestions represent the best practices for Scenario One.

To set up the office location for the clients located in the office

  1. On the Clients page, select the group that you want to add a location for.

  2. On the Policies tab, under Tasks, click Add Location.

  3. In the Add Location Wizard, click Next.

  4. Type a name for the location and optionally, add a description of it, and then click Next.

  5. In the list box, click Client can connect to management server from the list, and then click Next.

  6. Click Finish, and then click OK.

  7. Under Tasks, click Manage Locations, and then select the location you created.

  8. Click Add, and then click Criteria with AND relationship.

  9. In the Specify Location Criteria dialog box, from the Type list, click Network Connection Type.

  10. Click If the client computer does not use the network connection type specified below.

  11. In the bottom list box, select the name of the VPN client that your organization uses, and then click OK.

  12. Click OK to exit the Manage Locations dialog box.

To set up the remote location for the clients logging in over a VPN

  1. On the Clients page, select the group that you want to add a location for.

  2. On the Policies tab, under Tasks, click Add Location.

  3. In the Add Location Wizard, click Next.

  4. Type a name for the location and optionally, add a description of it, and then click Next.

  5. In the list box, click Network connection type.

  6. In the Connection Type list box, select the name of the VPN client that your organization uses, and then click Next.

  7. Click Finish.

  8. Click OK.

To set up the remote location for the clients not logging on over a VPN

  1. On the Clients page, select the group that you want to add a location for.

  2. On the Policies tab, under Tasks, click Add Location.

  3. In the Add Location Wizard, click Next.

  4. Type a name for the location, optionally add a description of it, and then click Next.

  5. In the list box, leave No specific condition, and then click Next.

    By using these settings, this location's policies, which should be the strictest and most secure, are used as the default location policies.

  6. Click Finish, and then click OK.

See Setting up Scenario Two location awareness conditions.

See Managing remote clients.


Legacy ID



v11914817_v81626096


Article URL http://www.symantec.com/docs/HOWTO80746


Terms of use for this information are found in Legal Notices