Symantec Endpoint Protection Manager 11.x reference guide for Symantec System Center users

Close X

Please note that this document is a translation. It is possible that updates have been made to the original version after this document was translated and published. Symantec does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledgebase article for up to date information.

Article:TECH116729  |  Created: 2008-01-18  |  Updated: 2012-07-17  |  Article URL http://www.symantec.com/docs/TECH116729
Article Type
Technical Solution


Environment

Issue



You migrate from Symantec AntiVirus to Symantec Endpoint Protection 11.x. You need to know how to perform tasks in the Symantec Endpoint Protection Manager as you previously did in Symantec System Center.

 


Solution



The following tables show different types of tasks, how they were performed in Symantec System Center in legacy Symantec AntiVirus, and how to perform equivalent tasks in Symantec Endpoint Protection Manager 11.x.

 

Manage content updates

Task

Symantec System Center

Symantec Endpoint Protection Manager

Configure LiveUpdate to work with an internal LiveUpdate server

Right-click the server, and click All Tasks > LiveUpdate > Configure, and configure settings for your internal LiveUpdate server.

On the Policies tab, under View Policies, click LiveUpdate, and either edit the existing policy or create a new policy. In the policy, click Server Settings, check Use a LiveUpdate server, and configure settings for your internal LiveUpdate server.

Download product updates

Not done through Symantec System Center or LiveUpdate. Patches must be downloaded manually.

On the Policies tab, click LiveUpdate, and either edit the existing policy or create a new policy. In the policy, in Server Settings, check Use a LiveUpdate server. In Advanced Settings, check Download Symantec Endpoint Protection product updates using a LiveUpdate server.

Force a content update

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Update virus definitions now.

On the Clients tab, right-click the client group, select Run Command on Group, and click Update.

Schedule LiveUpdate

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Virus Definition Manager.

On the Policies tab, click LiveUpdate, and either edit the existing policy or create a new policy. In the policy, click Schedule.

Configure the network

Task

Symantec System Center

Symantec Endpoint Protection Manager

Change client roaming options

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Client Roaming Options.

Roaming failover is enabled by default. To change the options, on the Clients tab, click the group, then, in the right pane, select the Policies tab. Under Settings, click General Settings, and enable or disable Location Awareness. To create new locations, on the Clients > Policies tabs, under Tasks, click Add Location.

Configure client Auto-Protect options

Right-click the server, and click All Tasks > Symantec AntiVirus > Client Auto-Protect Options.

On the Policies tab, under View Policies, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, configure the options under File System Auto-Protect.

Configure Reporting server and agent

Open the Reporting section in the Symantec System Center tree, and unlock the server you want to configure.

For notifications:
On the Monitors tab, click Notifications.

For database maintenance:
On the Admin tab, click on Servers, then click on  Local Site, click Edit Site Properties, click on Database Tab.

Create client firewall exceptions

Edit the firewall policy with the Symantec Client Firewall Administrator tool, and then deploy the changes with Symantec System Center.

On the Policies tab, under View Policies, select Firewall. Either edit an existing policy or create a new policy. In the policy, click Rules > Add Rule, and follow the steps in the wizard.

Disable client email scanning

Right-click the server, and click All Tasks > Symantec AntiVirus > Client Auto-Protect Options. Disable and lock the options on the Internet Email, Microsoft Exchange, and Lotus Notes tabs.

On the Policies tab, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, disable and lock scanning under Internet Email Auto-Protect, Microsoft Exchange Auto-Protect, and Lotus Notes Auto-Protect.

Disable startup scans and QuickScans

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Client Administrator Only Options. On the Scans tab, change the scan options.

On the Policies tab, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, under Administrator-defined Scans, on the Advanced tab, change the options under Startup and Triggered Scans.

Disable Tamper Protection

Right-click the desired target, then click All Tasks > Symantec AntiVirus, and click either Client or Server Tamper Protection Options.

On the Clients tab, click the group, then, in the right pane, select the Policies tab. Under Location-independant Policies and Settings, choose General Settings. On the Tamper Protection tab, uncheck "Protect Symantec security software from being tampered with or shut down," and then lock it.

Enable or disable the icon in the Windows notification area (the system tray)

Right-click the server, click All Tasks > Symantec AntiVirus > Client Administrator Only Options, and uncheck Show Symantec AntiVirus Icon on Desktop.

On the Clients tab, click the desired target. In the right pane, select the Policies tab. Expand Location-Specific Settings, and next to Client User Interface Control Settings, click Server Control. In the dialog, under Server Control, click Customize, and check or uncheck Display the notification area icon.

Schedule a scan

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Scheduled scans.

On the Policies tab, select AntiVirus and AntiSpyware, edit or create a policy, and click Administrator-defined Scan.

Set global exclusions

Set Auto-Protect exclusions in either Client Auto-Protect Options or Server Auto-Protect Options. Set scheduled scan exclusions when you create or edit the scan. Local scans cannot have exclusions configured remotely.

On the Policies tab, click Centralized Exceptions, and either edit an existing policy or create a new policy.

Set the amount of time before logs are purged

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Configure History.

On the Clients tab, click the group, then, in the right pane, select the Policies tab. Under Settings, click Client Log Settings.

Set the amount of time before quarantined items are purged

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Quarantine Options > Purge Options.

On the Policies tab, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, under Quarantine, click Cleanup.

Update the firewall policy

Right-click the server, click All Tasks > Symantec Client Firewall > Update All Policy Now, and then follow the steps in the wizard.

On the Policies tab, under View Policies, select Firewall. Either edit an existing policy or create a new policy. After saving the policy, highlight it in the right pane. Under Tasks, click Assign the Policy.

 

Deploy clients and managers

Task

Symantec System Center

Symantec Endpoint Protection Manager

Deploy clients

On the Tools menu, click ClientRemote Install, and follow the steps in the wizard.

On the Admin tab, on the lower left, click Install Packages. Under Tasks, click Update Groups with Package, and follow the steps in the wizard to deploy a package that contains Symantec Endpoint Protection.

Deploy servers

On the Tools menu, click AntiVirus Server Rollout, and follow the steps in the wizard.

On the Admin tab, on the lower left, click Install Packages. Under Tasks, click Update Groups with Package, and follow the steps in the wizard to deploy a package that contains Symantec Endpoint Protection Manager.

Create client groups

Right-click the group folder, and click New Group.

On the Clients tab, click Add Group, and fill out the required fields.

 

Take actions on the network

Task

Symantec System Center

Symantec Endpoint Protection Manager

Clear infected status

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Clear Risk Status.

Security Status alerts are reset automatically after 12 hours. This time frame can be changed in the Security Status preferences. Other indications that a threat was found remain in the logs.

Disable Auto-Protect

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Client or Server Auto-Protect Options.

On the Policies tab, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, under File System Auto-Protect, uncheck and lock Enable File System Auto-Protect.

Disable the firewall

Create a policy with the firewall disabled. To distribute the policy from within Symantec System Center, right-click the desired target, then click All Tasks > Symantec Client Firewall > Update Client Policy Now.

On the Clients tab, right-click the group, then click Run Command on Group > Disable Network Threat Protection.

Force a global or a group scan

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Start Virus Sweep or Start Manual Scan.

On the Clients tab, right-click the client group, select Run Command on Group, and click either Scan or Update and Scan.

Purge Quarantine

Right-click the desired target, then click All Tasks > Symantec AntiVirus > Logs > Risk History, select the risk, and click Delete.

On the Monitors tab, on the Logs tab, under Log type, select Risk, and then click View Log. Under Action, click Delete from Quarantine.

 

Get information about the network 

Task

Symantec System Center

Symantec Endpoint Protection Manager

Determine how many clients are on the network

 

Unlock the server group, then highlight the managing server to see what clients the server manages.

Click Clients, then select a client group to see the clients in that group.

Determine the virus definition version on the clients

In the AntiVirus view, select the managing server, and look in the Definitions column.

Click Home, and examine the pie chart labeled Virus Definition Distribution.

Determine what version of the software is running on each client

In the AntiVirus view, select the managing server, and look in the Versions column.

On the Clients tab, select a group, and click the Install Packages tab to see what version of the software has been deployed to the selected group.

Determine whether threats have been detected

An alert icon appears on the affected computer and group. Right-click the desired target, then click Logs > Risk History.

On the Monitors tab, on the Logs tab, under Log Type, select Risk, and click View Log.

Find computers and audit the network

On the Tools menu, click Find Computer, and click the Audit Network tab.

On the Clients tab, under Tasks, click Find Unmanaged Computers.

View client firewall logs and events

Right-click the server, and click All Tasks > Symantec Client Firewall > Logs.

On the Reports tab, under Report Type, click Network Threat Protection, and configure a report.

View logs and configure log forwarding

Right-click the server, and click All Tasks > Symantec AntiVirus > Logs.

To view logs:
On the Monitors tab, click Logs.

To configure log forwarding:
On the Policies tab, under View Policies, click AntiVirus and AntiSpyware, and either edit the existing policy or create a new policy. In the policy, click Miscellaneous. On the Logs tab, configure log handling.

 

Click here to access visual instructions for Comparing Common Management Tasks between SSC and SEPM



Legacy ID



2007021509381848


Article URL http://www.symantec.com/docs/TECH116729


Terms of use for this information are found in Legal Notices