Best Practices for Symantec Endpoint Protection on Citrix and Terminal Servers

Article:TECH91070  |  Created: 2008-01-24  |  Updated: 2014-07-24  |  Article URL http://www.symantec.com/docs/TECH91070
Article Type
Technical Solution


Issue



You are looking for information on how to best configure Symantec Endpoint Protection (SEP) for Terminal Server and Citrix solutions.


Solution



The following white paper provides information on the best configuration of Symantec Endpoint Protection in Terminal Server and Citrix environments.

SEP Citrix-Terminal Servers.pdf

These recommendations apply to Symantec Endpoint Protection 11 and with minor differences also to Symantec Endpoint Protection 12.1.

In Symantec Endpoint Protection 12.1 some processes have changed on the client:

  • ccApp.exe and Rtvscan.exe are no longer present. Their functionality has been moved into ccSvcHost.exe.
  • SmcGui.exe will only be running if the user launches the Symantec Endpoint Protection GUI and it should only be launched for that user session.
  • The ccSvcHst.exe handles the system tray icon which is supposed to run in every session.

The start of these multiple instances can be prevented by modifying the registry value for LaunchSmcGui as described in the document.

Prevent the process from starting by changing the registry value:

  1. Click Start, Run and type “regedit” then click OK
  2. Browse to HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC
  3. Find the entry LaunchSmcGui and change it from DWORD 1 to DWORD 0 (add it if it is not already present)

 
Note
: When LaunchSmcGui is disabled, the Help (or Help and Support) > Troubleshooting window will show the server as offline. However, the client will still update policies/content as needed. The Policy Serial Number can be verified by viewing the SerialNumber string in the registry editor (HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\Sylink).

If you are unable to modify the listed registry keys, you can temporarily disable Tamper Protection.


Attachments

SEP_Citrix-Terminal_Servers.pdf (495 kBytes)


Legacy ID



2008112414453348


Article URL http://www.symantec.com/docs/TECH91070


Terms of use for this information are found in Legal Notices