Hello,
This is Part 2 of the "How to Series...", you can find the Part 1 here.
Here are few popular "How to..." which would be assistance to the Symantec Endpoint Protection Users.
Series 2 contains the following "How to..."
1) How to Deploy the Communication Settings to the SEP 12.1 RU2 clients.
2) How to Enable Anti-MAC spoofing
3) How to export MSI Package to deploy the SEP clients.
4) How to verify what type of database is used for SEPM ?
=========================================================================================================
1) How to ... Deploy the Communication Settings to the SEP 12.1 RU2 clients.
If the client-server communications breaks, you can quickly restore communications by replacing the Sylink.xml file on the client computer. You can replace the sylink.xml file by redeploying a client installation package. Use this method for a large number of computers, for the computers that you cannot physically access easily, or the computers that require administrative access.
Here are the steps:
1) Login into SEPM console
2) Go to Clients Tab
3) Select the Group in which you would like to see the offline clients
4) Right click on the group and click on “Add Client”
5) Now please follow the Screenshot as mentioned below:
6) You will get “Client Deployment Wizard”
7) Select “ Communication Update Package Deployment” Option
8) Click Next
9) Select the group in which you would like to see the client
10) Leave it on “Computer mode”
11) Click Next
12) Select Remote Push
13) Click Next
14) Browse your network and add the computers to the list
15) Click Next
16) Authenticate the User
17) Click Next
18) Click Send
19) Click Finish
20) Please check the SEP client status in the SEPM, it should now show in the SEPM\Clients
Check these Articles:
Restoring client-server communications with Communication Update Package Deployment
http://www.symantec.com/docs/HOWTO81109
SEP 12.1 RU2 and Reset Client Communication
https://www-secure.symantec.com/connect/articles/sep-121-ru2-and-reset-client-communication
=========================================================================================================
2) How to... Enable Anti-MAC spoofing
1) Login into SEPM Console.
2) Go to “Policies”
3) Edit the Firewall Policy
4) Go to “Protection and Stealth”
5) ENABLE Anti-MAC Spoofing
Enabling anti-MAC spoofing - Allows the inbound and outbound ARP (Address Resolution Protocol) traffic only if an ARP request was made to that specific host. It blocks all other unexpected ARP traffic and logs it in the Security Log.
Media access control (MAC) addresses are the hardware addresses that identify the computers, the servers, and the routers. Some hackers use MAC spoofing to try to hijack a communication session between two computers. When computer A wants to communicate with computer B, computer A may send an ARP packet to computer B.
Anti-MAC spoofing protects a computer from letting another computer reset a MAC address table. If a computer sends an ARP REQUEST message, the client allows the corresponding ARP RESPOND message within a period of 10 seconds. All client rejects all unsolicited ARP RESPOND messages.
This option is disabled by default.
Check these Articles:
1) Microsoft SQL Database
2) Embedded database
====================================================================================