Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

"How to..." Series for Symantec Endpoint Protection - Part 3

Created: 31 Jul 2013 • Updated: 21 Aug 2013 | 6 comments
Language Translations
Mithun Sanghavi's picture
+14 14 Votes
Login to vote

Hello,

This is Part 3 of the "How to Series...", you can find the Part 1 here and Part 2 here.

Here are few popular "How to..." which would be assistance to the Symantec Endpoint Protection Users.

Series 3 contains the following "How to..."

1) How to create a GUP (Group Updater Provider) in SEP 12.1 RU2

2) How to Export a log report in Symantec Endpoint Protection Manager in .csv format

3) How to disable the "Active Scan on Startup" whenever different users log into a single computer on an unmanaged client.

4) How to Export SEP Client Package from Symantec Endpoint Protection Manager 12.1

======================================================================================================

1) How to create a GUP (Group Updater Provider) in SEP 12.1 RU2

    Step 1. Go to the Policies of that Group where that Systems are Stored in Symantec Console.

    Step 2. Click on Live Update Setting Policy (Fig-1)

GUP1.JPG

     

      Step 3. Live Update Policy Screen Display. Choose the Server Setting (Fig-2)

GUP2.JPG

                 (Figure-2)

     Step 4. There three option displays

                  a) Internal & External Live Update Setting

                  b) Group Updater Provider

                  c) Third Party Management

     

     Step 5. Check on the Use of Group Updater Provider. Now Group Updater Provider is Enable. Click on it.

     Step 6. Group Updater Provider Box Display. Fig (3)

GUP3.JPG

                 (Figure-3)

        Step 7. Two options are available in Group Updater Provider

           a) Group Updater Provider Selection for Clients.

           b) Group Update Provider Settings

        Step 8. In the Group Updater Provider Selection for Clients, there are 3 options displayed as below:

      a)   Multiple Group Update Provider: Multiple Group Update Providers use a set of rules, or criteria, to elect themselves to serve groups of clients across subnets. To configure multiple Group Update Providers, you specify the criteria that client computers must meet to qualify as a Group Update Provider. If a client computer meets the criteria, the Symantec Endpoint Protection Manager adds the client to its list of Group Update Providers. Symantec Endpoint Protection Manager then makes the list available to all the clients in your network. Clients check the list and choose the Group Update Provider that is located in their subnet. You can also configure a single, dedicated Group Update Provider to distribute content to clients when the local Group Update Provider is not available.

      b)  Explicit Group Update Provider: Use an explicit list of Group Update Providers when you want clients to be able to connect to Group Update Providers that are on subnets other than the client's subnet. Clients that change location can roam to the closest Group Update Provider on the list.

NOTE: Clients from releases earlier than this release do not support the use of explicit Group Update Provider lists. Clients that communicate with Symantec Endpoint Protection Manager versions 12.1 and earlier do not receive any information about explicit Group Update Provider lists.

      c) Single Group Update Provider: A single Group Update Provider is a dedicated client computer that provides content for one or more groups of clients. A single Group Update Provider can be a client computer in any group. To configure a single Group Update Provider, you specify the IP address or host name of the client computer that you want to designate as the Group Update Provider.

Step 9. Choose Multiple Group Update Providers / Explicit Group Update Provider / Single Group Update Provider as per required and Update the Hostname/IP of Group Updater System.

Step 10. Click Ok.

Note: 1000 systems can be updated with Single GUP.

Check these articles:

About the types of Group Update Providers

http://www.symantec.com/docs/HOWTO80957

Understanding "Explicit Group Update Providers (GUPs) for Roaming Clients" in Symantec Endpoint Protection (SEP) 12.1.2

http://www.symantec.com/docs/TECH198640

====================================================================================

 

2) How to Export a log report in Symantec Endpoint Protection Manager in .csv format

Earlier in Symantec Endpoint Protection 11.x, the Log reports exported were in.txt format.

However, in Symantec Endpoint Protection 12.1, the Log reports are exported in.csv format.

 To look at all data for all clients follow these steps:

  1. In the SEPM, click Monitors > Logs.
  2. For Log type: select Computer Status.
  3. Click the View Log button.
  4. Click the Export link at the top of the page. 
  5. In the window, click Open or Save as a .csv file.

csv.JPG

 

Again, all the Reports (Quick / Scheduled) are saved in MHTML Web page archive format in the location you selected.

Check these articles:

Exporting a log report in Symantec Endpoint Protection Manager in .csv format

http://www.symantec.com/business/support/index?page=content&id=TECH179235

Printing and saving a copy of a report

http://www.symantec.com/docs/HOWTO55383

Running and customizing quick reports

http://www.symantec.com/docs/HOWTO55413

====================================================================================

 

3) How to disable the "Active Scan on Startup" whenever different users log into a single computer on an unmanaged client.

Different users get a new "Active Scan on Start up" within "Scan for threats" on the Symantec Endpoint Protection (SEP) client GUI whenever they log in into the same machine. You wish to know how to disable this scan on an unmanaged client.

To disable this scan, follow the steps below based on the version of Windows running on the client.

WARNING: In the next steps you edit the Windows registry. Back up the registry before you make any changes to it, because incorrect changes to the registry can result in permanent data loss or corrupted files. Modify or delete only the registry keys that are specified. For instructions, see the document How to back up the Windows registry.

On 32-bit versions of Windows:

  1. Click on Start, then Run and type regedit into the run line. Click OK.
  2. Navigate to the following registry key:HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\AdministratorOnly\General
  3. Change the StartupScansEnabled DWORD value to 0.

On 64-bit versions of Windows:

  1. Click on Start, then Run and type regedit into the run line. Click OK.
  2. Navigate to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\AdministratorOnly\General
  3. Change the StartupScansEnabled DWORD value to 0.
  4. Close the Registry.

 

disable_active_scan.JPG

 

Check this article:

How to disable the "Active Scan on Startup" whenever different users log into a single computer on an unmanaged client.

http://www.symantec.com/docs/TECH173305

 

====================================================================================

 

4) How to Export SEP Client Package from Symantec Endpoint Protection Manager 12.1

You would like to know how to create new client installation packages using the Symantec Endpoint Protection Manager (SEPM) console.  

1) Login to SEPM console

2) Select a task – Install Protection client to computers

 

export_package1.JPG

 

3) Select “New Package Deployment"

export_package7.JPG

 

 

4) In the Select the Group and Install Features set window,

  • Select the correct version of Install Package.
  • Click on "Browse" to select the correct Group to which the client package should be meant to report to.
  • Select the correct Install Feature Sets
  • Select the correct Install Settings
  • Select the correct Content Options
  • Select the correct Preferred Mode
  • Click Next

export_package3.JPG

 

5)  Select : Save Package

export_package4.JPG

 

6) Browse for the location to Save the Package and click Next

7) Select : Single .exe file (default) and Click Next

export_package5.JPG

 

8)      Click Finish

export_package6.JPG

 

Check these Articles:

How to create new client installation packages in the Symantec Endpoint Protection Manager console

http://www.symantec.com/docs/TECH102215

Creating custom client installation packages in the Symantec Endpoint Protection Manager console version 12.1

http://www.symantec.com/docs/TECH165801

How to export Symantec Endpoint Protection (SEP) client install packages without any definitions or package with Basic Content.

http://www.symantec.com/docs/TECH178698

Other Related Articles

====================================================================================

Comments 6 CommentsJump to latest comment

OC_gonz's picture

Hi Mithu, days before I saw yours "How to..." everythings are excelents, but in this "How to.." unfortunatly I couln´t see the images and the point 2), 3), and 4). Do you thing the information was upload incomplete??

Regards.

0
Login to vote
Mithun Sanghavi's picture

Hello,

Performed the necessary changes... smiley

Thank you.

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

0
Login to vote
Ambesh_444's picture

Thanks Mithun Nice post...Thumbs up for your grt post

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

0
Login to vote
Sachin Sawant's picture

Nice Article Mithun great job....... yes

0
Login to vote
OC_gonz's picture

Thanks Mithun for your quickly response.

Regards.

0
Login to vote
nwranich's picture

awesome article.  Thank you!

0
Login to vote