Symantec Endpoint Protection – Best Practices

Symantec Endpoint Protection – Best Practices

The threat Landscape has changed and cybercrime is rampant. Companies cannot depend solely on desktop antivirus technology to protect themselves. Following the steps in the tabs below will improve the protection of desktops running Symantec Endpoint Protection and stop malware.

Migration

• Upgrade and migration resources for Symantec Endpoint Protection 12.1
• Installation and Migration Documents for Symantec Endpoint Protection 12.1
• Planning for Migration to Symantec Endpoint Protection Manager 12.1
• Upgrading and migrating to Symantec Endpoint Protection 12.1

Migration Troubleshooting

If you are having an issue with an 11.06 upgrade to 12.1 the issue may be with the schema.

These are the steps that support asks the customer to complete to validate the db.

1. Run Dbvaildator.
   1. To collect this information go to the Symantec Endpoint Protection Manager folder.
   2. Then open the tools folder and run the dbvalidator.bat file.
   3. After it has finished it will generate a file that the next tool that you will collect.
1. Collectlog.cmd
   1. This tool is located in the same tools folder as Dbvaildator.
   2. After running the tool a zip fill be generated.
   3. Upload to support.

Related Links

• How to use the Validation Tool for the Symantec Endpoint Protection Manager Database.
• Symantec Endpoint Protection Manager Log Collecting Tool

Implementation

• How to Install SEP 12.1 for the first time
•  Best Practices for employing Intrusion Prevention System (IPS) to high-availability/high bandwidth servers

 Upgrades not working via RDP?

RDP has the ability to open many different session and some are not supported. Below is information on supported sessions.

• Product corruption or an install failure happens during an installation or migration while using a remote session.
• How to install or manage Symantec AntiVirus and Symantec Endpoint Protection components through Remote Desktop

Administration

How to repair duplicate IDs on cloned Symantec Endpoint Protection 12.1 clients 

How to resolve the issue if you deploy multiple Windows computers, virtual or physical, by cloning a base hard drive image that includes Symantec Endpoint Protection 12.1, and now you have duplicate client IDs in the Symantec Endpoint Protection Manager's database. The cloned computers are reporting as the same client to the Endpoint Protection Manager.

Keeping Symantec Endpoint Protection 12.1 up to date

Tips for keeping SEP 12.1 up to date

• Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)
• Group Update Provider: Sizing and Scaling Guidelines
• New features and functionality in Symantec Endpoint Protection Release Update 5 (SEP RU 5) Group Update Provider (GUP)
• Configuring the Group Update Provider (GUP) in Symantec Endpoint Protection 11.0 RU5 and later
• About configuring rules for multiple Group Update Providers
• How To Optimize Endpoint Protection for Branch Offices using GUPs, Load Balancing, and Location Awareness
• How to locate the Group Update Provider (GUP) list in Symantec Endpoint Protection 11.0 RU5 and Later
• How to search for the clients that act as Group Update Providers ?
• Content Distribution Monitor (for GUP Health Checking)

TRAINING:

Great Video’s created on Group Update Provider on the Symantec Connect website.

• https://www-secure.symantec.com/connect/videos/group-update-providers-part-1
• https://www-secure.symantec.com/connect/videos/group-update-providers-part-2

Virtual Environments

• SEP 12.1 Virtualization Best Practices.pdf
• Symantec Endpoint Protection 12.1 - Virtualization Best Practices

Disaster Recovery

Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager

Visit the Endpoint SWAT Group

To access all of the content available in the Endpoint SWAT group, visit Endpoint SWAT.