What is "FILE FINGERPRINT LIST" in Symantec Endpoint Protection (SEP)?
A file fingerprint list for a client computer image consists of a list of checksums for each application on that client computer along with the complete file paths of those applications. You can verify that each image contains all of the executables that are approved for use at your company. To create a file fingerprint list, you can use the utility Checksum.exe that is installed along with Symantec Endpoint Protection on the client computer. You can run this command on each computer image in your environment to create a file fingerprint list for those images.
The file Checksum.exe is located in the following location:
- C:\Program Files\Symantec\Symantec Endpoint Protection
You can run this tool from the command prompt.
To run the same you may follow the steps below for a installation of SEP at the default location:
- Click Start > Run > CMD
- Type C: press enter
- Type CD C:\Program Files\Symantec\Symantec Endpoint Protection
- Type Checksum.exe result.txt
Checksum.exe creates a text as mentioned “result.txt” in our case that contains a list of all executables on that computer and their corresponding checksums.
You can use Symantec Endpoint Protection Manager to import file fingerprint lists for each client computer type into a master file fingerprint list. You can manage the file fingerprint list using Symantec Endpoint Protection Manager.
The file fingerprint list contains the approved files for all of your client computers.You can also add file fingerprints for individual files you want to approve.