Video Screencast Help

Symantec Endpoint Protection 12.1 Virtualization Best Practices

Created: 04 Nov 2011 • Updated: 04 Nov 2011 | 12 comments
Mithun Sanghavi's picture
+18 18 Votes
Login to vote

Hello All,

Here is the PDF for Symantec Endpoint Protection 12.1 Best Practices in a Virtual Environment:

The document is intended to capture the complete set of best practices for installation and configuration of Symantec Endpoint Protection version 12.1 in a virtual environment.

Optimized for performance on virtual systems, Symantec Endpoint Protection 12 can automatically identify and manage virtual machines (VMs). Symantec Endpoint Protection 12 also integrates directly with VMware’s security APIs to scan for malware inside offline VMware images. To alleviate concurrent scans, known as ‘AV Storms,’ from impacting performance in dense virtual environments, Symantec Endpoint Protection 12 whitelists baseline VM images and shares scan results across VMs so that identical files only need to be scanned once across an entire pool. When combined with the scanning elimination from Insight, Symantec Endpoint Protection 12 enables faster, more responsive host systems, which in turn supports greater density of virtual instances, particularly for highly consolidated VDI environments.

Comments 12 CommentsJump to latest comment

sharmakhilesh's picture

Nice to share such a good file

+1
Login to vote
Symantec World's picture

Voted Up.....

Regards, M.R

+1
Login to vote
W007's picture

Nice Url We be help for Symantec Issue Resolvation

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

+1
Login to vote
Ashish-Sharma's picture

nice/.........

Thanks In Advance

Ashish Sharma

 

 

+1
Login to vote
Kedarnath Lal's picture

This is the whitepaper, I wanted to have.

thanks for sharing

0
Login to vote
Mithun Sanghavi's picture

Hello,

Check these Articles:

Symantec Endpoint Protection 12.1 - Virtualization Best Practices

http://www.symantec.com/docs/TECH173650

Symantec Endpoint Protection 12.1 - Non-persistent Virtualization Best Practices

http://www.symantec.com/docs/TECH180229

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

+1
Login to vote
Dushan Gomez's picture

Many thanks man for sharing this artcile !

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

+2
Login to vote
StephenF's picture

This white paper and the ones it links to are written for users with a large number of computers. However, I have a small network -- 4 boxes, 1 of which runs a virtual machine plus its host OS. My questions are basic. Do I need a separate license for the virtual machine? Is there is a reason I shouldn't install EndPoint in unmanaged mode? (I initially configured my installation for managed mode but found that entering setting a few times is easier and faster than learning to use managed mode.) Are any of your suggestions for efficiency applicable and, if so, which ones?

OK, my network is an extreme. Still, can you point me to a white paper with instructions for configuring EndPoint for small networks, even if they're not as small as mine? If not, I think you need such a paper, At least, I know I need one.

0
Login to vote
_Brian's picture

Any machine with SEP installed will count against the license count, VMs included.

If you install as unmanaged than you cannot control the clients from the SEPM. Unless you walk around to every client and check individually than you basically have no central control over your clients. You will also need to configure each one if they're not managed.

The article can still apply to small networks as well. What part of the configuration do you need help with?

0
Login to vote
StephenF's picture

Thank you very much for the immediate response.

Walking around to every client isn’t a problem. Two boxes (3 machines) are on or next to my desk. The other 2 are about 15’ away.

I suppose the comment in the article “SEP whitelists baseline VM images and shares…” doesn’t apply because my machines are unmanaged; the SEP installations presumably don’t know about each other. On the other hand, with only 1 VM and scans scheduled at night, I also suppose that doesn’t matter. Similarly, I imagine that randomizing scanning isn't significant in my environment. Are those thoughts right?

Thank you for the suggestion to use active scan instead of full scans.

Should the VM be running when scanned? I had planned to shut it down at night, but don't have to.

I don’t know what a “base image” is and therefore don’t understand section 5.

Actually, when I wrote my comment I had used your links incorrectly; upon reviewing the page I can see why you said the instructions apply to small environments as well as large ones, and I agree with you. My comment about large vs small networks really concern the link in Mithun Sanghavi post 6/26/12. Since I now see that you did in fact write the article I was requesting, I'll just ignore Mr. Sanghavi's links as inapplicable to me. Sorry.

0
Login to vote