Endpoint Protection

 View Only

  • 1.  Advice on installing SEP Clients on Servers

    Posted Apr 25, 2011 06:12 PM

    Hello

    I have two servers on which I am considering installing the SEP client.  Before proceding I would like some advice from the more seasoned users out there regarding two general questions which are...

    a) What is the benefit?  Very little web browsing is done from the servers, which seems to be the source of most security problems. 

    b) What client features should NOT be installed?  For example my network currently uses Network Threat Protection, the firewall is turned off because well I have a firewall, but the Intrusion Prevention is turned on.  Is NTP/IP going to interfear with server functions.   Also, I saw a comment somewhere about not installing Proactive Threat Protection on servers, what is that about?

    The 2 servers are SBS 2003 (email, SEPM, and web server) and 2003 R2 (file server and web server).

    Thanks for your feedback.

    Mark G



  • 2.  RE: Advice on installing SEP Clients on Servers

    Posted Apr 25, 2011 06:16 PM

    In my opinion install only AV/As now.PTP (True scan) will not work with server OS.NTP you may install only after doing a through testing in a test environment.



  • 3.  RE: Advice on installing SEP Clients on Servers

    Posted Apr 25, 2011 06:28 PM

    There is a "Best Practice " document covering this subject, check it out here -

    http://www.symantec.com/business/support/index?page=content&id=TECH92440&locale=en_US



  • 4.  RE: Advice on installing SEP Clients on Servers
    Best Answer

    Posted Apr 25, 2011 07:44 PM

    In my opnion on the server you can install all the 3 components.

    The only conecrn is PTP may show off or disabled. the reason isOn Windows server operating systems and Windows XP 64-bit operating systems, Proactive Threat Protection only supports Commercial Application List scanning or "CAL". This is why the status shows as "OFF" in the client interface.

    But this doesn't mean that it doesn't work. All 3 compoents

    AV and AVS

    PTP

    NTP

    Can be installed on it.



  • 5.  RE: Advice on installing SEP Clients on Servers

    Posted May 06, 2011 10:44 AM

    Thanks for the info.  This document contains a line

    "in SEP 11.0, the Firewall component of SEP must be installed and enabled in order to enable IPS protection"

    I have read elsewhere that I could install the NTP component, and "disable" the firewall, and still have IPS protection.  The instructions I read said to disable the firewall by NOT applying the firewall policy to any of the client groups. 

    Can I get some clarification on that?

    Thanks again



  • 6.  RE: Advice on installing SEP Clients on Servers

    Posted May 09, 2011 12:16 PM

    Also I noticed that your Best Practices for servers doc advocates using the Firewall component on windows servers.  From my experience with Microsofts ISA I've found that a software firewall can seriously impact performance.  How does the SEP firewall compare to other firewalls in terms of performance?

    Thanks