Endpoint Protection

Hi

I'm sure this question has been posted before, my apologies if I am going over old ground...

I am planning to upgrade my clients from SAV v10 to SEP11 by first uninstalling SAV and then installing SEP.  This is on W2K, W2K3, W2K8 and XP SP2.

How many reboots are recommended in that approach?  I'm assuming one reboot after the removal of SAV, but not sure if the SEP client will need one.  Is it only required if I am installing the firewall component?

Also, on my server clients, is the recommendation to install only AV and anti-spyware and not the PTP and firewall?

Thanks

You will need a reboot to fully remove SAV. You also cannot have any reboots pending (eg completion of MS patching) before running the SEP installer. SEP Antivirus and Antispyware is effective immediately on install, but a reboot is recommended to tidy up, although this may be deferred. Network Threat Protection is not fully installed until the system is rebooted.

If you install without a reboot, the console will almost certainly report "Reboot required". I guess there is a slight distinction - NTP absolutely needs a reboot, the AV somponent does not absolutely need it but it is nice to have. In my experience it is best to inform the users and get the reboot out of the way so you can see the real issues in the console.

And before you commit to a SEP 11 rollout, have you considered SEP 12.1?

Hello,

You need to restart client computers after you install the client software or other third-party software. You can restart the client computers at any time by running a restart command from the management server. You can also schedule the client computers to restart during a time that is convenient for users.

Please check out the below link ,

Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers

http://www.symantec.com/business/support/index?page=content&id=TECH92440&actp=search&viewlocale=en_US&searchid=1337867622345

You can go for SEP 12.1 as well,

What's new in version 12.1

http://www.symantec.com/docs/HOWTO55189

Hi,

If you are planning to upgrade why don't you upgrade to the latest version i.e. SEP 12.1.

What's new in version 12.1

http://www.symantec.com/docs/HOWTO55189

What is new in Symantec Endpoint Protection 12.1?

http://www.symantec.com/docs/TECH163413

Go through following article also

https://www-secure.symantec.com/connect/articles/feature-differences-between-sep-11x-and-sep-121

To upgrade clients to SEP 12.1 or SEP 11, no need to uninstall SAV.

Push SEP package on SAV clients it will upgrade clients from SAV to SEP & After successful upgrade single reboot is required.

Also, on my server clients, is the recommendation to install only AV and anti-spyware and not the PTP and firewalls 

--> From SEP 12.1 PTP features is fully supported with Server operating systems. About firewall it's your call, you want to go with Symantec firewall or third party firewall.

We do recommend to use all the three features to get full protection.

Also, on my server clients, is the recommendation to install only AV and anti-spyware and not the PTP and firewall?

Prior to RU5 that might have been the case, but things have gotten better. You can install all components and things will still work great. You actually want the components installed, even in an allow all type configuration. Performance impact seems not worth mentioning. PTP monitors for any malicious activity and will deny known exploits. NTP will scan network traffic and auto deny known exploits, thereby making your environment safer on two counts. All our servers have a ALLOW ALL from ANYWHERE firewall rule (Maybe not ideal, but it does work for us).

One caveat is other firewall servers such as ISA. SEP FW and & ISA do not work together.

I Prefer rebooting because NTP doesn't start after installation.

It is recommended to restart