Endpoint Protection

 View Only

  • 1.  Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 10:32 AM
    Hi All,

    My company has multiple different office locations, and I have replication servers in each branch office. I am wondering if there is a way that will allow me to assign clients to only update from particular replication server. Ideally I would like to do this by assigning a computer with a particular subnet to a particular server.

    For example, if I have an office in New York with the subnet 10.0.0.0, I would like the computers on that subnet to only be able to pull data from the server in that office.

    Any help would be great

    Thanks!


  • 2.  RE: Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 10:37 AM
    follow this document

    Creating and assigning a management server list for a Symantec Endpoint Protection Manager



    http://service1.symantec.com/support/ent-security.nsf/docid/2007123110045548


  • 3.  RE: Assigning clients to connect to a particular server in SEPM
    Best Answer

    Posted Aug 20, 2010 10:58 AM




  • 4.  RE: Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 11:19 AM
    So basically there is no way to assign a particular subnet to a specific server? This can only be done through assigning the lists to an active directory OU?


  • 5.  RE: Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 11:38 AM
    SEPM console
    Clients
    Add Location
    Set up your criteria:
    For Example: IP address Range of your subnet in Location: New York for example.

    Next:
    SEPM Console
    Clients
    **
    If you configured a (many) Location(s) for your Company (top level)
    Expand Location-Specific Settings
    -> Communication Settings
    "SPECIFY THE MANAGEMENT SERVER THIS GROUP WILL COMMUNICATE WITH"


    You indicated you have servers setup all over.
    Just point those clients to use the specified local server.

    VOILA!

    Rinse and Repeat

    Also, anyone travelling to those sites with a machine/laptop...  Will update from local location as well.

    Cheers


  • 6.  RE: Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 12:05 PM
    yeah you can assign it that way; but it would more of check the condition before assigning the Management server
    if your clients are already in that subnet; until they change to diff ip ; i dont think this policy would apply
    please update us



  • 7.  RE: Assigning clients to connect to a particular server in SEPM

    Posted Aug 20, 2010 12:14 PM
    To build on Rafeeq's Suggestion, you could also create a "Management Server List" for each group.  I.E. Create a new policy for each group (subnet/location).


    For example, by assigning all the machines in NEW YORK subnet to a group and than assigning Management Server List Policy to that group.
    In the policy you could specify the "server name" for that particular subnet. 
    Thus all machines in that group, would apply it's policy to look for a server named X as is indicated in the policy, definied to that group.

    By doing this, you would most likely need to ensure that "inherit policies from parent" is unchecked.  You want to make sure that the policy you assign is being assigned and implemented to the proper place.

    You would than need to ensure to apply the other policies to all the groups and make sure when modifying, you are modifying your other policies- other than the one stipulated above, as shared.

    Either way should work.