Endpoint Protection

I am looking for best practices for small companies.  We are a company of less than 100 computers and employees.  I am new in the IT department and have been tasked with the responsibility to determine is SEPM has been set up correctly and is using best practices.  One question I have is what the best practice would be for Security Status Thresholds.  Currently we have the following settings:

Percentage of computers reporting auto protect off:  5

% of Computer reporting download insight off:  10

% of computers reporting SONAR off:  10

% of computer reporting Network Treat Protection off:  10

% of computer reporting out-of-date virus definitions:  10

% of computers reporting out of date intruction Prevention signatures: 10

Days after Intrusion Prevention signatures are considered out of date:  30

the rest of the percentages are all set at 10.

What is the best practive for companies with roughly 80 employees.

Also do you have a Best Practice PDF for small companies?

Thank you

There isn't a best practice for this one specifically, although 10% is a good start. It really comes down to what is defined in your policy.

There are a ton of best practice articles at the below link:

Best practices articles for Symantec Endpoint Protection (SEP)

http://www.symantec.com/docs/TECH181685

Check back if you have questions!

-Brian

Hi,

Thank you for posting your query in Symantec community.

There isn't any specific best practice guide for small companies, mostly it's common across all size of companies.

I will suggest you to keep default settings only unless there are specific requirements. If you reduced percentage it will start to flag early.

As shared above, can be a reference guide to apply best practices to install,configure & administer etc.