Endpoint Protection

 View Only

  • 1.  Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet

    Posted Mar 04, 2013 09:51 AM

    So I have some users that are working at remote locations that don't need access to our servers directly so they don't have VPN access back.  Is there a way that they can still get reported to the management server?  Like over the internet?



  • 2.  RE: Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet
    Best Answer

    Posted Mar 04, 2013 09:53 AM

    Yes, if you setup for DMZ

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    Article:TECH178325  |  Created: 2012-01-05  |  Updated: 2012-01-05  |  Article URL http://www.symantec.com/docs/TECH178325

     

    Communication issues with SEP client installed in DMZ while the SEP Manager is outside DMZ

    Article:TECH146736  |  Created: 2010-12-21  |  Updated: 2011-06-08  |  Article URL http://www.symantec.com/docs/TECH146736

     

    Security recommendations regarding SEP client installed on server located in DMZ

    Article:TECH122858  |  Created: 2010-01-29  |  Updated: 2010-01-09  |  Article URL http://www.symantec.com/docs/TECH122858

     



  • 3.  RE: Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet

    Posted Mar 04, 2013 09:59 AM

    They can be managed from Internet

     

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

    http://www.symantec.com/business/support/index?page=content&id=TECH93033


  • 4.  RE: Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet

    Posted Mar 04, 2013 10:00 AM

    hi,

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

     

    Article:TECH93033 | Created: 2009-01-23 | Updated: 2009-01-24 | Article URL http://www.symantec.com/docs/TECH93033

    look this thread

    https://www-secure.symantec.com/connect/forums/manage-offline-systems



  • 5.  RE: Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet

    Posted Mar 04, 2013 10:06 AM

    Thanks guys, this will work great!



  • 6.  RE: Can Symantec Endpoint Protection 12.1.1 RU1 Be Managed Over the Internet

    Posted Mar 04, 2013 10:09 AM

    "Thumbs Up" to Brian for his links.

    The management of External SEP clients is possible, and my recommendation would be to pursue the implmentation of an additional SEP Server and Site, situated in the the DMZ.  This additional site would replicate configuration data and logs with the internal/main SEP Server/Site.

    Clients should be enabled for Location Awareness, and use a MSL that points at the DMZ SEPM's externally resolvable address in the "external" location.

    Another option is to use a revrese/inbound proxy if you have one handy...

    I'd generally recommend against exposing your primary SEPM to the internet (depending on your environment and requirements)