Endpoint Protection

 View Only

  • 1.  DMZ Server

    Posted Mar 28, 2013 12:06 PM

    We are trying to install a DMZ Server for Symantec and was wondering what ports do we need to use in order for the DMZ Server to work so that pc's that are not on the network can still communicate with the symantec server.



  • 2.  RE: DMZ Server

    Posted Mar 28, 2013 12:09 PM

    This KB article will tell you

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    Article:TECH178325  |  Created: 2012-01-05  |  Updated: 2012-01-05  |  Article URL http://www.symantec.com/docs/TECH178325

     

    You can also check this one for clients and better securing them

    Security recommendations regarding SEP client installed on server located in DMZ

    Article:TECH122858  |  Created: 2010-01-29  |  Updated: 2010-01-09  |  Article URL http://www.symantec.com/docs/TECH122858

     



  • 3.  RE: DMZ Server

    Posted Mar 28, 2013 12:16 PM

    Firewall Configuration (bi-directional):

     

    Mandatory Firewall Ports:

    TCP 1433: Default SQL Port

     

    Optional Firewall Ports:

    TCP 334: RDP

    TCP 9090: SEPM Remote Management Console

     

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    http://www.symantec.com/business/support/index?page=content&id=TECH178325



  • 4.  RE: DMZ Server

    Posted Mar 28, 2013 12:23 PM
    Thank you Brian and Manish. These articles will help out a lot.


  • 5.  RE: DMZ Server

    Broadcom Employee
    Posted Mar 28, 2013 01:19 PM

    Hi,

    Few more helpful links:

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

    http://www.symantec.com/docs/TECH93033

    Ports and Protocols to be allowed when using a proxy in a SEP environment.

     http://www.symantec.com/docs/TECH131843 

    Which Communications Ports does Symantec Endpoint Protection use?

    http://www.symantec.com/docs/TECH163787



  • 6.  RE: DMZ Server

    Trusted Advisor
    Posted Mar 28, 2013 03:14 PM

    Hello,

    Please check this Thread: https://www-secure.symantec.com/connect/forums/server-dmz

    and check these Articles:

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    http://www.symantec.com/business/support/index?page=content&id=TECH178325

    SEP Configuration for DMZ Servers

    https://www-secure.symantec.com/connect/articles/sep-configuration-dmz-servers

    Security recommendations regarding SEP client installed on server located in DMZ

    http://www.symantec.com/docs/TECH122858

    Communication issues with SEP client installed in DMZ while the SEP Manager is outside DMZ

    http://www.symantec.com/docs/TECH146736

    Updating downloads in an internal LiveUpdate Administrator 2.x Server using the downloads from an external LiveUpdate Server

    http://www.symantec.com/docs/TECH106254

    NOTE: The above Articles applies to both SEP 11.x and SEP 12.1

    Hope that helps!!