Hi, Do you know if there is a way with SEP to manage corporate client that are always outside the corporate LAN, that have internet connection and are not connected with vpn? I know that this is done by the Cloud version but i have a lot of Mac users connected as above, and the cloud version does not support apple S.O. Thanks, Max.

Follow this document

 

How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

I've submitted a feature request for this at least a year ago. Basically it involves creating a SEPM bridge head or reverse proxy. McAfee already has this capability.

Even if your clients are in the WAN and the SEPM server can't talk directly to them, almost all of the features still work. The clients still report in to the SEPM, they still get virus definitions and policy updates, etc. We have tons of clients setup this way and it works great. Clients check-in at their heartbeat interval, update their logs and status to the SEPM, download policies and defs (or get them from a GUP in their remote location) and everything is fine.