Endpoint Protection

Dear Partner,

From the symantec end point protection,  what the are files that can be examine to confirmed that embeeded database is being configure during installation.


In additional, I heard from a customer  that from the symantec end point Client  have two two configuration which can be used to verify what configuration has been push down and configure for the client. May I know what are the two configuration files?


A new Symantec endpoint will be setup in another Office in oversea and he would like me to configure exactly the same as the existing endpoint configuration
By the way, is it possible to push Symantec antivirus  Only   instead of symantec antiviurs + spyware?  Is this possible?



Thanks

Hi,

During the installation of SEPM we get an option to select which database is being configured.

Also the same information can be seen under ODBC Connection.

For an embedded (Sybase) database the Symantec Embedded Database service is running and that the dbsrv9.exe process is listening on TCP port 2638

 

No it possible to push Symantec antivirus Only instead of symantec antiviurs + spyware.
Antivirus and antispyware protection are inbuilt together. They cannot be separated . this is by design

Dear Partner,


 When I select symantec antivirus + spyware only and push down to client,   why is the Network Access Control appear on the symantec endpoint projection.

On the SEP client, you can check the sylink.xml and config.xml files under C:\program files\symantec\symantec endpoint protection folder. This holds all communication settings and server details.

You can configure the new clients in exactly the same way. You can use the same deployment package and also put the new clients in same group in SEPM so that they would get the same policies. You could also copy policies from one group and paste it on a new group in SEPM. 

You see NAc component because your SEPM has integrated NAC package under installation packages.
 

NAC package has been installed in SEPM.

Do you see in client Network Access Control   Allowed ?


Regards....
Ramji Iyyer

Symantec Endpoint has total 8 features that are divided into 4 components

1. Antivirus and Antispyware Protection ( Antivirus + Antispyware )
2.Proactive threat Protection ( Proactive Behaviour based scan + Application Control + Device control )
3. Netowkr threat Protection ( Firewall + Intrusion Prevention System )
4. Symantec Network Access Control--which has to be purchased seperately

Once you have Install SNAC license on your SEPM on all the clients SNAC component will automatically get enabled and you cannot un-install or Disable it.
However it is harmless untill you configure it..
This is a policy based compliance products..which will check whatever policies you have configured whether the clients are compliant with it or not.
So without policy it just sits there..

Communication..
2 files were used in older version of symantec antivirus (10.x and earlier) namely grc.dat and root certificate.

From SEP 11..its only 1 file Sylink.xml, which will give you all the information about where this client belongs to. information in sylink are : server ip,port,domain id,communication mode, heartbeat interval etc..

Dear Partner,

In the servivces, I disabled the services but on the server side when I view the client the NAC is still there? Is it possible to hide that Icon?

Thanks

You dont have to disable the NAC on the SEPM instead if you do not want to see the NAC into the client just remve the license of the NAC from the SEPM server

Dear Partner,

I'm currently using an evaluation copy. How can remove that away?
Thanks

Upgrade from Trialware is not supported

Currently there are no migration paths from Trialware to a Licensed build. The recommended solution at this time is to uninstall the Trialware version, restart the computer, and install the Licensed build in its place.

Symantec Endpoint Protection Trialware Migration

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008070914541748