Endpoint Protection

 View Only

  • 1.  how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Posted Dec 11, 2013 08:51 AM

    Hi All,

    I'm not sure if this is possible ?

    How to configure SAV For Linux v14 (installed on Red hat Linux 5.4 and 6.0) to reports to the Windows SEPM 12.1.2 server for AV Definition date ?

    At the moment the SAVFL is updated by using LUA v 2.3.2 installed on the same windows server.



  • 2.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?
    Best Answer

    Posted Dec 11, 2013 08:54 AM

    This cannot be done. Per this article from Mick2009:

    There are three ways:

    1. Internet LiveUpdate servers (The default.  Recommended if you have only a few SAVFL clients)
    2. Internal LiveUpdate Administrator 2.x server (Recommended if you have many SAVFL clients.)
    3. Intelligent Updater (Useful in certain circumstances, such as completely isolated computers.)

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-3

    Only logs from SAVFL can be sent to the SEPM using SAVFL Reporter

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-4-savfl-reporter



  • 3.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Posted Dec 11, 2013 09:12 AM

    Ah ok, so it is not yet available ?

    I wonder how to make sure that we can monitor the status to see which client is not updating ?



  • 4.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Posted Dec 11, 2013 09:15 AM

    SAVFL clients cannot be managed by the SEPM, they can only forward logs. If you look at the SAVFL Report link I posted from Mick2009, it does show definition dates so you may want to look into setting up the SAVFL Reporter. Mick's article shows you how to do so.

    A snippet from Mick's article reads:

    "Using various filters, it is possible to generate a list of all the Linux machines that are configured to report in to this SEPM, view their definitions date (as illustrated, above), see when they have been scanned, what threats were found, and so on. 

    It's also possible to configure notifications which can be triggered by the incoming SAVFL Reporter data.  So if there's an outbreak on your Linux file server, the admin's smartphone can get a "Alert!!" email from the SEPM, enabling her to grab her cape, spring into action and save the day."

    I think this will get you what you need.



  • 5.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Broadcom Employee
    Posted Dec 11, 2013 09:18 AM

    Hi John,

    Thank you for posting in Symantec community.

    I think it's due for next release but can't assure at this point.

    But yes, it's on the roadmap.

    It's on the roadmap if we checked following two ideas:

    https://www-secure.symantec.com/connect/idea/linux-unmanaged-client

    https://www-secure.symantec.com/connect/ideas/managed-sep-client-linux

    Currently linux client servers as a unmanaged clients only.

    The SAVFL client cannot be managed by the SEPM, although it can report logs back to the SEPM by using SAV Reporter, which was released after SAVFL 1.0.10, but can be downloaded from the following KB article.

    Few helpful KB's:

    Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes 

    http://www.symantec.com/docs/DOC3474



  • 6.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Posted Dec 11, 2013 09:50 PM

    Cool, thanks for the clarification Chetan !



  • 7.  RE: how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

    Posted Dec 11, 2013 09:51 PM

    Thanks Brian, I'll try to follow that instructions.