Endpoint Protection

 View Only

  • 1.  How SEP Policies and Features work together

    Posted May 16, 2013 12:46 AM

    Hi, hopefully a quick and easy question. Ive trawled through the admin and implementation guide, but cant find a definitave answer to this:

    Will a SEP policy apply to a client if the client doesnt have the feature installed?

    For example, we have a client that doesnt have the Intrusion Prevention feature installed. BUT the client is in a Group that does have a policy assigned for IPS. Will this cause issues, or will SEP simply say, i dont have that feature, so i wont attempt to apply the policy.

    Many Thanks!

     



  • 2.  RE: How SEP Policies and Features work together

    Broadcom Employee
    Posted May 16, 2013 12:51 AM

    Will a SEP policy apply to a client if the client doesnt have the feature installed? NO

    because the drivers for component will not be installed/working.



  • 3.  RE: How SEP Policies and Features work together

    Posted May 16, 2013 12:52 AM

    Hello,

    If feature not avail then that part of policy not applied..

    When you can install that feature policy will be implemented there.



  • 4.  RE: How SEP Policies and Features work together

    Posted May 16, 2013 12:54 AM

    Will a SEP policy apply to a client if the client doesnt have the feature installed?

    No the policy not be applied on the client because the policy applied according to the running components.



  • 5.  RE: How SEP Policies and Features work together

    Posted May 16, 2013 01:03 AM

     

    Hi, 

    Policies are applied on machines with respect of components on the client.

    Regards

    Ajin



  • 6.  RE: How SEP Policies and Features work together

    Posted May 16, 2013 06:15 AM

    If no component is installed for that policy, it is simply not possible to be used.



  • 7.  RE: How SEP Policies and Features work together
    Best Answer

    Trusted Advisor
    Posted May 16, 2013 08:17 AM

    Hello,

    The Policy would definitely not apply to the client when the said Feature is not installed.

    I would suggest you to check this Article:

    How Symantec Endpoint Protection protection features work together

    http://www.symantec.com/docs/HOWTO55268

    Secondly on a kind note: Symantec encourages you to install all the features on the client machines.

    Symantec Endpoint Protection Recommended Best Practices for Securing an Enterprise Environment

    http://www.symantec.com/docs/TECH166816

    Hope that helps!!



  • 8.  RE: How SEP Policies and Features work together

    Posted May 16, 2013 04:53 PM

    Hi All thank you for your responses!

    Yes, this question was mainly focussed around servers, as we have some old devices out there that are fairly high bandwidth, but low resourced, so we would be looking at excluding IPS from them etc. All other devices would have all features installed.

    Im currently in the process of designing the group structure for SEPM so that policies etc can be applied and so that it is structured logically.

    Thanks again for your responses@