ITMS Administrator Group

 View Only

  • 1.  Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 07, 2014 01:12 PM

    Anyone leveraging both Altiris and SEP for security solutions?  please put in your two cents in.

     

    My main question, is it possible to take automated action from SEP alerts to kick off automation jobs via Altiris? is there a hook between the two systems that I can use?



  • 2.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 07, 2014 01:15 PM

    I believe you can use SEPIC

    https://www-secure.symantec.com/connect/forums/what-symantec-endpoint-protection-integration-component#comment-4573501

    http://clientui-kb.symantec.com/resources/sites/BUSINESS/content/live/DOCUMENTATION/4000/DOC4098/en_US/SEPIC_ReleaseNotes_7.1SP1.pdf



  • 3.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 07, 2014 01:47 PM

    I am looking for leveraging the two products in terms of using Altiris as remedation tool for SEP.  How can I hook SEP to Altiris to initiate an automated job?



  • 4.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 07, 2014 01:55 PM

    There is no direct hookup between the two, that's what SEPIC is for (free tool). It provides some high level reporting, ability to install SEP clients, and a few other features. I've not personally used it but just trying to point you in that direction.



  • 5.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 08, 2014 11:37 AM

    Brian thanks for your input, I am already aware of SEPIC, and it's not what I was looking for. 

     

    All,

    Anyone used Workflow Solutions to leverage Altiris and SEP?



  • 6.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 10, 2014 11:38 AM

    In what way does SEPIC not meet your needs? 

    Does it not bring in the required alert data from the SEPM database?



  • 7.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 11, 2014 12:11 PM

    SK,

    I need a solution that would tie Altiris to SEP as a remediation tool.  Example: Lets say SEP detected a virus on an endpoint, can it hook and use Altiris to perform automated actions to that endpoint automatically. like perform a restart, shutdown or even trigger a reimage?

    That's the piece, I am looking for, a mechanism to hook the two products together for automation.

     

    Thanks



  • 8.  RE: Leveraging Altiris and SEP (Symantec Endpoint Protection) for security solutions

    Posted Jul 11, 2014 02:47 PM

    I know that Workflow Solution has been used with SEP and Altiris for automated remediation during and after infection events.  Workflow Solution is free to customers who have purchased either SEP or Altiris (and possibly other products, I don't know), and you would download and install it via the Symantec Installation Manager on your Notification Server.

    Here is a link to the user guide for Workflow Solution:

    http://www.symantec.com/docs/DOC7224

    The current release of Workflow Solution is 7.5 SP1.  We have not updated the courseware yet for the 5-day class, but you can access recordings of the 7.1 course for free in the eLibrary.

    The eLibrary is accessible from the link:

    http://www.symantec.com/training

    Hope this is useful!