Hello,
The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5
SEP for Linux clients can now be managed by an RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.
- How scheduled scan, live update frequency, exclusions and other different settings can be set for linux client? Will everything be managed by SEP Manager through policies or still we need to use for example symcfg to anable folder exclusion?
---> If it’s managed linux client you can create policies accordingly so for managed clients no need of symcfg to enable folder exclusion. For un-managed client it’s still the same process.
See this screen-shot Under Virus & Spyware Protection linux Settings are available:
2. If yes policies for linux client must be set different from windows client policies?
--> Yes, need to configure separately.
3. Can i configure live update policy to retrieve updates only from SEPM like i did on windows clients?
--> No, though linux clients can be manged by SEPM it will fetch definitions updates from LUA or Internet liveupdate server only.
4. Can I deploy linux clients without any particular policies and modify them later? Will be the policies upgrade automatically?
--> You can't. If upgrading from MR13 to SEP 12.1 RU5 then polices will be upgraded automatically
5. Which task can i run from SEPM to SEP linux? (es: scan now, run liveupdate,ecc ecc)
--> You can run Scan, Update content, Update content and Scan & Enable auto protect commands from SEPM console
6. Are in SEPM the liveupdate default sources still: liveupdate.symantecliveupdate.com and liveupdate.symantec.com TCP 80?
--> There is no change in SEPM liveupdate process except content optimization feature.
7. Can i choose the path where to install SEP on linux? How to do if I need to install not in default /opt?
--> Yes, you can.
8. About the ports to leave opened: up to now we have used only the console on the server and the web console: do i need to leave open just 8443, 9090, 8014 or others? Apache and tomcat?
--> For linux clients to communicate with the SEPM there is no specific ports to be open on client/SEPM.
Check this article: Which Communications Ports does Symantec Endpoint Protection use?http://www.symantec.com/docs/TECH163787
Article for reference:
Symantec Endpoint Protection 12.1.5 for Linux Client Guide
http://www.symantec.com/docs/DOC7697
Configuring LiveUpdate Administrator 2.x to Download and Distribute Symantec Antivirus for Linux Contents
http://www.symantec.com/docs/TECH152311
Configuring Symantec Antivirus for Linux (SAVFL) to download definitions from the Distribution Center of an internal LiveUpdate Administrator (LUA) 2.x Server
http://www.symantec.com/docs/TECH93505