Endpoint Protection

 View Only

  • 1.  Poll - What Modules Do You Run On Your Servers

    Posted Apr 05, 2016 05:57 PM

    At present we deploy SEP to our servers with AV/AS and PTP (both SONAR and ADC) installed. Currently we are working with support on an issue where a Hyper-V 2012 Datacenter cluster broke and MS's response was to get a workaround from Symantec.  Preliminary data is suggesting a known issue involving ADC so I'm being asked to find out what is typical.  I can't say I've seen best practice on what modules to run on servers (thought I may have just missed it) and our BCE recommends running AV/AS only with DCS in place.  Was wondering what everyone out there might think as to the best way to go with servers?  AV/AS only?  With SONAR or all of PTP?  Full install? 



  • 2.  RE: Poll - What Modules Do You Run On Your Servers

    Posted Apr 05, 2016 06:04 PM

    Full install.

    All modules are fully supported on server OS.

    Need to be careful with IPS though in some cases:

    Best Practices for employing Intrusion Prevention System (IPS) to high-availability/high bandwidth servers.

    Also, the firewall should be extensively tested first. Have a non-prod mirror of prod is good, if possible. The SEP firewall out of the box works well but adjustments will likely need to be made depending on your environment.



  • 3.  RE: Poll - What Modules Do You Run On Your Servers

    Posted Apr 06, 2016 05:24 AM

    Hi Ariphaneus,

    Install all components.  SEP 11 had some issues and potential performance reasons, but I recommend all SEP 12.1 components on servers.

    SEP Times in the City: A Helpful Symantec Endpoint Protection Analogy
    https://www-secure.symantec.com/connect/articles/sep-times-city-helpful-symantec-endpoint-protection-analogy

    With thanks and best regards,

    Mick