Endpoint Protection

Hi,

If I created a client installation package to be pushed down to clients with SAV version 10.X installed. Can I just pushed it down from the Manager?

Is there any settings to be changed before pushing it down?

yes, using the MIgration and Deloyment wizard you can push the package in to the said clients, the destined machines should be reachable.

from installation guide.
Deploying client software to computers that run firewalls, and that run Windows XP, Windows Vista, or Windows Server 2008 have special requirements. Firewalls must permit remote deployment over TCP ports 139 and 445. Also, the computers that are in workgroups and that run Windows XP must disable simple file sharing. Windows Vista and Windows Server 2008 have additional requirements.

Cheers
Pete!

Yes, u can push it without any cahnges. Just use migration and deployment wizard from the SEPM to install client package

No schdelued scan running on SAV
Tamper Protection should be disabled on SAV
Un-install password should be disabled

You can push out the package using Migration or deployment or using Find Unamanged Computers.

You can also use this link for better implementation
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007122711551348

ajit

Hi thanks for the info...

One thing to confirm, do i need to follow the things that are mentioned in the Installation Guide. Like disabling scheduled scans, disabling live updates, turning off roaming services, unlocking server groups, turning off tamper protection and uninstalling reporting servers.

These configuration needs to be done on the SSC.
Are these steps required before I push down the client installation package?

Another thing is regarding SAV version 8.X, is it a must to go to every machine and uninstall it before installing the SEP?

Thanks

You need to disable scheduled scan, Tamper protection and disable un-install password you can ignore other things as they are not very important.
For 8.x yes you've got to either remove them from each compter or upgrade them to 10.x and then they can be migrated

Hi Vikram,

Thanks for the information.

By the way, is it possible to set up another server on a remote site to retrieve updates from the Main SEP Manager. Such that the clients at the remote site is able to get their Live Updates from the server over at the remote site instead of all receiving the Live Updates from the Main SEP Manager?

Thanks

you can use GUP functionality or use Internal Liveupdate server instaed of going for SEPM (another server).

GUP supports 1000 clientmachines.

Pete!

Thanks pete~

I will go read on this portion.. Thank you

Hi Pete,

By the way, what is GUP?

its Group Update provider, which acts as an cache for storing the definitions and clients will check with GUP for the definition.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008081810593048

cheers
Pete!

Symantec Endpoint Protection 11.0 Group Update Provider (GUP)
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092720522748

Practically GUP handles up to 200 clients very well.
So you can have more than one GUP or if can also read about replication even that serves this purpose just and you can handle upto 5000 client embedded database and 50,000 clients SQL database using additional SEPM using replication.
So you have to think what suit your environment if you can give a little bit idea of your environment we can suggest you what would be the suitable option.

Hi Vikram & Pete for the information provided. I haven go into the deployment of the SEP yet. I hope you all can guide me along the way if I meet with some problems for the deployment. The information provided are great~ Maybe back to the 1st question on installing SEP client on existing SAV version 10.X, so before pushing down the SEP client, I need to go configure SSC such that schdelued scan, Tamper Protection & Un-install password should be disabled. All these needs to be configured through SSC right?

yes, these needs to be configured. SSC will help you to support these configuration.

as tamper protection will block the upgrade from SAV to SEP, hence it is needed. Installation guide is helpful in understanding and configuring.

Cheers
Pete!

Follow the thumb rule..have the basics right it will all go well as planned.

Hi, I have some doubts that needs to be clarify guys.

1)    For the installation of client package to existing SAV version 10.X, i uploaded the setup.exe on a shared drive to allow users to install themselves.      However, a user with no admin rights is not able to install it. Is it a requirement for users to have admin rights for installing of SEP? Is there a way to bundle in the admin login & password when creating the client package?

2)     I have created the client package such that it does not restart after installing. Once the SEP is installed on the client machine, the latest virus definition is not being pushed down from the management server. Why is that so? Is it a requirement to restart machine so that the client will be updated with the latest definition from management server?

3)    Another thing is, how does silent mode works? How do I know whether it is being pushed down sucessfully?

4)    Using the manager console, can we actually see the logs of the client? I cant find the option to see the status or details of the clients.

5)    Hi, currently my site has a total of 600+ users with 3 remote sites. Can anyone reconmend which is the easier way to deploy the SEP to clients?

Cheers
Tan Yong Chen

First make sure you are using latest version of SEP MR4MP2

 1.You have to logged in as Admin as to install SEP even local administrator will do.We cannot bundle username and password with the package.

2.You do not have to restart in order to get definitions but still it is recommended.Just wait for 10-15 minutes the client will pull down the definitons.Just make sure after installing the client you have the green dot on them (that means it is communicating with sepm) if not 1st thing check the firewall.
Check the deifintions on SEPm and make sure it is downloading the latest definitons.

3.The only way to check it is from SEPM console if it shows there that means it is installed.You can also enable find unamanged detector that will show you which computers do not have sep on them ( but italso shows your printers,routers and like that ).
However you can check it locally as well on the clients.

4.Which logs are you talking about ?? If you are talking about installation log then NO. but you can see all other SEP related logs in SEPM
SEPM -Monitor - Logs tab
and SEPm - Clients- Highlight the group and it will show you the clients then there are few viewing options that you can select to get detailed information about any client

5.You can use find Unmamaged computers, Migration and deployment wizard or Group Policy Deployment which ever suits you.

In the CD2 there is Clientremote.exe (migration and deployment wizard) you can send this tool and package to the admin of the remote sites so that using this tool they can deploy SEP locally.

Hi Vikram,

Thanks for all the info provided.

For the logs part, becasue my client is using SSC currently. He mentioned that he can actually view the logs of a particular client from the SSC. And based on the logs, it can determine whether the client's virus is cleared. Is it possible to read the logs that is in client's SEP from the SEPM?

Another thing is, when pushing down the policy using the deployment wizard. If the machine is in standby mode or currently logged off. WIll the installation continues? Or it will wait until user to login then the installation will start?

Cheers
Tan Yong Chen

Hi guys,

I read the system reuqirements for SEP client, seems like the OS support are windows platform OS. Is it possible to install the client on other Server OS?

only Windows support for SEP, though there are other flavors of AV for other OS. Live MAC, LInux etc..

Cheers
Pete

At this point of time SEP is only Supported windows OS, however we do have SAV for MAC <linux and netware.

All the logs and reports that were seen from SSC and reporting Manager will be available in SEPM and the reporting and logging function has improved a lot as compared to SSC & Reproting in SAV 10.x
All the logs that are in SEP client can be read from SEPM.

While pushing the package even if the client is in Stand by or logeed off still it will be able to install it.
It will install it using theAdmin priviledge thatyou are using to deploy.
If you are able to ping and access the root drive it will install it whichever mode you are in.