Endpoint Protection

 View Only
  • 1.  regarding SIC

    Posted Feb 28, 2013 09:24 AM

    Hi All,

    Good Day..

    We are using Sep 12.1 RU1 MP1 on a windows Architecture, and we are planning to deploy SIC on our environment, we need to confirm few things regarding SIC.

    1. Is it mandatory to give username & password on SIC server settings
    2. What is keeping SIC server (any hash values, vote counts),  so what would be the disk usage ?
    3. Port number 9006 is used for Status Service , what it exactly mean is it required to open between clients and SIC server

    Regards

    Ajin



  • 2.  RE: regarding SIC

    Posted Feb 28, 2013 09:29 AM

    Per the admin guide it should be optional

    Per admin guide it uses a voting system

    Just make sure that you have no internal firewall that would be blocking the 9006 port

    Symantec™ Endpoint Protection and Symantec Network Access Control 12.1.2 Installation and Administration Guide

    Article:DOC6153  |  Created: 2012-10-25  |  Updated: 2012-10-26  |  Article URL http://www.symantec.com/docs/DOC6153

     

    Info on SIC starts on page 651



  • 3.  RE: regarding SIC

    Posted Feb 28, 2013 12:33 PM

    My two pence:

    1. Authentication is not rquired
    2. The scan results are kept in memory on the SIC, so the disk requirements are small (but it can use a fair amount of RAM)
    3. Clients will talk to the SIC on 9006


  • 4.  RE: regarding SIC

    Broadcom Employee


  • 5.  RE: regarding SIC

    Posted Mar 01, 2013 02:58 AM

    Thanks Pete for the above link.

    Regards

    Ajin



  • 6.  RE: regarding SIC

    Posted Mar 01, 2013 03:00 AM

    Thanks  for the inputs

    But what will be the network usgae, since we are having approx 500 vlan's and having only one SIC.

    Regards

    Ajin



  • 7.  RE: regarding SIC

    Broadcom Employee
    Posted Mar 01, 2013 03:23 AM

    the SIC server should be kept under LAN.



  • 8.  RE: regarding SIC

    Posted Mar 01, 2013 03:30 AM

    Here's an article or two on the SIC Best Practices (just in case you've not seen them yet):

    http://www.symantec.com/docs/TECH174123
    http://www.symantec.com/docs/TECH172806

    It's worth noting that, in general, the SIC is aimed at improving performance on virtual systems, while it sounds as if you want to use it for physiscal system too, is that correct?

    If so, and while entirely possible, I've always questioned the benefit of such a setup...

    A physical machine with it's own disks is likely going to be able to scan any single file faster than pinging a request to the SIC for scan results.  The difference in the virtual environment is that many VMs are potentially using the same physical disks, and the network call to the SIC could all be done within the VMHost's memory.  This means in the virtual environment, the overhead in the SIC call is smaller, faster, and the benefit has far greater impact.



  • 9.  RE: regarding SIC

    Broadcom Employee
    Posted Mar 21, 2013 10:15 AM
    did you happen to install SIC ,does the above suggestions helped?


  • 10.  RE: regarding SIC
    Best Answer

    Posted Mar 21, 2013 11:53 AM

    HI Pete,

    http://www.symantec.com/docs/DOC6153 helped me smiley

    Thanks All for the Great Support .

    Regards

    Ajin