Roaming client update problem
Created: 31 Oct 2012 | 2 comments
Dear Support,
I am using roaming client package on laptop machine. Now i want if my client machine is going outside of my offical network. At this situation my client machine connect with my office SEPM manager server. I have a public ip to connect ouside network client machine with my SEPM server. So please provide the procedure to how to connect client with my offical public ip address.
I was also change the live update policy and given public ip address on internal liveupdate server but it's want URL also so please help me how to do this.
Discussion Filed Under:
Comments 2 Comments • Jump to latest comment
Probably a good idea to use location awareness.
http://www.symantec.com/business/support/index?page=content&id=TECH97369
You can use an internal location and put subnet ranges and specific policy to be applied when it meets that criteria. Then when you go roaming it will pick up another location and you can set a bit more of a secure policy when out and about.
Please review ideas and vote there could be something useful :)
https://www-secure.symantec.com/connect/security/ideas
"Thumbs Up" to GeoGeo above.
Further to his post about Location Awareness, please also review the below articles:
You'll need a new MSL to define the external address clients should use to connect to your SEPM. The below articles tell you how to create a new MSL and how to assign this to the external location GeoGeo recommended:
http://www.symantec.com/docs/HOWTO81154
http://www.symantec.com/docs/HOWTO80735
As far as the updating of definitions goes, please also review the below article on the LU options. Essentially, you'll want the one assigned to the external location to go to Symantec LiveUpdate for definitions, while the internal one points to the "Default management server":
http://www.symantec.com/docs/HOWTO26831
#EDIT#
Here are a couple of extra LU policy articles for pointing clients at a LiveUpdate Adminstrator server. Like I said, it's usually better to point external SEP clients at Symantec instead, but you asked...
http://www.symantec.com/docs/HOWTO55180
#/EDIT#
Lastly, please consider the below articles for placing a SEPM in the DMZ. I'd personally recommend against making your main SEPM externally accessible, but instead put a replication partner in the DMZ for external SEP clients to connect to and harden it:
http://www.symantec.com/docs/TECH178325
http://www.cstl.com/
Would you like to reply?
Login or Register to post your comment.