Endpoint Protection

 View Only

  • 1.  SEP ADC

    Posted Aug 01, 2013 09:56 AM

    Did anyone implemented SEP ADC in user mode. Any problems?!



  • 2.  RE: SEP ADC

    Posted Aug 01, 2013 09:59 AM

    Shold be no different than compute rmode



  • 3.  RE: SEP ADC

    Posted Aug 01, 2013 10:04 AM

    I am not sure about:

    • Which policy is applied if no user is logged in
    • If a different user is logged in, will a restart is required to apply the changes

     



  • 4.  RE: SEP ADC

    Posted Aug 01, 2013 10:04 AM

    It has the same impact as the computer mode.

    Very good article on this implimentation. Please have a look

    https://www-secure.symantec.com/connect/articles/assign-sep-policies-using-active-directory-security-group-membership

     



  • 5.  RE: SEP ADC

    Posted Aug 01, 2013 10:08 AM

    It should retain previous policy until someone else logs in.

    No restart should be required.



  • 6.  RE: SEP ADC

    Posted Aug 01, 2013 10:14 AM

    You can apply policy to a machine or to a user

    But SEP is installed to a machine. Based on who logs in the policies are applied.

    No Restart required



  • 7.  RE: SEP ADC

    Broadcom Employee
    Posted Aug 01, 2013 01:44 PM

    Hi,

    Thank you for posting in Symantec community.

    Restart is not required & policies work as per the below note.

    If the client software runs in user mode, the client computer gets the policies from the group of which the user is a member. If the client software runs in computer mode, the client computer gets the policies from the group of which the computer is a member. Many organizations configure a majority of clients in computer mode. Based on your network environment, you might want to configure a few clients with special requirements as users.

    You set up clients as users or computers by adding the users and computers to an existing group. After a user or a computer is added to a group, it assumes the policies that were assigned to the group.

    Refer this article to learn more about it:

    http://www.symantec.com/docs/HOWTO27008



  • 8.  RE: SEP ADC

    Posted Aug 02, 2013 05:02 AM

    Question:

    no user is logged in yet. Which policy should be applied. The idea that when no user is logged in, all devices should blocked. not to retain the previous policy. It always have to be the BLOCK ALL policy.



  • 9.  RE: SEP ADC

    Posted Aug 02, 2013 06:06 AM

    If no user is logged in till yet and system is installed and communicate with Server then it will be in default group and the policy will be appled of Default group.

    System can get the policy which last time logged in user on that system.



  • 10.  RE: SEP ADC

    Broadcom Employee
    Posted Aug 02, 2013 07:48 AM

    Hi,

    When the user do login then only policy will take place whether it is in computer mode or user mode.

    If last login is for user mode then I believe the same policy will remain in the background until next user log in.