Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

SEP for home use

  • 1.  SEP for home use

    Posted Nov 30, 2010 11:08 AM

    As a courtesy, we give our users SEP for home use. Some were asking if they could have it so it was more locked down. I've been playing around with this and created a separate group with separate policies for home users and created the package.

    I've noticed that no matter how I configure it, Proactive Threat is in Log mode and needs to be manually changed and App and Device control does not work.

    I exported the package as an unmanaged client. And I'm assuming this is all by design because both of these components need to be used with caution but is there any way around this?



  • 2.  RE: SEP for home use

    Posted Nov 30, 2010 11:17 AM

    So to sum up: however you export an unmanaged client from SEPM, PTP is going to be in log mode and ACDC will not work at all? I will need to have a closer look on that, I have never tried.



  • 3.  RE: SEP for home use

    Posted Nov 30, 2010 11:18 AM

    Yep. PTP was in log mode even though I set it to Quarantine in the policy and ADC did not work as I put a block on the HOSTS file but I was still able to modify it.



  • 4.  RE: SEP for home use

    Posted Nov 30, 2010 11:21 AM
    Make sure the policy is tested and applied to the group of which the package is being created and 'Import policy' is checked while creating package.


  • 5.  RE: SEP for home use

    Posted Nov 30, 2010 11:42 AM

    What is the need of ADC on a unmanaged client..you can control the apps by the firewall



  • 6.  RE: SEP for home use

    Posted Nov 30, 2010 11:45 AM

    True, who would like to use ACDC at home? But on the other hand maybe it is installed on a corporate notebook? At least there should be a choice... Anyways, I will make some tests and let you know :)



  • 7.  RE: SEP for home use

    Posted Nov 30, 2010 11:58 AM

    There is no absolute need for it. However, some users have asked if they can have the same configuration at home as they do on the corporate network. I would like to make it work if possible but if it's not possible then I can relay that to them.

    We provide SEP as a courtesy but I also don't want to spend time creating documents for personal use if it can be avoided. On the other hand, if they want to be more protected while at home I will try and oblige as my schedule permits. If PTP cannot be switched out of log mode or ADC will not work, I'm not going to install those components.



  • 8.  RE: SEP for home use

    Posted Nov 30, 2010 12:34 PM

    Are you buying additional licenses for the users to have at home. Just wondering how this works.



  • 9.  RE: SEP for home use

    Posted Nov 30, 2010 01:01 PM

    To my knowledge, we have an agreement with Symantec that allows us to do this. I believe it is included in the SEP pricing. However, our asset manager handles all this so I'm not 100% sure.

    I just create the packages for home use.



  • 10.  RE: SEP for home use

    Posted Nov 30, 2010 01:10 PM

    I don't think ADC works on Unmanaged Clients..you can configure Firewall Rules to be more security and for home users specially create the rule to ASK when new application is detected in Firewall.



  • 11.  RE: SEP for home use

    Posted Dec 01, 2010 02:36 AM

    There are such things for SEP called "Home Use," licenses.  If your organization has 1000 computers, you buy 1000 licenses of SEP.  And you can then purchase up to 1000 home use licenses at a largely discounted rate.

    Basically you can buy as many home use licenses as you have corporate licenses.

     

    As for your other question, I wonder if you can export the policy in the SEPM, and import it into the unmanaged client.  It's manual, but easier than what settings need to change from the default.  

    You may have to export the unmanaged settings, and export the managed settings, and copy and paste lines into the XML to make it work?