Endpoint Protection

 View Only

  • 1.  SEP Location Awareness for no network connectivity

    Posted Aug 27, 2014 03:19 PM

    How would I setup a location awareness so that a set of policy is enforced when there is no network connectity?



  • 2.  RE: SEP Location Awareness for no network connectivity

    Broadcom Employee
    Posted Aug 27, 2014 03:23 PM

    #Edit

    Hi,

    Thank you for posting in Symantec community.

    A number of conditions can be specified to determine when a client computer is allowed to switch to another location, before it is allowed to connect to the network.  Switching locations allows a different set of security policies to apply when a client computer is connecting to the network from a more vulnerable location.  If the conditions match, the computer automatically switches to the designated group's location with its associated policy and the computer is allowed to connect to the network.

    More about Location Awareness in Symantec Endpoint Protection (SEP)

    http://www.symantec.com/docs/TECH97369

    Location Awareness Logic

    http://www.symantec.com/business/support/index?page=content&id=TECH97097

    Location Awareness Decision Logic

    http://www.symantec.com/docs/TECH105250 



  • 3.  RE: SEP Location Awareness for no network connectivity
    Best Answer

    Posted Aug 27, 2014 03:23 PM

    Set up a condition for the Network Connection Type and select the option "if the client computer does not use the network connection type specified below"



  • 4.  RE: SEP Location Awareness for no network connectivity

    Posted Aug 28, 2014 06:36 AM

    Hmmmmm, looking at it from a different point of view: Why do you want to identify when there is no network connection?

    Do you have a specific set of policies in mind for when the machine is not connected to any network?

    The reason I ask is that I would normally (from a security focussed standpoint) only want a couple of Locations to identify the below:

    • Corporate network (with slightly more relaxed security policies, as the endpoints are within a managed/trusted network and surrounded only by managed/protected endpoints)
    • Anywhere else (with as much security as SEP can provide)

    In the above scenario, the "No Network Connection" would fall into the second category/location, which I would leave/configure as the "Default [default]" location with no rules/conditions assigned to it.  Would this suffice?



  • 5.  RE: SEP Location Awareness for no network connectivity

    Posted Aug 28, 2014 06:26 PM

    strict requirement



  • 6.  RE: SEP Location Awareness for no network connectivity

    Posted Aug 28, 2014 06:43 PM

    Thanks



  • 7.  RE: SEP Location Awareness for no network connectivity

    Posted Aug 28, 2014 08:41 PM

    would you like to impliment system lockdown when they are off the network?

    https://www-secure.symantec.com/connect/articles/what-system-lockdown-what-stages-do-i-implement-system-lockdown-symantec-endpoint-protectio