Endpoint Protection

 View Only

  • 1.  SEP Manager facing the internet

    Posted Sep 25, 2013 04:24 PM

    Hey,

     

    I just have a short question. But the issue is not so easy. 

    I am not sure if it will be a good idea but I need to install a SEP Manager (12.1.3001) that faces the internet to connect clients that were traveling around the world. Is the application secure. Are there no security holes? Is the tomcat version the current one?

     

    I am not sure but are other customers doing the same?

     

    thx

     



  • 2.  RE: SEP Manager facing the internet

    Posted Sep 25, 2013 04:28 PM

    You'll want to follow the best practice guide from Symantec which shows what you need to open:

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    Article:TECH178325  |  Created: 2012-01-05  |  Updated: 2012-01-05  |  Article URL http://www.symantec.com/docs/TECH178325

     



  • 3.  RE: SEP Manager facing the internet

    Posted Sep 25, 2013 05:10 PM

    Hi,

    thank you for the article. Do you have a SCSP policy set for SEPM? I am sure that SEPM is designed also to run in a DMZ and is monitored by several CERTs. Is tomcat and all containig code reviewed?

     



  • 4.  RE: SEP Manager facing the internet

    Posted Oct 21, 2013 12:25 PM

    I do not have a SEPM deployed in a DMZ so I cannot speak from experience. As for tomcat, I don't believe it is updated unless a new release comes out with updated code. Symantec would need to confirm.



  • 5.  RE: SEP Manager facing the internet

    Posted Feb 24, 2014 09:16 AM

    Do you need more assistance with your problem or were you able to get it resolved?

    If you could post an update for followers of this thread that would be most helpful.

    Otherwise, if resolved, you can close the thread out by clicking the "Mark as solution" link at the bottom left on the most helpful post. This will benefit admins looking for a resolution to the same problem.

    Thanks and take care,
    Brian