Endpoint Protection

Hello,

Recently I've tried installing Sep11 and configuring managed clients on Server2008 r2 boxes.

I have gotten a box configured to the point where it is trying to find the management server, but the management server is apparently not responding.

What should be doing?

A little frustrating that it looks so nice and easy at first glance...


-Aaron

Are you installing the latest version of SEP 11 (11.0.5002.333)? Only this version supports Windows 2008 R2.

Yes I am using SEP 11.0.5002.333.

With a bit more testing I noticed it is just the mundane issue of Windows Firewall on the SEP management server is stopping it from detecting the SEP clients.

What configurations do I need to set on the SEP management server to allow SEP clients to associate with the management server?

(If I disable all firewalls on the SEP client, it cannot connect / update with the SEP management server... if I then reable all firewalls on the SEP cilent and disable all firewalls on th SEP management server, then they can communicate / update virus definitions etc.)

Thank you,


-Aaron

The Windows firewall on your server needs to allow for communication. Here is a list of ports used for SEP.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007090614430148

Which communication ports does Symantec Endpoint Protection 11.0 use?

 http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007090614430148

one thing you can  do is a secars test from the client (using a browser)

http://<Server>:<port>/secars/secars?hello,secars

For <Server> use your server name or IP address
for <port> use the port you configured for communication during the SEPM install

if you get the "OK" that means that the client can communicate to the server on the right port.  This simple test can tell you if you have a network configuration issues (firewall blocking that port some where or a bad ACL on a router).  Or as Cycletech pointed out, possibly windows firewall (in which case create an exception for smc.exe).