Endpoint Protection

 View Only

  • 1.  SEPM 12 Default Policy Differences

    Posted Mar 11, 2013 06:45 AM

    We are currently working our way through upgrading from SEP11 to 12 and are bringing an SEPM12 server on line.

    One question though that I can't find an answer for on here.

    After installation it has 2 default policy groups... "High Security" and "High Performance"

    Can anyone tell me what the differences are between these policies from install, as from looking at the managment GUI I cannot find any discernable differences between them. All the settings look to be identical.

    I appreciate any guidance here. If there are clear differences then I'd also like to understand the performance impact of using the high security option vs the perfomance option from the client machine perspective.

    regards

    Rob



  • 2.  RE: SEPM 12 Default Policy Differences

    Posted Mar 11, 2013 06:48 AM

    Should be outlined in this KB

    About the preconfigured Antivirus and Antispyware Policies

    Article:HOWTO27192  |  Created: 2010-01-08  |  Updated: 2010-01-15  |  Article URL http://www.symantec.com/docs/HOWTO27192

     



  • 3.  RE: SEPM 12 Default Policy Differences

    Posted Mar 11, 2013 06:55 AM

    These are the settings

    check the high performance and high security tab

    Security Response recommendations for Symantec Endpoint Protection 12.1 settings

    http://www.symantec.com/business/support/index?page=content&id=TECH173752


  • 4.  RE: SEPM 12 Default Policy Differences

    Posted Mar 11, 2013 07:11 AM

    Thanks guys both good links. Now if only those article had truly descriptive/meaningful titles maybe us regular users could get them via the search engine without having to post here. Perhaps i should be more adventurous with my search phrase... default policy SEPM 12 came back with nothing meaningful for me.

    Has anyone got any real world experience of using the "High Security" policy, there are some of the team here concerned that it may be over the top for some of our application servers that may have a higher sensitvity to disruption by other processes. I know this is purely subjective but I'm sure we will use the balanced policy by default and then consider upping to the High Security if we feel its benefit ve performance impact is something we can take on the chin.

    I would like some views of people that have use the High Security policy

    • did it work for you
    • did it interferce with processes/service
    • did it have a detrimental performance impact on the servers using it
    • would you recommend using it or rather stick to balanced

    I dont think we would consider the high perfomance policy as it relaxes enough of the controls such that the benefits of the software are backed off to some degree.

     

    regards

    Rob

     



  • 5.  RE: SEPM 12 Default Policy Differences

    Broadcom Employee
    Posted Mar 11, 2013 07:58 AM

    Hi,

    High Security policy is advisable to use if System admin wish to provide limited access to end users.

    With this security all the items will be locked by default. End user won't be able to start/stop services, access settings etc.

    • did it work for you --> It should work the same way like balanced but with more security
    • did it interfere with processes/service --> It won't interfere with processes/service
    • did it have a detrimental performance impact on the servers using it-->  Not at all
    • would you recommend using it or rather stick to balanced --> I would recommend using high security however you can test it prior to implement it.