Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM 12.1RU2 Auto detect and install of SEP

Created: 04 Apr 2013 | 10 comments
D@ry1's picture

Hey guys,

Does the SEP have the function to automatically detect a computer on the network let's say on a certain subnet and automatically install an SEP client if it doesnt have it yet?

Thanks,

Operating Systems:

Comments 10 CommentsJump to latest comment

.Brian's picture

It cannot be done automatically.

You would need to use the Client Deployment Wizard:

https://www-secure.symantec.com/connect/articles/c...

How to install clients using "Client Deployment Wizard" in the Symantec Endpoint Protection Manager 12.1

Article:TECH164308  |  Created: 2011-07-11  |  Updated: 2011-10-25  |  Article URL http://www.symantec.com/docs/TECH164308

GPO can be created:

About installing clients with Active Directory Group Policy Object

http://www.symantec.com/docs/HOWTO26773

Creating a GPO software distribution

http://www.symantec.com/docs/HOWTO55429

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

D@ry1's picture

Hi,

Thanks for the answer guys, but how about the rogue detection feature? I was it somewhere but i cant remember about it, isn't it the feature to do the automatic installation of SEP on a machine that doesnt have SEP on the network?

Regards,

W007's picture

If no SEP is installed, it will be reported as unmanaged

you can configure a unmanaged client report and install on them,

What does it mean to set a client as an Unmanaged Detector?
http://www.symantec.com/docs/TECH105722
 

Find Unmanaged Clients on a remote network location using the Unmanaged Detector
http://www.symantec.com/docs/TECH96234
 

Setting notifications when using the "Unmanaged Detector" feature in the SEPM
http://www.symantec.com/docs/TECH104897

Look this discussion

https://www-secure.symantec.com/connect/forums/how-can-i-make-sure-newly-joined-domain-computer-gets-sep-client

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

D@ry1's picture

Hi,

So does that  mean that the unmanaged detector can only notify you that a computer on a network doesnt have SEP and cannot install it automatically?

Thanks,

W007's picture

Yes,You can find only system where are sep client are not installed or unmanaged sep client.

After you can using the CDW method and install sep client

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

D@ry1's picture

Hi,

Can you link me to the CDW method?

Thanks,

W007's picture

How to install clients using "Client Deployment Wizard" in the Symantec Endpoint Protection Manager 12.1

Article:TECH164308  |  Created: 2011-07-11  |  Updated: 2011-10-25  |  Article URL http://www.symantec.com/docs/TECH164308

How to deploy clients in Symantec Endpoint Protection 12.1

Article:TECH164327  |  Created: 2011-07-11  |  Updated: 2011-08-16  |  Article URL http://www.symantec.com/docs/TECH164327

https://www-secure.symantec.com/connect/forums/sym...

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

D@ry1's picture

Hi,

Thanks for the info, I've been using this for sometime now, didint know that was the acronym of it.

Thanks,

Mithun Sanghavi's picture

Hello,

Check this Thread: https://www-secure.symantec.com/connect/forums/how-do-i-find-unmanaged-computers-also-deployment-doesnt-work

With SEP12, we decided to merge the old clientremote tool and Find Unmanaged Computers into one.  The new version is called the Client Deployment Wizard.

You can find it in two places - first from the Home screen, choose "Install Protection Client to Computers" from the "Common Tasks" drop down at the top right, or alternatively, from the Clients tab, when you are in the client list, click "Add a Client" on the left hand side, just above "Add computer account"

Both will launch the CDW and allow you to search your network, find all your PC's and helps you deploy the right client to each one.

Idea has been raised for same to bring it back, you can vote for same

https://www-secure.symantec.com/connect/ideas/sepm12-bring-back-find-unmanaged-computers-sepm11

In your case, you could use the "UnManaged Detector" as an option.

Upon booting, a computer sends out Address Resolution Protocol (ARP) traffic to identify itself on a network. Once enabled, the Unmanaged Detector listens for gratuitous ARP traffic and collects Internet Protocol (IP) and Machine Address (MAC) data from traffic passing it on the local network. This data is then forwarded to the Unmanaged Detector’s SEPM which compares the IP address and MAC address of detected systems against its known list of managed endpoint clients and reports on the unmanaged endpoint clients.

An unmanaged detector is configured by right-clicking a managed SEP client in the Clients page of the SEPM console, and selecting "Make unmanaged detector".

Best Practices: When to use the "Find Unmanaged Computers" or "Unmanaged Detector" features in Symantec Endpoint Protection 11.0

http://www.symantec.com/docs/TECH104340

What does it mean to set a client as an Unmanaged Detector?

http://www.symantec.com/docs/TECH105722

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.