Endpoint Protection

Hello all , I have two SEPM's 12.1.4 running in failover mode supporting about 1600 endpoints . Now I have a requirement to configure a reverse proxy on SEPM to support about 200 Mac clients so that they take take definations from SEPM instead of going to the internet.

I have gone through this document ( http://www.symantec.com/business/support/index?page=content&id=HOWTO85034 )

apart from following this document is there any other configuration or best practice document I need to follow to achieve this.

Secondly do I need to configure the reverse proxy on both SEPM1 and SEPM2 ?  SEPM1 is primary and SEPM2 is secondary.

Thanks & Regards

 

 

 

You just need to configure on both per the doc, should be all that's needed.

Thanks Brian for your response , it needs to be done on both ? If i configure it on SEPM 1 since it is the primary one in the envoirement it will still be able to provide them with the definations provided endpoints are able to connect to this SEPM1.

Secondly apart from the document mentioned above is there like any other best practices document for this ? Thanks

Correct but if you have clients connecting to 2 they won't be able to download from it. So its up to you on how you want to handle. That is the only guide I've seen.

You can enable the reverse proxy functionality on as many SEPMs as you want.

The MAC clients will only use the SEPMs that you point them at via the assigned LU Setting policy (as "Internal" LiveUpdate Servers), so even if you enable the functionality on both, only one will be used as the update source most of the time (as LU server are used in order or priority).

Thanks Brian and SMLatCST for your replies.

Please confirm me one thing as per the article in the section managing cache file size

If I don't perform or execute this htcacheclean -n -t -d1440 -l1024M -p"SEPM_Install/apache/cache-root"

what would be the behavior ? would it have any adverse effect on SEPM ?

Whats the purpose of executing this command? Thanks

The htcachclean daemon is a common Apache component that is there to keep the cache of the MAC defs on the SEPM at a reasonable size.  Without it, the cache will grow unchecked over time (i.e. even files that are no longer required will still be kept).  The command you posted tells it to run in deamon mode, check the cache every 1 day, and bring it down to 1GB in size if over.

Check out the below description of it from the the interwebs:

http://httpd.apache.org/docs/2.4/programs/htcacheclean.html

"htcacheclean is used to keep the size of mod_cache_disk's storage within a given size limit, or limit on inodes in use. This tool can run either manually or in daemon mode. When running in daemon mode, it sleeps in the background and checks the cache directory at regular intervals for cached content to be removed...."