Endpoint Protection

I've been looking around for some type of detailed documentation on the recomendations for the configuration of the server for SIC.

     The obvious things like processors/RAM/space are a concern.

     Scalability? We have a few different datastores, in different locations can I have one central SIC server and connect them all to it? Roughly 250 VM's in total and expanding rapidly. I want to make sure that when I get this all figured out, i'm not going to have to retool it in six months.

If i'm correct in understanding...I'm going to spin up this server with the Symantec Virtual Application installed, and then complete the rest of the configuration within my SEPM point all the VM's to where the Shared Insight is?

    All the machines keep their current versions of SEP (12.1) 

    When I add new VM's I just point them to the proper policy in SEPM and they're good to go?

 Thank you in advance. 

One thread you may want to go thru carefully can be found here:

https://www-secure.symantec.com/connect/forums/sva-not-working-or-communicating-vmware-vdi-clients-or-vm-management

Brian,

Thanks for the link. I had not seen that one prior to posting this question, and it certainly doesn't give me the wam and fuzzies. That gentleman was definitely geared towards VDI more so than just scanning his VM's. I wish he had a follow up on the issue because it seems that he left it open-ended with the fix potentially bening on the VMware side!

Hopefully, there's someone out there with some experience in the initial setup as well!

While yo have specifically mentioned the SVA version of the SIC, it's probably worth reminding you that there is a Windows-based implementation as well, that uses tcp/ip to perform the results sharing (instead of vshield endpoint).

http://www.symantec.com/docs/TECH174123
http://www.symantec.com/docs/TECH172806

This version is faaaaaaarrr easier to setup, and a single one can handle up to 1500 clients.