Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SMSMSE, SEP Outlook Auto-Protect technical reference needed

Created: 27 Mar 2014 • Updated: 30 Apr 2014 | 3 comments
This issue has been solved. See solution.

Hello,

My understanding is that if you employ SMSMSE on your exchange servers, you should not enable Outlook Auto-Protect, at the very least on the Exchange Server, and that it's a redundancy to enable it on the SEP client installed on individual workstations.  I've found the technical referance about disableing Outlook Auto-Protect on the Exchang eserver itself.  I, however, cannot find the vendor technical reference that recommends not running Outlook Auto-Protect on SEP clients on the workstations.

I need to be able to reference a vendor's document or technical publication in order to justify a STIG exception and disable this feature.  I cannot reference a forum discussion no matter how much I respect the SMEs advice and content of this forum.  

Could anyone point me to a doc/tech pub that says it's best to disable SEP Client Outlook Auto-Protect on the workstation in an environment that is being protected by SMSMSE?

Any assistance is really appreciated!

Operating Systems:

Comments 3 CommentsJump to latest comment

.Brian's picture

You are spot on in regards to the reason of not using the SEP outlook plugin for scanning if running SMSMSE.

This document lays it out:

"Alternately, do not use this optional mail plug-in.  If a mail security program like Symantec Mail Security for MS Exchange (SMSMSE) is installed on the company's Exchange server or elsewhere in the mail flow (a dedicated mail scanning appliance, for instance) then any threats or other unwanted content should be cleaned long before the messages reach the end users.  SEP's optional mail scanning components are of most use only in very small offices or unmanaged deployments. If a proper solution is implemented elsewhere in the mail architecture, then the SEP plug-in adds provides very limited return for its resource usage."

Support for Symantec Endpoint Protection's Optional Outlook Plug-In on Outlook 2010

Article:TECH141640  | Created: 2010-10-11  | Updated: 2011-11-16  |

Article URL http://www.symantec.com/docs/TECH141640

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
R_Sran's picture

You can follow the link given by Brain and if you are satisfied with it. Then you can take the help of Symantec Support team.

Mick2009's picture

Hi ccvickers,

"Thumbs up" to the above.  If SMSMSE is scaning the mail before it reaches SEP, there's very little additional protection added by having the SEP mail plug-in.  The definitions on the SEP client (which can update 3 x per day) may be slightly newer than what was used by SMSMSE (generally updates once per day), and the pop-up can warn of undetected spambot software that has installed itself on the computer.

Many unexpected pop-up messages from the client email plugin appear
http://www.symantec.com/docs/TECH122425

That's about all the added value of the mail plug-ins, weighed up versus the resource consumption.

Hope this helps!

Mick
 

With thanks and best regards,

Mick