Video Screencast Help

Symantec Endpoint Protection for Linux

Created: 15 Jun 2011 • Updated: 15 Jun 2011 | 1 comment
This issue has been solved. See solution.

We have Red Hat 5.XXX installed on some of our critical servers.

Currently we are in SEPM 11 environment.. how can we deploy cllient version to these linux servers. Or is it a seperate installation all together?

 

Would appreciate any links that can be provide useful to linux symantec antivirus

 

What exactly does this antivirus for linux protect? as linux is immunse

Comments 1 CommentJump to latest comment

Mithun Sanghavi's picture

Hello,

Symantec Endpoint Protection version 11 does not support Linux environment. There is no SEP for Linux. There is SAV for Linux (SAVFL) which is included on the SEP disk download. I think that's where the confusion is coming from.

 

The SAVFL client cannot be managed by the SEPM, although it can report logs back to the SEPM by using SAV Reporter, which was released after SAVFL 1.0.10, but can be downloaded from the following KB article.
 
Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes 
 
The SAVFL client is 32-bit only. If you take a look at the RPM packaging you will see that the only package that has a 64-bit version is the savap package (AutoProtect), which understandably needs it as it has to hook into the kernel. While the deb packaging has separate 64-bit packages for each one, there binaries are still 32-bit. You'll notice this if you've tried to install and use SAV on a 64-bit debian based system without ia32-libs installed.
 
If you really need to confirm that the binary is 32-bit, you can use the file command.
 file /opt/Symantec/symantec_antivirus/sav 

and it should produce an output such as this (note this is from my Ubuntu 10.10 64-bit machine and is showing a 32-bit executable)

 

 /opt/Symantec/symantec_antivirus/sav: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.4.3, stripped 

 

 

 

Again, SEP 12.1 would have packages for Linux. SEP 12.1 will not manage Linux. 

NOTE: SEP 12.1 is under BETA and would be Released anytime this year.

Key Features

  • Unmatched protection from the world leader in security
  • Seamlessly integrates antivirus, antispyware, firewall, and intrusion prevention as well as network access, device and application control (Symantec Endpoint Protection only)
  • Requires only a single agent
  • Powerful central management of security for physical and virtual Windows and Mac endpoints
  • Enables instant NAC upgrade without additional software deployment (Symantec Endpoint Protection only)
  • Antivirus and antispyware for Windows, Mac and Linux clients (Linux – Symantec Endpoint Protection only)
  • Built to secure your virtual infrastructure

Reference:

http://www.symantec.com/business/theme.jsp?themeid=sep12-beta

Again, SEP Linux could not be Managed from SEPM. 

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION