Endpoint Protection

i am planning to use location awarness feature.but i am confused that what should i blocked for user when they are on remote location or wroking from home

i can do about webfiltring but what are other service that should be blocked when the user is not in my corporate network

Regards

Rohit

the remote user have a difficulty of updating the definition if off from corporate network, you may thnk of enabling LU once move out of network.

How to configure mobile computers to automatically download virus definitions when disconnected from the SEPM

http://www.symantec.com/business/support/index?page=content&id=TECH104571&locale=en_US

restricting user limits on configuration can be achieved using location awareness and it has to be decided by you.

what about other services !

you can configure firewall rules based on location. similarly ADC policy as well.

well i am confused what should i blocked,like what are best prastice

its your requirement, i haven't seen any rticle mentioning the blocking.

Ideally, you want to block everything and only allow what is needed.

It may depend on what your company policy allows but I would start by allowing 80, 443, and VPN while blocking everything else.

What else do they need while working from home? Only you or they could answer that. There is no specific best practice for this since each company is different.

With the help of Location awareness policy, you can enable live update option for download definition from symantec site. Also you can block below rule

1) Restrict for file or regestry modification access.

2) Block host file modification.

3) Block download file from internet.