Client Guide for Symantec™ Endpoint Protection and Symantec Network Access Control

Article:DOC2350  |  Created: 2010-08-10  |  Updated: 2014-03-18  |  Article URL
Article Type



This guide includes information and procedures for end users who manage their own Symantec Endpoint Protection client.


Table of Contents:
1. Introducing the client
About the client
About the Symantec Endpoint Protection client
About Antivirus and Antispyware Protection
About Proactive Threat Protection
About Network Threat Protection
About the Symantec Network Access Control client
2. Responding to the client
About client interaction
Acting on infected files
About the damage that viruses cause
About notifications and alerts
Responding to application-related notifications
Responding to security alerts
Responding to Network Access Control notifications
3. Managing the client
About centrally managed clients and self-managed clients
Converting a self-managed client to a centrally managed client
Updating the computer's protection
Updating the content immediately
Updating the content on a schedule
About security policies
Updating the policy file manually
Verifying that policies have been updated
Scanning your computer immediately
Pausing and delaying scans
Enabling and disabling protection technologies
Enabling or disabling Auto-Protect
Enabling or disabling Network Threat Protection
Enabling or disabling Proactive Threat Protection
About Tamper Protection
Enabling, disabling, and configuring Tamper Protection
Testing the security of your computer
About locations
Changing locations
About the notification area icon
Hiding and displaying the notification area icon
About preventing an administrator from restarting your computer
4. Managing Antivirus and Antispyware Protection
About viruses and security risks
How the client responds to viruses and security risks
About antivirus and antispyware settings
About scanning files
If your email application uses a single Inbox file
About scanning by extension
About scanning all file types
About preventing macro virus infections
When the client detects a virus or security risk
About Auto-Protect
About Auto-Protect and security risks
About Auto-Protect and email scanning
Disabling Auto-Protect handling of encrypted email connections
Viewing Auto-Protect scan statistics
Viewing the risk list
Configuring Auto-Protect to determine file types
Disabling and enabling Auto-Protect security risk scanning and blocking
Configuring network scanning setting
Working with antivirus and antispyware scans
How antivirus and antispyware scans work
About definitions files
About scanning compressed files
Scheduling a user-defined scan
Scheduling a scan to run on demand or when the computer starts up
Editing and deleting startup, user-defined, and scheduled scans
Interpreting scan results
About interacting with scan results or Auto-Protect results
Configuring actions for viruses and security risks
Tips for assigning second actions for viruses
Tips for assigning second actions for security risks
About risk impact ratings
Configuring notifications for viruses and security risks
About excluding items from being scanned
Excluding items from being scanned
About handling quarantined files
About infected files in the Quarantine
About handling infected files in the Quarantine
About handling files infected by security risks
Managing the quarantine
Viewing files and file details in the Quarantine
Rescanning files in the Quarantine for viruses
When a repaired file cannot be returned to its original location
Clearing backup items
Deleting files from the Quarantine
Automatically deleting files from the Quarantine
Submitting a potentially infected file to Symantec Security Response for analysis
Submitting information about scan detections to Symantec Security Response
About the client and the Windows Security Center
5. Managing Proactive Threat Protection
About TruScan proactive threat scans
Processes and applications that TruScan proactive threat scans examine
About exceptions for TruScan proactive threat scans
About TruScan proactive threat scan detections
About acting on false positives
Configuring how often to run TruScan proactive threat scans
Managing TruScan proactive threat detections
Setting the action for the detection of commercial applications
Specifying actions and sensitivity levels for detecting Trojan horses, worms, and keyloggers
Specifying the types of processes that TruScan proactive threat scans detect
Configuring notifications for TruScan proactive threat scan detections
Submitting information about TruScan proactive threat scans to Symantec Security Response
Excluding a process from TruScan proactive threat scans
6. Managing Network Threat Protection
About managing Network Threat Protection
Managing firewall protection
How the firewall works
About firewall rules
About the elements of a firewall rule
About stateful inspection
About the rule processing order
Adding a firewall rule
Changing the order of a firewall rule
Enabling and disabling rules
Exporting and importing rules
About the built-in firewall rules
Enabling traffic settings and stealth Web browsing settings
Enabling Smart Traffic Filtering
Enabling network file and printer sharing
Blocking traffic
Configuring application-specific settings
Removing the restrictions from an application
Managing intrusion prevention protection
How Intrusion Prevention protection works
Enabling or disabling intrusion prevention settings
Configuring intrusion prevention notifications
Blocking and unblocking an attacking computer
7. Managing Network Access Control
How Symantec Network Access Control works
Running a Host Integrity check
About updating the Host Integrity Policy
Remediating your computer
Viewing the Network Access Control logs
How the client works with an Enforcer
Configuring the client for 802.1x authentication
Reauthenticating your computer
8. Using and managing logs
About logs
Managing log size
Configuring the retention time for the Antivirus and Antispyware Protection log entries
Configuring the size of the Network Threat Protection logs and the Client Management logs
Configuring the retention time for the Network Threat Protection log entries and the Client Management log entries
About deleting the contents of the Antivirus and Antispyware System Log
Deleting the contents of the Network Threat Protection logs and the Client Management logs
Quarantining risks and threats from the Risk Log and the Threat Log
Using the Network Threat Protection logs and the Client Management logs
Refreshing the Network Threat Protection logs and the Client Management logs
Enabling the Packet Log
Stopping an active response
Tracing logged events back to their source
Using the Client Management logs with Symantec Network Access Control
Exporting log data


Client_Guide_SEP11.0.6.pdf (1.6 MBytes)

Article URL

Terms of use for this information are found in Legal Notices