Management of Symantec AntiVirus (SAV) for Linux

Article:TECH102587  |  Created: 2007-01-05  |  Updated: 2014-09-22  |  Article URL
Article Type
Technical Solution



You want to know if the legacy Symantec AntiVirus for Linux can be managed.


SEP 12.1 RU5 introduced a managed SEP for Linux (SEPFL) client.  Details can be found in New fixes and features in Symantec Endpoint Protection and Network Access Control 12.1.5 and Symantec Endpoint Protection 12.1.5 for Linux Client Guide. The use of this new, managed Linux client is highly recommended.

The legacy SAV for Linux was designed as a stand-alone product. The client currently runs independently of a management console, though it is now possible to forward certain logs to the Symantec Endpoint Protection Manager (SEPM) with SAVFL Reporter.  Details are contained in the article linked, below.

Additional information about configuring the legacy SAVFL can be found in SAV for Linux: A (Somewhat) Illustrated Guide Part 2 

Manual Management with a GRC.DAT

You can create a and distribute a GRC.DAT file  to all your Linux clients. This allows you to:

    • Schedule scans
    • Schedule updates (***LiveUpdate Only - VDTM not supported***)
    • Enable/disable various options

Configuration Options

Only certain options can be configured with SAV for Linux. For a description of what those options are, please refer to the SAV for Linux Implementation Guide, under the section, "What you can configure on Linux by using a GRC.DAT file".

A copy of the Implementation Guide is available from the link provided under Related Articles.

Configuring the GRC.DAT

You can use the following applications to configure the GRC.DAT for distribution.

    • ConfigEd Tool - Faster and easier, but you have to keep track of the various GRC.DAT files you create. This can become complex if you have many Linux clients with different settings.
    • Symantec System Center - Requires a Symantec AntiVirus or Symantec Client Security managed environment (unsupported), and is a more complex method, but you can use the Client Groups to keep track of different settings for your Linux clients. Please note that no actual client machines are going to appear in these groups and you are not directly managing your Linux clients with the SSC. This is only a clever method for configuring and keeping track of your GRC.DATs for your Linux clients.

Using the ConfigEd Tool from the Symantec Client Security or Symantec AntiVirus CD

    • The tool is located in the \Tools\ConfigEd folder off the SAV or SCS CD, or you can save it from this document.
    • Some of the tool's options will not be available if ConfigEd is run on a computer that does not have SAV installed.
    • The tool is fairly straightforward. Click the various options to configure the settings you desire and save the file as GRC.DAT.
    • From there, distribute the file.

Using the Symantec System Center

NOTE: Using the Symantec System Center requires that you already have a managed Symantec AntiVirus or Symantec Client Security environment. If you do not, then this method is not an option for creating and configuring a GRC.DAT.

Also note that Symantec AntiVirus and Symantec Client Security are unsupported, and these instructions are provided for your convenience.

  1. Open the Symantec System Center.
  2. Open a Server Group that contains a SAV Server local to you. Write down the Computer name of the Primary server.
  3. Create a New Client Group
  4. Right Click the Client Group and uncheck "Inherit Settings From Server Group"
  5. Configure the Client Group with the settings you want for your SAV for Linux Clients.
  6. Go to the Primary Server of the Client Group you created in Step 3.
  7. Navigate to \Program Files\Symantec Antivirus\Groups\
  8. Copy out the GRC.DAT to a separate folder.
  9. Distribute the GRC.DAT to your Linux clients.



Attachments (303 kBytes)

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices