Endpoint Protection

 View Only

  • 1.  Central Console for SEPM for All Customers

    Posted Nov 18, 2009 08:00 AM
    We are a MSP and have 40 customers that run SEP. Instead of having to install the SEPM at all of our customers I was wondering if anyone has taken an approach of putting the SEPM on a hosted server and centrally managing all of their customers from the single SEPM. We support about 600 workstations. Upgrades would be a lot easier for sure. I realize that there could be bandwidth issues with definition updates and this is not really what the product was designed to do. All this being said are there any other providers out there that can share experience with trying to make SEP easier to centrally manage for many different customers?


  • 2.  RE: Central Console for SEPM for All Customers

    Posted Nov 18, 2009 08:24 AM
    Let me know if you liked this approach

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/40542f09324e61fdca257582007472c5?OpenDocument

    let me know if you have any questions


  • 3.  RE: Central Console for SEPM for All Customers

    Posted Nov 18, 2009 03:52 PM
    This sounds really cool. I wonder if any MSPs have actually tried it.


  • 4.  RE: Central Console for SEPM for All Customers

    Posted Nov 18, 2009 04:08 PM
     I manage a number of MSP's that do this.  Please talk to your local Symantec Rep, they have documents for this that are internal for partners only.

    SEP has the controls in place to do all you want, but it wasn't until a month ago that good documentation has come out.


  • 5.  RE: Central Console for SEPM for All Customers

    Posted Nov 18, 2009 07:46 PM
    I am definetly going to contact them to get more info. This would be a huge help!


  • 6.  RE: Central Console for SEPM for All Customers

    Posted Dec 15, 2009 08:38 PM
    Hey Guys, does anyone else have any information on this. I have been talking with my symantec rep and no-one seems to have any information on this.


  • 7.  RE: Central Console for SEPM for All Customers

    Posted Dec 16, 2009 07:25 PM
    Whats there to know really?

    - Install 2 SEPM's into a DMZ with a SQL db or instance on a backend cluster.
    - Open the firewall up and/or use NAT for port 8014 traffic.
    - Create client groups for each company you are providing SEP
    - Ensure each SEP client has the sylink.xml that points it to the right group

    Your biggest concern will be getting the definitions delivered across the internet rather than a LAN.
    If the client has a large number of SEP clients just assign a Group Update Provider.

    Should be the exact same configuration as a central site with remote offices just you want to segregate them a little more.

    Z