Endpoint Protection

 View Only

  • 1.  Linux OS AV Scanning in SEPM 12.1.2 ?

    Posted Nov 19, 2012 08:43 PM

    Hi,

    What are the latest updates for the SAVFL for Linux ?

    I'm thinking to deploy the SEPM Linux appliance to do the Linux OS scanning using vShield API if possible.



  • 2.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Broadcom Employee
    Posted Nov 19, 2012 08:56 PM

    latest definition for linux can be downloaded from below link. at this moment it is 2012/11/19-rev 004

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce



  • 3.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Posted Nov 19, 2012 08:58 PM

    From here for all defs:

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce



  • 4.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Broadcom Employee
    Posted Nov 19, 2012 08:59 PM

    can you clarify what you mean to say SEPM on Linux appliance.



  • 5.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?
    Best Answer

    Posted Nov 19, 2012 10:05 PM

    The SEP Security Virtual Applicance is not a SEPM. It's a linux based virtual appliance that you install on a VMware EXS/EXSi server. It integrates with VMWare's vShield Endpoint. The Shared Insight Cache runs in the appliance and lets Windows based guest VMs share scan results.

    I want to make sure your not confusing this as it does not act as a virtual SEPM.



  • 6.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Posted Nov 19, 2012 10:06 PM

    Ah, so it doesn't scans Linux host as per the definition using vShield API ?

     



  • 7.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Posted Nov 19, 2012 10:13 PM

    It only works for clients managed by the SEPM, as you need to set this up in the AV policy. Linux clients cannot be managed by SEPM as of yet.



  • 8.  RE: Linux OS AV Scanning in SEPM 12.1.2 ?

    Posted Nov 19, 2012 11:03 PM

    cool, thanks Brian !