Endpoint Protection

 View Only
  • 1.  Managing sepm through a hardware firewall

    Posted Feb 23, 2010 08:01 PM
    Hi
    Does anyone know what is required to manage a Symantec Endpoint Client using the management console through a hardware. From what I have seen it requires microsoft file sharing which would be difficult.


  • 2.  RE: Managing sepm through a hardware firewall



  • 3.  RE: Managing sepm through a hardware firewall

    Posted Feb 23, 2010 11:50 PM
    First find out  in which port SEPM is installed.(Mostly it will be 80 if MR2 or earlier or it will be 8014 if you are using a later version.This port client uses for communicating with SEPM.This port is configurable at the time of installation.).If you are using GUP for updation it will use the port 2967(This is default and it is configurable also).If you are using a remote Java console it will use the port 9090 and 8443.Sharing ports are required only while  you are deploying client packages from SEPM.


  • 4.  RE: Managing sepm through a hardware firewall

    Posted Feb 25, 2010 11:54 PM
    Thanks for that the key ports are already available as per the document. I have tailored rules for MR4.
    The problem is registering a client to be managed where the client is the other side of the firerwall and windows sharing is not allowed through the firewall.
    The initial registration of the client through the SEPM looks for the workgroup name and this then fails to register the client computer.
    Also with the deployment of client packages is there an alternate mechanism as it rather than a shared directory that will still allow for automation through the SEMP GUI

    Again thanks for the comments both were helpful but not the solution


  • 5.  RE: Managing sepm through a hardware firewall

    Posted Feb 26, 2010 12:02 AM
    I don't think sharing ports are req. for initial registration,it may be some other problem.Can you get the logs ,below doc can help you in this 
    SylinkWatcher and SylinkMonitor - tools for real-time debugging of SPA 5.x and SEP 11.x


  • 6.  RE: Managing sepm through a hardware firewall

    Posted Feb 26, 2010 12:43 AM
    Can you check this document?

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/40542f09324e61fdca257582007472c5?OpenDocument
     


  • 7.  RE: Managing sepm through a hardware firewall

    Posted Mar 22, 2010 12:37 AM
    I have tried to manage the remote client as per remote management instructions and the client belives that it is connected to a manager. But the problem is there is no way to add the client to the SEPM without a domain name or workgroup. We do not have a domain name and the workgroup requires windows sharing. Whilst the client will pull its data from the SEPM server the SEPM server does not report the status of the client


  • 8.  RE: Managing sepm through a hardware firewall

    Posted Mar 22, 2010 01:05 AM
    Are you able to see the client in SEPM console?
    In the client if you go to help and support--->troubleshooting what is the server name and group name it shows?