Endpoint Protection

Hi,

Unless I missed it, I did not see the communication path ports and protocol requirements for SAVFL  to send logs to SEPM via the SAVFL reporter tool.  Does anyone know how SAVFL reporter communicates to SEPM regarding the ports and protocals?  I need to submit a Change Request to the firewall admin and he needs to know what to open up. Thank you!

 this port is 8014

where servername is the SEPM server's name or IP address, and port is the reporting port (by default, this port is 8014

http://www.symantec.com/business/support/index?page=content&id=TECH157463

Disable the legacy upload option

1. From the Symantec Endpoint Protection Manager Console page, under "Security Status", click Preferences
2. Click Logs and Reports
3. Uncheck the radio button under "Legacy Support", Upload Symantec AntiVirus version 10.x log files
4. Restart IIS

1. From the Symantec Endpoint Protection Manager console page, under "Security Status", click Preferences
2. Click Logs and Reports
3. Check the radio button under "Legacy Support", Upload Symantec AntiVirus version 10.x log files
4. Restart IIS

ReportServerURL - Set the reporting server URL. The format is http://serverip:port/Reporting. The reporting server uses port 8014 by default. You must set the reporting server IP address and port number to enable the service to upload log records and inventory information.

Have a look at the SAVFL Reporter info:

http://www.symantec.com/business/support/index?page=content&id=DOC3474

This new article may be of interest to followers of this thread...

SAV for Linux: A (Somewhat) Illustrated Guide Part 4: SAVFL Reporter
https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-4-savfl-reporter