Endpoint Protection

 View Only

  • 1.  SEP Installation

    Posted Jun 30, 2009 09:03 AM
    HI,
    Please help me as we are facing a huge challenge in SEP Installation

    Scenario: 250 Branches spread over different geographical locations , One Head Office, more than 1000 clients.

    We have to deploy SEP to all of these. all the branches except Head Office have no access to internet, all branches have their own different IP address ie one branch has 192.168.1.2 another 172.16.1.1.
    As the branches have no connectivity , how to upate them?????
    We are  looking for a solution of remote deployment of all the clients from head office,
    can any body help us out ???



  • 2.  RE: SEP Installation
    Best Answer

    Posted Jun 30, 2009 09:24 AM
    Hi Parag,

                       Considering the scenario mentioned by you I would suggest the following options.


    Install SEPM at the Head Office Site.
    Create client packages as per your requirement.
    Deploy it to the Head Office Clients first.

    You mentioned that there is no internet connection available at any of the branches except the Head Office. However if I undertsand you correctly there would be a LAN or WAN connectivity between these branches right?. If the answer is YES then you can keep the client package that you have created at a shared resource on each branch office, thereby the clients can install the endpoint protection from this location. As far as the updates are concerned since the Head Office has internet connectivity and the SEPM is installed there it would take the updates and distribute it to the clients.

    In case you face any difficulty you can also burn the client package on to a CD and then send it accross to the branches(if it is feasible) and they can install endpoint protection.

    There would be a file named administration_guide.pdf(CD1\Dodumentation\administration_guide.pdf) in CD1 this file would be of great help in case you get stuck in between the deployment

    Please revert in case of any help


  • 3.  RE: SEP Installation

    Posted Jun 30, 2009 01:18 PM
     SEP can do what you want.

    However, it would perform even better if you integrated Altiris into the mix, not just for initial deployment, but also for updates.  

    Talk to your local Symantec Sales rep for more info.


  • 4.  RE: SEP Installation

    Broadcom Employee
    Posted Aug 02, 2009 01:18 AM
    Hello Parag,

    If you have a Domain environment, you may deploy the SEP client installation package using the Active Directory GPO method.

    Please check the following link about the same.

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/1567ed64d24c8b0649257502000a5699?OpenDocument

    Also, once you have successfully deployed SEP to all your machines, since you have 250 Branches spread over different geographical locations, you may configure one client at each location as a Group Update Provide (GUP) so that the GUP client will update the definitions from the SEP Manager and distribute them locally to the clients at that location. This will save the network bandwidth as not all the clients but just the GUP will contact SEPM for content updates.

    Note that the clients will still get all the policies from SEPM.

    The following link explains on how to set up a GUP.

    How to: Setup a Group Update Provider (GUP)

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/39e094426b9d082588257456006d4ac6?OpenDocument

    Please let me know if this is helpful.



  • 5.  RE: SEP Installation

    Posted Aug 02, 2009 09:22 AM
    If you are having a problem on updating all of the clients in all of your branches, I believe you must create an liveupdate administrator to push the virus defintion update to your clients.


  • 6.  RE: SEP Installation

    Broadcom Employee
    Posted Aug 02, 2009 11:21 AM
    I think Parag has mentioned earlier that they do not have internet connectivity at their Branch offices so LUA cannot be the option there. :-)


  • 7.  RE: SEP Installation

    Trusted Advisor


  • 8.  RE: SEP Installation

    Trusted Advisor
    Posted Aug 05, 2009 09:16 PM
    How to configure GUP bandwidth throttling in Symantec Endpoint Protection 11.0 MR4?


    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/1d395b5bec0673ae8025752200793c17?OpenDocument