Implementation Guide
Page 8
... your product licenses 64 Checking license status 64 Downloading a license file 65 Licensing enforcement rules 65 Backing up your license files 66 Recovering a deleted license 67 Importing a license 67 About multi-year licenses 68 Licensing an unmanaged client 68 Preparing for client installation 71 Preparing for client installation 71 Preparing Windows operating systems for remote deployment 72 Installing the Symantec Endpoint Protection Small Business Edition client 75 About client deployment methods 75 Deploying clients using a Web link and email 76 Deploying clients by using...
... your product licenses 64 Checking license status 64 Downloading a license file 65 Licensing enforcement rules 65 Backing up your license files 66 Recovering a deleted license 67 Importing a license 67 About multi-year licenses 68 Licensing an unmanaged client 68 Preparing for client installation 71 Preparing for client installation 71 Preparing Windows operating systems for remote deployment 72 Installing the Symantec Endpoint Protection Small Business Edition client 75 About client deployment methods 75 Deploying clients using a Web link and email 76 Deploying clients by using...
Implementation Guide
Page 9
... settings and policy settings 88 Upgrading to a new release 90 Migrating a management server 90 Stopping and starting the management server service 91 Disabling LiveUpdate in Symantec AntiVirus before migration 92 Disabling scheduled scans in Symantec System Center when you migrate client computers 93 Turning off the roaming service 93 Uninstalling and deleting reporting servers 94 Unlocking server groups in Symantec System Center 95 About upgrading client software 95 Upgrading clients by using AutoUpgrade 96 Managing protection on Symantec Endpoint Protection Small Business Edition...
... settings and policy settings 88 Upgrading to a new release 90 Migrating a management server 90 Stopping and starting the management server service 91 Disabling LiveUpdate in Symantec AntiVirus before migration 92 Disabling scheduled scans in Symantec System Center when you migrate client computers 93 Turning off the roaming service 93 Uninstalling and deleting reporting servers 94 Unlocking server groups in Symantec System Center 95 About upgrading client software 95 Upgrading clients by using AutoUpgrade 96 Managing protection on Symantec Endpoint Protection Small Business Edition...
Implementation Guide
Page 11
... 163 Managing Download Insight detections 165 How Symantec Endpoint Protection Small Business Edition uses reputation data to make decisions about files 169 How Symantec Endpoint Protection Small Business Edition protection features work together 170 Enabling or disabling client submissions to Symantec Security Response 172 Managing the Quarantine 174 Using the Risk log to delete quarantined files on your client computers 175 Managing the virus and spyware notifications that appear on client computers 176 Customizing scans 179 Customizing the virus and spyware scans that run on Windows...
... 163 Managing Download Insight detections 165 How Symantec Endpoint Protection Small Business Edition uses reputation data to make decisions about files 169 How Symantec Endpoint Protection Small Business Edition protection features work together 170 Enabling or disabling client submissions to Symantec Security Response 172 Managing the Quarantine 174 Using the Risk log to delete quarantined files on your client computers 175 Managing the virus and spyware notifications that appear on client computers 176 Customizing scans 179 Customizing the virus and spyware scans that run on Windows...
Implementation Guide
Page 12
... that Symantec Endpoint Protection Small Business Edition takes when it makes a detection 190 Allowing users to view scan progress and interact with scans 192 Managing SONAR 195 About SONAR 195 About the files and applications that SONAR detects 196 Managing SONAR 196 Monitoring SONAR detection results to check for false positives ......... 198 Enabling or disabling SONAR 200 Managing Tamper Protection 201 About Tamper Protection 201 Changing Tamper Protection settings 202 Managing firewall protection 205 Managing firewall protection 205...
... that Symantec Endpoint Protection Small Business Edition takes when it makes a detection 190 Allowing users to view scan progress and interact with scans 192 Managing SONAR 195 About SONAR 195 About the files and applications that SONAR detects 196 Managing SONAR 196 Monitoring SONAR detection results to check for false positives ......... 198 Enabling or disabling SONAR 200 Managing Tamper Protection 201 About Tamper Protection 201 Changing Tamper Protection settings 202 Managing firewall protection 205 Managing firewall protection 205...
Implementation Guide
Page 13
... scans 245 Excluding file extensions from virus and spyware scans 245 Forcing scans to detect an application 246 Specifying how Symantec Endpoint Protection Small Business Edition handles an application that scans detect or that users download 247 Excluding a trusted Web domain from scans 247 Creating a Tamper Protection exception 248 Restricting the types of exceptions that users can configure on client computers 249 Creating exceptions from log events in Symantec Endpoint Protection Manager 249 Configuring updates and updating client computer protection 251 Managing content updates...
... scans 245 Excluding file extensions from virus and spyware scans 245 Forcing scans to detect an application 246 Specifying how Symantec Endpoint Protection Small Business Edition handles an application that scans detect or that users download 247 Excluding a trusted Web domain from scans 247 Creating a Tamper Protection exception 248 Restricting the types of exceptions that users can configure on client computers 249 Creating exceptions from log events in Symantec Endpoint Protection Manager 249 Configuring updates and updating client computer protection 251 Managing content updates...
Implementation Guide
Page 19
... make decisions about files. Introducing Symantec Endpoint Protection Small Business Edition 19 What's new in version 12.1 Table 1-1 New features in version 12.1 Feature Description Better security against The most significant improvements include the following technologies: ■ SONAR replaces the TruScan technology to identify malicious behavior of unknown threats using heuristics and reputation data. Download Insight uses reputation information from the files to Symantec for clients that the application files are directed at all times...
... make decisions about files. Introducing Symantec Endpoint Protection Small Business Edition 19 What's new in version 12.1 Table 1-1 New features in version 12.1 Feature Description Better security against The most significant improvements include the following technologies: ■ SONAR replaces the TruScan technology to identify malicious behavior of unknown threats using heuristics and reputation data. Download Insight uses reputation information from the files to Symantec for clients that the application files are directed at all times...
Implementation Guide
Page 20
...Mac clients on page 285. ■ Improved status reporting automatically resets the Still Infected Status for Windows clients" on files at risk. See "About the preconfigured notifications" on Symantec Endpoint Protection Manager for Windows clients" on page 56. ■ The Symantec Endpoint Protection Manager logon screen enables you . The events include when new client software is idle, has outdated content, or has been disconnected, which uses less memory. See "Customizing Auto-Protect for Symantec Endpoint Protection Small Business Edition. See "Licensing Symantec...
...Mac clients on page 285. ■ Improved status reporting automatically resets the Still Infected Status for Windows clients" on files at risk. See "About the preconfigured notifications" on Symantec Endpoint Protection Manager for Windows clients" on page 56. ■ The Symantec Endpoint Protection Manager logon screen enables you . The events include when new client software is idle, has outdated content, or has been disconnected, which uses less memory. See "Customizing Auto-Protect for Symantec Endpoint Protection Small Business Edition. See "Licensing Symantec...
Implementation Guide
Page 21
... Symantec Endpoint Protection Manager now supports the following new installation process features: ■ You can upgrade to the current version of the product while the legacy clients stay connected and protected. ■ A new quick report for both physical systems and virtual systems. You need combinations of all the protection technologies to integrate multiple types of protection on page 41. Symantec Endpoint Protection Small Business Edition combines traditional scanning, behavioral analysis, intrusion prevention, and community intelligence into a superior security...
... Symantec Endpoint Protection Manager now supports the following new installation process features: ■ You can upgrade to the current version of the product while the legacy clients stay connected and protected. ■ A new quick report for both physical systems and virtual systems. You need combinations of all the protection technologies to integrate multiple types of protection on page 41. Symantec Endpoint Protection Small Business Edition combines traditional scanning, behavioral analysis, intrusion prevention, and community intelligence into a superior security...
Implementation Guide
Page 22
...IPS scans network traffic and files for software. reaching the computer that the downloads are not malware. If the administrator permits attacks that the ■ Browser Intrusion Prevention scans for the data patterns that Symantec Endpoint Protection Small Business Edition provides Table 1-2 Layers of protection Protection type Description Benefit Virus and Spyware Protection Virus and Spyware Protection protects Virus and Spyware Protection detects new computers from or written to attack the client computer. Network Threat Network Threat Protection...
...IPS scans network traffic and files for software. reaching the computer that the downloads are not malware. If the administrator permits attacks that the ■ Browser Intrusion Prevention scans for the data patterns that Symantec Endpoint Protection Small Business Edition provides Table 1-2 Layers of protection Protection type Description Benefit Virus and Spyware Protection Virus and Spyware Protection protects Virus and Spyware Protection detects new computers from or written to attack the client computer. Network Threat Network Threat Protection...
Implementation Guide
Page 23
Zero-day attacks may be used in targeted attacks and in your network. Introducing Symantec Endpoint Protection Small Business Edition 23 About the types of threat protection that Symantec Endpoint Protection Small Business Edition provides Table 1-2 Layers of protection (continued) Protection type Description Benefit Proactive Threat Proactive Threat Protection uses SONAR to SONAR examines programs as reputation data to the client. SONAR uses are the new vulnerabilities that each protection by monitoring processes and threats as spyware definitions. vulnerabilities...
Zero-day attacks may be used in targeted attacks and in your network. Introducing Symantec Endpoint Protection Small Business Edition 23 About the types of threat protection that Symantec Endpoint Protection Small Business Edition provides Table 1-2 Layers of protection (continued) Protection type Description Benefit Proactive Threat Proactive Threat Protection uses SONAR to SONAR examines programs as reputation data to the client. SONAR uses are the new vulnerabilities that each protection by monitoring processes and threats as spyware definitions. vulnerabilities...
Implementation Guide
Page 25
... Small Business Edition You can modify these settings to perform disaster recovery. Troubleshooting Symantec Endpoint Protection Small Business Edition If you have problems installing or using the product, Symantec Endpoint Protection Manager includes resources to use Symantec Endpoint Protection Small Business Edition. See "Managing protection on client computers" on page 31. Introducing Symantec Endpoint Protection Small Business Edition 25 Protecting your network with Symantec Endpoint Protection Small Business Edition Protecting your network with default settings and policies...
... Small Business Edition You can modify these settings to perform disaster recovery. Troubleshooting Symantec Endpoint Protection Small Business Edition If you have problems installing or using the product, Symantec Endpoint Protection Manager includes resources to use Symantec Endpoint Protection Small Business Edition. See "Managing protection on client computers" on page 31. Introducing Symantec Endpoint Protection Small Business Edition 25 Protecting your network with Symantec Endpoint Protection Small Business Edition Protecting your network with default settings and policies...
Implementation Guide
Page 27
... displays the most current one to install and configure Symantec Endpoint Protection Small Business Edition (continued) Action Description Install the client Deploy the client software. Introducing Symantec Endpoint Protection Small Business Edition 27 Protecting your network with Symantec Endpoint Protection Small Business Edition Table 1-4 Tasks to two heartbeats. software with the Client See "Deploying clients using a Web link and email" on page 109. 3 On the client, check that the client is connected to enable protection. See "Using the policy serial number to check client...
... displays the most current one to install and configure Symantec Endpoint Protection Small Business Edition (continued) Action Description Install the client Deploy the client software. Introducing Symantec Endpoint Protection Small Business Edition 27 Protecting your network with Symantec Endpoint Protection Small Business Edition Table 1-4 Tasks to two heartbeats. software with the Client See "Deploying clients using a Web link and email" on page 109. 3 On the client, check that the client is connected to enable protection. See "Using the policy serial number to check client...
Implementation Guide
Page 28
... the correct level of security. See "Creating scheduled reports" on page 283. Check to ensure that scheduled scans have been successful and clients operate as expected Review monitors, logs, and the status of client computers to make sure that the client does not scan certain folders and files. See "Managing notifications" on page 273. See "Setting up administrator notifications" on page 182. See "Customizing Auto-Protect for Symantec Endpoint Protection Small Business Edition" on page 240. You...
... the correct level of security. See "Creating scheduled reports" on page 283. Check to ensure that scheduled scans have been successful and clients operate as expected Review monitors, logs, and the status of client computers to make sure that the client does not scan certain folders and files. See "Managing notifications" on page 273. See "Setting up administrator notifications" on page 182. See "Customizing Auto-Protect for Symantec Endpoint Protection Small Business Edition" on page 240. You...
Implementation Guide
Page 29
.... Or, if you create a new group structure, you need for each group have the same level of threat protection that Symantec Endpoint Protection Small Business Edition provides" on the group that are the same type, such as Windows or Mac computers. Modifying protection Symantec Endpoint Protection Manager includes default policies for protection with Symantec Endpoint Protection Small Business Edition Managing protection on client computers You use a single management console to adjust settings over time based on page 107. See "About the types of security. The computers in...
.... Or, if you create a new group structure, you need for each group have the same level of threat protection that Symantec Endpoint Protection Small Business Edition provides" on the group that are the same type, such as Windows or Mac computers. Modifying protection Symantec Endpoint Protection Manager includes default policies for protection with Symantec Endpoint Protection Small Business Edition Managing protection on client computers You use a single management console to adjust settings over time based on page 107. See "About the types of security. The computers in...
Implementation Guide
Page 31
... troubleshoot Task Description Fixing installation problems You can use Symantec Endpoint Protection Small Business Edition. See "Maintaining your product licenses" on page 289. See "Establishing communication between the management server and email servers" on page 64. Preparing for what your license covers. Table 1-8 Common issues you have too many deployed clients for disaster recovery To help mitigate a case of specific management server files. Reconfiguring servers You can perform to provide the details on the Symantec Support Web site. See "Configuring Symantec...
... troubleshoot Task Description Fixing installation problems You can use Symantec Endpoint Protection Small Business Edition. See "Maintaining your product licenses" on page 289. See "Establishing communication between the management server and email servers" on page 64. Preparing for what your license covers. Table 1-8 Common issues you have too many deployed clients for disaster recovery To help mitigate a case of specific management server files. Reconfiguring servers You can perform to provide the details on the Symantec Support Web site. See "Configuring Symantec...
Implementation Guide
Page 66
... Endpoint Protection Manager do not require a license. For instance, the license makes no distinction between a computer that uses Windows and one that you back up your license files. For instance, a license covers installations where version 11.x and 12.x clients are located in the directory where you saved the files to the Symantec Endpoint Protection Small Business Edition clients. Small Business Edition upgrades Clients licensed as Symantec Endpoint Protection Small Business Edition Small Business Edition remained licensed as Small Business Edition clients when the Symantec Endpoint...
... Endpoint Protection Manager do not require a license. For instance, the license makes no distinction between a computer that uses Windows and one that you back up your license files. For instance, a license covers installations where version 11.x and 12.x clients are located in the directory where you saved the files to the Symantec Endpoint Protection Small Business Edition clients. Small Business Edition upgrades Clients licensed as Symantec Endpoint Protection Small Business Edition Small Business Edition remained licensed as Small Business Edition clients when the Symantec Endpoint...
Implementation Guide
Page 78
... Installing the Symantec Endpoint Protection Small Business Edition client About client deployment methods Remote Push performs the following actions: ■ Select an existing client installation package or create a new installation package. ■ For new installation packages, configure package deployment settings ■ Locate computers on your network. Remote Push locates the computers that you specify or the computers that are discovered to be unprotected. ■ Push the client software to the computers that you should use a domain administrative account...
... Installing the Symantec Endpoint Protection Small Business Edition client About client deployment methods Remote Push performs the following actions: ■ Select an existing client installation package or create a new installation package. ■ For new installation packages, configure package deployment settings ■ Locate computers on your network. Remote Push locates the computers that you specify or the computers that are discovered to be unprotected. ■ Push the client software to the computers that you should use a domain administrative account...
Implementation Guide
Page 91
...Install the new management server Install the management server by using the Management Server Configuration Wizard. Follow the instructions in the wizard to configure the new server. Warning: If you do not stop the Symantec Endpoint Protection Manager service 1 Click Start > Settings > Control Panel > Administrative Tools > Services. 2 In the Services window, under Name, scroll to and right-click Symantec Endpoint Protection Manager. 3 Click Stop. Upgrading and migrating to Symantec Endpoint Protection Small Business Edition 91 Stopping and starting the management server service...
...Install the new management server Install the management server by using the Management Server Configuration Wizard. Follow the instructions in the wizard to configure the new server. Warning: If you do not stop the Symantec Endpoint Protection Manager service 1 Click Start > Settings > Control Panel > Administrative Tools > Services. 2 In the Services window, under Name, scroll to and right-click Symantec Endpoint Protection Manager. 3 Click Stop. Upgrading and migrating to Symantec Endpoint Protection Small Business Edition 91 Stopping and starting the management server service...
Implementation Guide
Page 141
... a template as a template. The scan templates can use any other application that you configure multiple policies. Triggered scans run Symantec Endpoint Protection Small Business Edition version 12.1 and later. If a computer is only supported on page 195. A scheduled scan template is configured to make decisions about applications or files. See "About SONAR" on Windows computers that run when the users log on the client computers at designated times. Note: Only custom scans are downloaded to the computers. You...
... a template as a template. The scan templates can use any other application that you configure multiple policies. Triggered scans run Symantec Endpoint Protection Small Business Edition version 12.1 and later. If a computer is only supported on page 195. A scheduled scan template is configured to make decisions about applications or files. See "About SONAR" on Windows computers that run when the users log on the client computers at designated times. Note: Only custom scans are downloaded to the computers. You...
Implementation Guide
Page 293
... deleted deliberately by the administrator in an upgraded installation: Send It can affect which default notification conditions may cause a large number of notifications to Symantec Endpoint Protection Small Business Edition from the previous version are disabled in each default notification condition in the previous installation. The following action settings are preserved. When the software is upgraded, the Client package setting is enabled and the Security definitions setting is added in the New software package condition: Client package and Security...
... deleted deliberately by the administrator in an upgraded installation: Send It can affect which default notification conditions may cause a large number of notifications to Symantec Endpoint Protection Small Business Edition from the previous version are disabled in each default notification condition in the previous installation. The following action settings are preserved. When the software is upgraded, the Client package setting is enabled and the Security definitions setting is added in the New software package condition: Client package and Security...