Endpoint Protection

 View Only
  • 1.  SEP 12.1 cloud solution

    Posted Sep 13, 2012 04:42 PM

    Hi,

    I wish to implement SEP 12.1  antivirus syamntec client status update / communiation detail with SEPM Manager over clound.

    Automated updates occur transparently over an Internet connection to help keep employee systems current and consistent with policies whether they are in the office or on the road – even when they’re not logged into the VPN.

    Currently SEPM in Internal Netowork & sales SEP clients are outside of office or over Internet based.

    Note:

    1) I don't want to purchase new software.

    2) can implement new server or SEP Manager integrated with existing SEPM Database.

    Please provide me start to end design, requirement (Ports etc) & configuration detail.

    Thanks,

    Jayant Salunkhe

     



  • 2.  RE: SEP 12.1 cloud solution

    Trusted Advisor
    Posted Sep 14, 2012 03:24 AM
      |   view attached

    Hello,

    I believe you are talking about Symantec Endpoint Protection.cloud.

    http://www.symanteccloud.com/en/sg/index.aspx

    I would recommend you to check the FAQ (attached) on Symantec Endpoint Protection.cloud which may assist you.

    NOTE: Symantec Endpoint Protection 12.1 and Symantec Endpoint Protection.cloud are 2 different products.

    Symantec Endpoint Protection 12.1 is primarily an on-premise product, whereby Symantec Endpoint Protection.cloud offers comprehensive cloud-based security services, which includes real time visibility and management of each endpoint regardless of the of geographic location or network environment.

    Check this Download / Article: Symantec Endpoint Protection.cloud

    Hope that helps!!

     

    Attachment(s)

    pdf
    SEP_Cloud_FAQ_SG_Nov11.pdf   216 KB 1 version


  • 3.  RE: SEP 12.1 cloud solution

    Posted Sep 14, 2012 04:11 AM

    While what you're trying to achieve is possible, it can be fairly complex to design and setup.

    I'd highly recommend you contact Symantec for Professional Services, who can then put you in touch with a qualified Symantec Partner (such as ourselves) for aid in designing this.



  • 4.  RE: SEP 12.1 cloud solution

    Posted Sep 14, 2012 01:01 PM

    When you have your SEP infrastructure in your network available, why not put a redirect on your external firewall or a load balancer etc. on the edge to provide access for your clients to the SEP infrastructure. Or you could setup a SEPM in DMZ.

    In general you can do a authentication based on a certificate or others methods to secure the access to your SEP Infrastructure.

    In that way you can manage your clients even when they are connected to the Internet, without a VPN or anything.

    Based on your SEP Policies you can use locations to setup specifc management server lists for your locations like Internet gets the one with the external DNS/IP etc.

    Regarding locations the following article you may like.

    https://www-secure.symantec.com/connect/articles/use-case-location-awareness-and-network-threat-protection-sep-1112

    Then there is another possibility, but for this probably you would need Professional Services. This would be based on a webserver like apache that is a caching server for your internal SEPM on the edge.

     

    Hope this helps

    cheers toby



  • 5.  RE: SEP 12.1 cloud solution

    Posted Sep 25, 2012 12:07 PM

    We are deciding to setup a SEP Manager in DMZ that integrates with intranet SEPM server.

    1) which ports need to open

    2) steps to instal SEPM in DMZ

    3) pre-requisite lists.

    4) how to configure sylink on SEPM & client machine.

    Please suggest.

    Mangesh/Jayant



  • 6.  RE: SEP 12.1 cloud solution



  • 7.  RE: SEP 12.1 cloud solution

    Posted Sep 25, 2012 12:22 PM

    Best Practices: Configuring a Symantec Endpoint Protection environment in a DMZ

    http://www.symantec.com/business/support/index?page=content&id=TECH178325

    Check this thread also

    http://www.symantec.com/connect/forums/sepm-dmz-deployment-best-practice



  • 8.  RE: SEP 12.1 cloud solution

    Posted Sep 25, 2012 12:27 PM

    You need to follow this document

    How to allow Symantec Endpoint Protection clients in a remote location to be managed by a Symantec Endpoint Protection Manager that's behind a NAT device

    http://www.symantec.com/business/support/index?page=content&id=TECH93033



  • 9.  RE: SEP 12.1 cloud solution

    Posted Sep 25, 2012 04:45 PM

    Maybe an eaiser and more secure option would be to utilize Location Awareness and setup an On Network policy which has the clients recieve their updates from the SEPM.  And an Off Network policy that directs those that are not on the network to get updates from Symantecs Liveupdate Servers.