Endpoint Protection

 View Only

  • 1.  Symantec Endpoint Protection for Linux

    Posted Jun 15, 2011 05:46 AM

    We have Red Hat 5.XXX installed on some of our critical servers.

    Currently we are in SEPM 11 environment.. how can we deploy cllient version to these linux servers. Or is it a seperate installation all together?

     

    Would appreciate any links that can be provide useful to linux symantec antivirus

     

    What exactly does this antivirus for linux protect? as linux is immunse



  • 2.  RE: Symantec Endpoint Protection for Linux
    Best Answer

    Trusted Advisor
    Posted Jun 15, 2011 08:12 AM

    Hello,

    Symantec Endpoint Protection version 11 does not support Linux environment. There is no SEP for Linux. There is SAV for Linux (SAVFL) which is included on the SEP disk download. I think that's where the confusion is coming from.

     

    The SAVFL client cannot be managed by the SEPM, although it can report logs back to the SEPM by using SAV Reporter, which was released after SAVFL 1.0.10, but can be downloaded from the following KB article.
     
    Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes 
     
    The SAVFL client is 32-bit only. If you take a look at the RPM packaging you will see that the only package that has a 64-bit version is the savap package (AutoProtect), which understandably needs it as it has to hook into the kernel. While the deb packaging has separate 64-bit packages for each one, there binaries are still 32-bit. You'll notice this if you've tried to install and use SAV on a 64-bit debian based system without ia32-libs installed.
     
    If you really need to confirm that the binary is 32-bit, you can use the file command.
     file /opt/Symantec/symantec_antivirus/sav

    and it should produce an output such as this (note this is from my Ubuntu 10.10 64-bit machine and is showing a 32-bit executable)

     

     /opt/Symantec/symantec_antivirus/sav: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.4.3, stripped

     

     

     

    Again, SEP 12.1 would have packages for Linux. SEP 12.1 will not manage Linux. 

    NOTE: SEP 12.1 is under BETA and would be Released anytime this year.

    Key Features

    • Unmatched protection from the world leader in security
    • Seamlessly integrates antivirus, antispyware, firewall, and intrusion prevention as well as network access, device and application control (Symantec Endpoint Protection only)
    • Requires only a single agent
    • Powerful central management of security for physical and virtual Windows and Mac endpoints
    • Enables instant NAC upgrade without additional software deployment (Symantec Endpoint Protection only)
    • Antivirus and antispyware for Windows, Mac and Linux clients (Linux – Symantec Endpoint Protection only)
    • Built to secure your virtual infrastructure

    Reference:

    http://www.symantec.com/business/theme.jsp?themeid=sep12-beta

    Again, SEP Linux could not be Managed from SEPM.